Privacy Analyst

Description

The Privacy Analyst reports to the Emory Healthcare (EHC) Compliance and Privacy Office Leadership, the EHC Privacy Analyst will perform ongoing privacy monitoring activities to ensure compliance with applicable privacy laws and policies. In addition, this position assists in ongoing activities related to the development, implementation, maintenance, and adherence to EHC’s HIPAA privacy policies/procedures.

Key Responsibilities & Duties:

• Investigates and manages privacy incidents and breaches of protected health information (PHI).
• Reviews alerts, reports, & findings within Emory’s privacy monitoring tool.
• Performs investigations and preliminary reviews pertaining to the findings within EHC’s privacy monitoring tool.
• Oversees and performs privacy audits.
• Maintaining/reviewing privacy audit logs and explaining audit log events.
• Assists with privacy breach risk assessments, documentation, mitigation and notification activities.
• Assists with the response and investigation of privacy-related issues reported via the Emory Trust Line and to the EHC Compliance Office.
• Responsible for tracking privacy incidents.
• Works with Senior Compliance and Privacy Office leadership as well as other key clinical and operational leaders on privacy investigations, issues, and matters.
• Performs additional departmental duties as assigned.

 The ideal candidate for this position will possess:

• Experience working as a healthcare privacy and/or health information security professional managing privacy incident and investigating reported breaches of PHI.
• Knowledge of state and federal healthcare privacy laws.
• Excellent writing, communication, interpersonal, information technology, and analytical skills.

Knowledge, Skills, & Abilities requirements:

• Ability to work on a team and work independently, when needed.
• Ability to adjust to changing work demands and multi-task.
• Thorough attention to detail and strong, problem-solving skills.

Education and Experience requirements:

• Bachelor’s degree required.
• Minimum of one (1) to three (3) years of experience in a healthcare organization.
• Master’s (MA or MS) or Juris Doctorate (JD) degree may be considered in lieu of certifications and work experience.
• Either a Certification in Healthcare Privacy Compliance (CHPC) and/or a Certification in Healthcare Privacy and Security (CHPS) is preferred.