• HIPAA Privacy Expert

    Job Locations US-IL-Aurora
    Posted Date 2 months ago(2/22/2019 9:51 AM)
    # of Openings
  • Overview




    Looking for a way to influence the health and healthcare of many?


    If so, we’d love to hear from you! Our mission-driven organization is focused on theTriple Aim - Better Health, Better Healthcare and Lower Costs to individuals and their families who participate in our health plans.


    UNITE HERE HEALTH serves 100,000+ workers and 220,000 covered lives in the hospitality and gaming industry nationwide. Our desire to be innovative and progressive drives us to develop impactful programs and benefits designed to engage our participants in managing their own health and healthcare. Our vision is exciting and challenging. Please read on to learn more about this great opportunity!



    Key Attributes:


    • Integrity – Must be trustworthy and principled when faced with complex situations
    • Ability to build positive work relationships – Mutual trust and respect will be essential to the collaborative relationships required
    • Communication – Ability to generate concise, compelling, objective and data-driven reports
    • Teamwork – Working well with others is required in the Fund’s collaborative environment
    • Diversity – Must be capable of working in a culturally diverse environment
    • Continuous Learning – Must be open to learning and skill development.  As the Fund’s needs evolve, must be proactive about developing new areas of expertise
    • Lives our values – Must be a role model for the Fund’s BETTER Culture and Mission (Better, Engage, Teamwork, Trust, Empower, Respect)



    The purpose of this position is to develop, review, update and manage the Fund’s HIPAA privacy compliance program, including investigating and managing privacy and security incidents, supporting the management of breaches, responding to privacy complaints, analyzing privacy risks, and interacting with various business areas across the enterprise to ensure compliance with all relevant federal and state privacy regulations. In addition, this position will, with assistance of counsel, negotiate Business Associate Agreements and Data Use Agreements, oversee the privacy awareness program, maintain the HIPAA website as well as participate and support many other privacy initiatives and activities.


    • Reviews Business Associate Agreements (BAAs), oversees maintenance of BAAs, educates employees on when they are needed and fields questions
    • Receives, documents, tracks, and investigates complaints and incidents; prepares reports, findings and recommendations
    • Manages identified privacy breaches to ensure that all reports are filed, root cause analysis is performed and that controls are initiated to prevent further loss of protected health information 
    • Supports the Privacy Officer in ensuring proper reporting of violations or potential violations to oversight agencies as appropriate and/or required
    • Responds to workforce member inquiries regarding appropriate uses and disclosures of Protected Health Information (PHI); ensures consistent application of policies in response to such inquiries and consistent documentation of such requests
    • Collaborate with HIPAA Privacy Analyst in the creation and delivery of security and privacy awareness and compliance training to all employees, applicable contractors, and other parties; including new hire HIPAA orientation for new employees as well as ongoing training for all employees and managers
    • Develop, review and update policies, procedures, forms and processes to afford participants their privacy rights, including access and copy of their PHI, amendment of their PHI, accounting of disclosures of their PHI, requests for restrictions of the use and release of their PHI, requests for confidential communications, filing of complaints about privacy practices, and maintenance and dissemination of the Notice of Privacy Practices and ongoing maintenance of these materials to ensure alignment to current industry trends and regulatory changes
    • Oversees maintenance of documentation for facility access controls in all offices
    • Responsible for Privacy’s role in the Fund’s process for controlling employee access to information systems containing protected health information
    • Works collaboratively with HIPAA Security team regarding privacy issues related to electronic media or systems development
    • Performs ongoing activities to monitor and audit compliance with the organization’s policies and procedures, contractual obligations, individual privacy rights, and federal and state privacy and security regulations
    • Works across all departments to identify privacy risks, trends, vulnerabilities, and research solutions for risk mitigation
    • Develops, manages and implements privacy plans for specific risks identified due to operational or regulatory changes
    • Works with organizational stakeholders and senior management to ensure consistent application of privacy laws and regulations and to resolve common privacy issues
    • Maintains current knowledge of privacy regulations, including contractual and operational issues involving HIPAA and other regulations and laws affecting a national healthcare company, and assisting businesses and regions to adapt business practices when necessary to ensure compliance
    • Conducts research on privacy laws and policy issues, and pending privacy legislation and proposals
    • Supports the Privacy Officer with active participation on committees, task forces and working groups, by gathering information for, or providing advice, opinions, recommendations, or ideas to the Privacy Officer, including implementing the Fund’s new vendor/transaction HIPAA checklist
    • Provides reports on a regular basis, and as directed or requested, to keep the Privacy Officer apprised of the operation and progress of compliance efforts
    • Performs other duties as assigned within the scope of responsibilities and requirements of the job
    • Performs Essential Job Functions and Duties with or without reasonable accommodation


    Years of Experience and Knowledge

    • 4 ~ 6 years of direct experience minimum
    • Working knowledge and experience with researching, analyzing, and interpreting laws and regulations
    • Working knowledge and experience with HIPAA and state privacy laws
    • Experience in working in a matrix organization across multiple geographic areas
    • Experience reviewing and negotiating HIPAA-related contracts, including business associate agreements, data use agreements, and confidentiality agreements

     Education, Licenses, and Certifications

    • Bachelor's degree in Healthcare Administration or related field or equivalent work experience required


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed