Description

The Senior Privacy Analyst reports to Emory Healthcare (EHC) Compliance and Privacy Office Leadership. The EHC Senior Privacy Analyst will perform ongoing privacy monitoring activities to ensure compliance with applicable privacy laws and policies. In addition, this position leads and assists with ongoing activities related to the development, implementation, maintenance, and adherence to EHC¿s HIPAA privacy policies/procedures. Key Responsibilities & Duties: Investigates and manages privacy incidents and breaches of protected health information (PHI). Reviews alerts, reports, & findings within Emory¿s privacy monitoring tool. Performs investigations and preliminary reviews pertaining to the findings within EHC¿s privacy monitoring tool. Oversees and performs privacy audits. Maintaining/reviewing privacy audit logs and explaining audit log events. Leads privacy breach risk assessments, documentation, mitigation and notification activities. Leads the response and investigation of privacy-related issues reported via the Emory Trust Line and to the EHC Compliance Office. Responsible for tracking privacy incidents. Works with Senior Compliance and Privacy Office leadership as well as other key clinical and operational leaders on privacy investigations, issues, and matters. Assists with Business Associate Agreement reviews. Performs additional departmental duties, as assigned.

The ideal candidate for this position will possess: Experience working as a healthcare privacy and/or health information security professional managing privacy incidents and investigating reported breaches of PHI. Knowledge of state and federal healthcare privacy laws. Excellent writing, communication, interpersonal, information technology, and analytical skills.

Knowledge, Skills, & Abilities requirements: Ability to work on a team and work independently, when needed. Ability to adjust to changing work demands and multi-task. Thorough attention to detail and strong, problem-solving skills.

Education & Experience requirements: Bachelors degree required. Minimum of three (3) to five (5) years of experience in a healthcare organization working on privacy-related functions. Master¿s (MA or MS) or Juris Doctorate (JD) degree may be considered in lieu of certifications and work experience. Either a Certification in Healthcare Privacy Compliance (CHPC) and/or a Certification in Healthcare Privacy and Security (CHPS) is preferred.