Director Of Privacy Operations

Position Title: Director of Privacy Operations

Remote

Responsibilities (External Focused):

• Collaborate with the business development team to identify new opportunities, assist with sales pursuits, provide demos, respond to RFPS and provide subject matter expertise as needed during the sales cycle.

• Develop and refine our go to market strategy including product features and functionality, targeted segments, buyer personas and messaging.

• Assist with training and implementation for new prospects and current customers

• Provide consulting and advisory services to clients and customers

• Create content and thought leadership that can be used for lead generation and brand awareness on relevant industry topics including HIPAA, GDPR, state and federal regulatory events (i.e. Cures Act), general regulatory compliance (GRC) and other privacy, security and compliance trends

• Work closely with our product team to ensure our SaaS solution continues to meet the needs of Privacy leaders.

• Ensures customer privacy forms, policies, standards, and procedures are up to date with the latest regulatory changes.

• Assist with preparing sales proposals, pitch decks and agreements as requested by prospects

• Prepare and attend industry events, propose and deliver speaking engagements and webinars to CPS customers and prospects.

• Ability to translate state and federal regulatory requirements into a strategy that can lead to revenue growth

• Works closely with the Director of Cybersecurity to ensure alignment between security and privacy compliance SMEs, applications, content and services for various CPS revenue generating programs.

• Partner with marketing to develop digital strategies and lead generation campaigns.

• Maintain a profitable practice while leading internal team members as they perform their roles in this subject matter area.

Requirements (Internally Focused):

• Partner with CPS and Genzeon’s administrative, legal and other related teams to represent the organization’s information privacy interests with external parties (state or local government)

• Ensure policies and processes that enable consistent and effective privacy practices, minimize risk and ensure the confidentiality of protected health information are assessed, implemented and remediated

• Update internal privacy forms, policies, standards, and procedures as needed.

• Collaborate with organization senior management, security, and corporate compliance officer to establish governance for the privacy program.

• Works closely with the information security officer to ensure alignment between security and privacy compliance programs including policies, practices and investigations, and acts as a liaison to the information systems department.

• Establishes, with the information security officer, an ongoing process to track, investigate and report upon inappropriate access and disclosure of protected health information for internal incidents and issues involving organizational privacy compliance.

• Conducts internal compliance monitoring activities in coordination with the both the CPS and Genzeon other compliance and operational assessment functions.

• Manages all internally required breach determination and notification processes under HIPAA and applicable State breach rules and requirements.

• Administers an internal process for investigating and acting on privacy and security complaints.

• Initiates, facilitates and promotes activities to foster information privacy awareness within CPS and related entities.

• Maintains current knowledge of applicable federal and state privacy laws and accreditation standards for internal compliance.

• Cooperates with the U.S. Department of Health and Human Service’s Office for Civil Rights, State regulators and/or other legal entities in any compliance reviews or investigations.

Qualifications:

• Bachelor’s level required. Master’s or other advanced degree is desirable.

• Five years direct experience with the management of health information, which must include privacy.

• Credentials from credible academic institutions (organizations) such as AHIMA and HCCA are required. Privacy centric credentials are preferred, but compliance credentials are also a benefit.

o Recommended privacy certification such as Certified in Healthcare Privacy and Security (CHPS) and/or other healthcare industry related credential, e.g. RHIA, RHIT.

• Knowledge and experience in state and federal information privacy laws, including but not limited to HIPAA, Cures Act and at least some GDPR, State breach and privacy laws. ISO and other global standards, especially for privacy, but secondarily for security are encouraged.

• Dynamic speaker with strong communication and presentation skills. Must have successfully presented at local, state and national events

• Experience implementing, delivering, supporting and/or selling SaaS solutions

• Experience providing consulting and advisory services