Director - Privacy Office

at Health Care Service Corporation in Chicago, Illinois, United States

Job Description

At HCSC, we consider our employees the cornerstone of our business and the foundation to our success. We enable employees to craft their career with curated development plans that set their learning path to a rewarding and fulfilling career.

Come join us and be part of a purpose driven company who is invested in your future!
Job Summary
This position oversees organizational compliance with legislation, regulations and mandates with a focus on privacy laws and regulations. This includes developing and maintaining HCSC's privacy compliance program to support acceptable business practices and contracts, developing and implementing HCSC's privacy policies and procedures, managing HIPAA Security investigations, managing government complaints and supporting contract templates and negotiations.

This position oversees and monitors business area's mitigation and corrective action plans for ongoing compliance of regulatory issues. Oversight includes all ongoing activities related to the development, implementation, maintenance of, and access to, protected health information and sensitive personal information in compliance with federal including the Affordable Care Act and American Recovery and Reinvestment Act (ARRA) HITECH, state privacy, security and consumer notification laws, contractual obligations, and HCSC's information privacy policies.

Please note, this is a hybrid role which requires in-office hours, 3 days week.

Responsibilities include:

Development and implementation of corporate regulatory policies and procedures

* Develop and maintain HCSC's strong regulatory compliance architecture, with a focus on privacy, to ensure compliance is met and to sustain compliance is an increasingly regulated industry. Establish consistent regulatory policies and procedures.
* Provides development, guidance and assistance in the identification, implementation and maintenance of HCSC's information privacy policies and procedures in coordination with HCSC's management and administration, the Privacy Advisory Committee and legal counsel.
* Responsible for managing privacy, security and regulatory complaints from individuals and the government including Office for Civil Rights, Attorney General Office, DOI and CMS.
* Responsible for overseeing Privacy Office contracting processes for HCSC including customer and vendor agreements and papers, negotiations, annual template updates, and ad hoc updates as applicable.
* Business lead for new federal privacy laws and regulations including ARRA HITECH regulations; business associate agreements, enforcement, and breach notification.
* Oversee mitigation and corrective action plans for federal and state regulatory compliance issues in order to sustain compliance.
* Guide ongoing compliance to laws and regulations including privacy, security and confidentiality laws and regulations.
* Establish relationships with BCBSA and other Blue Cross and Blue Shield Plans to obtain perspectives of pending privacy laws and regulations.
* Collaborate with corporate security officer on cyber privacy and security policies and procedures.
* Lead an enterprise Privacy Workgroup for adopting corporate-wide privacy standards, policies and procedures.
* Provide leadership to HCSC's HIPAA and GLB privacy risk assessment and implementation initiatives.
* Ensure compliance with regulatory practices and condition application of sanctions for failure to comply with regulatory policies for all individuals in HCSC's workforce, extended workforce, and for all business associates, in cooperation with the Human Resource department, the information security officer, administrative and legal counsel as appropriate.
* Work with HCSC personnel involved with any aspect of release of Protected Health Information (PHI), and Sensitive Personal Information (SPI) to ensure full coordination and cooperation between HCSC's policies, procedures and legal requirements.
* Develop, and direct, deliver or ensure delivery of the HCSC Regulatory Training Program, which consists of initial and ongoing privacy orientation and training to all employees, contractors, and other appropriate third parties. This program is developed and implemented in conjunction with the Information Security Department and Compliance Department.
* Initiates, facilitates and promotes activities to foster awareness of regulatory... For full info follow application link.

HCSC is committed to diversity in the workplace and to providing equal opportunity and affirmative action to employees and applicants. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to workforce diversity and a drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.