Introduction
Are you looking for a work environment where diversity and inclusion thrive? Submit your application for our Information Protection Consultant opening with HCA Healthcare today and find out what it truly means to be a part of the HCA Healthcare team.
Job Summary
The Information Protection Consultant Analyst plays a critical role with the development and support of HCA Healthcare’s enterprise-wide information privacy and security program, as well as the Company’s compliance, governance, and strategy relative to information protection. The Consulting Analyst proactively identifies and mitigates risks, particularly with regard to the development of strategy initiatives to reduce HIPAA-related violations, particularly those that rise to the level of a breach. The Consulting Analyst interacts extensively with leadership and business owners across the enterprise and provides consultative support to all Facility Information Security Officials (FISOs), Directors of Division Information Security Assurance (DISAs), Facility Privacy Officials (FPOs), Ethics and Compliance Officers (ECOs), legal operations, litigation, and labor counsel, as well as many others on all privacy and security related matters.
Major Responsibilities:
- Leads the incident response team specific to the analysis, diligence and resolution of reportable issues and other such complex matters with special circumstances, and issues discovered during privacy and security reviews and/or assessments of applications, processes, and technology infrastructure.
- Leads inquiries, the data response process, and issue resolution with compliance reviews and investigations invoked by the U.S. Department of Health and Human Services’ Office for Civil Rights or other external regulatory and law enforcement agencies.
- Consulting services for third party vendor initiatives.
- Acts as a privacy subject matter expert relative to the application of the HIPAA Privacy Rule, HITECH Act, and company policies and procedures.
- Participates in the development of the company privacy risk assessment strategy to review business processes and evaluate privacy controls necessary to protect sensitive and restricted information.
- Identifies, minimizes and mitigates legal and regulatory privacy and security compliance risks.
- Identifies trends and educational opportunities relative to privacy and security issues and recommends and/or develops tools and resources to address them.
- Develops strategic working relationships across all lines of business and project partners (e.g., the Clinical Services Group, Internal Audit, Legal, Ethics and Compliance, Parallon, HealthTrust) as necessary to identify, evaluate, and reduce privacy and security risks.
- Assists with developing privacy training resources and collaterals, and presenting those to the privacy officials in the facilities.
Other/Special Qualifications:
- Strong strategic thinker, problem solving and analytical skills.
- Proven experience in information security, privacy, risk management, and privacy and security regulations (e.g., HITECH, HIPAA).
- A proven track record in creating and maintaining strong business relationships.
- Excellent written and verbal communications skills; interpersonal and collaborative skills; creative and strategic thinker with strong analytical skills; the ability to communicate privacy, security, and risk-related concepts to technical and non-technical audiences; persuasive, encouraging, motivating and inspiring.
- Independent, yet collaborative; respected by peers and others.
- High degree of initiative, dependability, and the ability to work with minimal supervision.
- Adaptable and flexible, with the ability to handle ambiguity and sometimes changing priorities.
- Professional demeanor, appearance, and positive attitude.
Education & Experience:
- Bachelor's degree and 7 years’ experience or
- 14+ years of proven experience in privacy and security (e.g., HIPAA, HITECH) or other similar federal healthcare legislation in lieu of degree.
Licenses, Certifications, & Training:
- CHP, RHIA, RHIT, HCISSP, CISSP Preferred
Additional Information:
- Candidate must live in/near the Greater Nashville, TN area or be willing to relocate to the area.
- Hybrid role once training has been completed.
If you find this opportunity compelling, we encourage you to apply for our Information Protection Consultant opening. We promptly review all applications. Highly qualified candidates will be directly contacted by a member of our team. We are interviewing apply today!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
#J-18808-Ljbffr