HIPAA Security Analyst Portland, OR
Provides regional information security on the organization's policies and procedures covering the privacy of, and access to, protected health information as outlined by the HIPAA, ARRA and other applicable federal and state laws and regulations requirements. Advise region departments and staff on requirements. Develop agreement among regional leaders and managers of key departments to provide oversight of compliance activities across all work teams and processes that affect the privacy and security of members of KPNW.
- Monitor and evaluate regional compliance covering the privacy of, and access to, protected health information as outlined by the HIPAA, ARRA and other applicable federal and state laws and regulations requirements. Advise region departments and staff on requirements. Develop agreement among regional leaders and managers of key departments to provide oversight of compliance activities across all work teams and processes that affect the privacy and security of members of KPNW.
- Conduct HIPAA security risk assessments within the region to assure compliance with regulations, internal policies, procedures, and standards. Conducts related ongoing compliance monitoring as part of the organizations other compliance and operational risk assessment and management activities. Identify areas of risk and implement corrective action steps and internal monitoring processes.
- Develop and conduct specialized training to enhance compliance with HIPAA and ARRA. Maintain currency with actual and proposed changes to legal, regulatory, accreditation and policy requirements. Create and establish effective means of interdepartmental communication and coordination of security issues and activities both directly and through the appropriate committee structures. Review new legislation and regulations and participate in the regulatory implementation process.
- Works with Regional Compliance Officer and other applicable organizations in overseeing security access to protected health information. Coordinates and provides information for all HIPAA security compliance reviews or investigations.
- Provides information and expertise for the organizations process for receiving, documenting, tracking, investigating and resolving HIPAA security issues. Works with Investigators to investigate and resolve HIPAA security issues and violations. Serves as the regions resource on HIPAA security issues and questions.
- Minimum three (3) years of experience in the field of health care compliance or HIPAA Security compliance.
- Experience interacting with state and federal regulatory agencies.
- Experience in education, training and oral presentation.
- Bachelor's degree in business administration, health care compliance, health care administration or a related field of study, OR four (4) years of experience in directly related field.
- High School Diploma or General Education Development (GED) required.
License, Certification, Registration
- Broad knowledge of information privacy and security laws, access, release of information and release control technologies.
- Working knowledge of IT Security concepts related to securing data and communications such as; encryption, authentication models and data security
- Knowledge of managed care industry.
- Knowledge of PC, relevant applications, analytical and statistical skills.
- Demonstrated effective ability to work with executive and medical staffs, administration, department heads and other KPNW staff, as well as external contacts.
- Demonstrated success in implementing policies and new programs.
- Project management skills.
- Demonstrates customer focused service skills.
- Skills in negotiation and conflict resolution.
- Demonstrable problem solving and decision making skills.
- Excellent written and verbal communication skills.
- Demonstrates clear organizational skills.
- Information technology management professional demonstrated competency certifications, especially professional information security certifications (CISSP, GIAC, CISA, CISM, etc.).
Primary Location: Oregon,Portland,Kaiser Permanente Building 500 NE Multnomah St.
Scheduled Hours (1-40): 40
Working Days: variable
Job Type: Standard
Employee Status: Regular
Employee Group: Salaried, Non-Union, Exempt
Job Level: Individual Contributor
Job: Compliance / Privacy / Regulatory
Public Department Name: NW HIPAA Security Program
External hires must pass a background check/drug screen. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with Federal, state and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran, or disability status.
Submit Click here for additonal requirements