This job was posted by https://www.azjobconnection.gov : For more information, please see: https://www.azjobconnection.gov/jobs/6608471

r

rHIPAA Privacy Officer

r

rLocation: Office of General Counsel

rRegular/Temporary: Regular

rJob ID: 607992

rFull/Part Time: Full-Time

r

r Workplace Culture

NAU aims to be the nation\'s preeminent engine of opportunity, vehicle of economic mobility, and driver of social impact by delivering equitable postsecondary value in Arizona and beyond.

{ckesavedhref="https://nau.edu/president/strategic-plan/" isparent="" target="blank"}

Special Information

• This position is open to working at the Flagstaff Mountain campus or remote with or without accommodation. Ideally, the incumbent will be located within the state of Arizona or four (4) hours or less from Flagstaff.
• This position requires occasional travel including to NAU locations throughout the State of Arizona.
• The position may be eligible for a recruitment allowance of \$4,790.

Job Description

The HIPAA Privacy Officer oversees all compliance activities related to the development, implementation, and enhancement of policies and procedures for the protection of individually identifiable health information used for clinical, business, and research purposes. The HIPAA Privacy Officer will have extensive knowledge of federal and state laws and other standards that regulate or otherwise involve privacy, data security, and breach notification requirements. The HIPAA Privacy Officer will have substantial experience in the development of privacy and security policies, procedures, training programs, audits, risk analyses, and compliance monitoring programs.

The HIPAA Privacy Officer will report directly to the Vice President for Legal Affairs and General Counsel and work closely with Campus Health Services, the Office of the Vice President for Research, the Human Research Protection Program/ Institutional Review Board, Contracts, Purchasing & Risk Management, Information Technology Services, Athletics, senior University administrators, deans, department heads, faculty members, and researchers. The HIPAA Privacy Officer will also serve on the NAU Information Security Committee.

HIPAA Compliance Program Management/Oversight - 45%

• Review, develop, and implement new and revised policies, procedures, and forms related to HIPAA privacy and breach notification.
• Identify and review Health Care Components and manage HIPAA privacy compliance for each Component.
• Develop and oversee HIPAA Privacy and Security compliance and security related committee.
• Review and track all institutional Business Associate Agreements.
• Engage with NAU\'s affiliated and healthcare partners in their compliance-related activities and programs, as necessary.
• Oversee and update the privacy office records retention program.
• Maintain the HIPAA Privacy Program website.

Institutional Engagement and Education/Training - 25%

• Provide subject matter expertise on HIPAA privacy and breach notification requirements to university constituents.
• Advise regarding intersections of HIPAA, FERPA, and other applicable healthcare and privacy laws.
• Direct, deliver, and provide updates to annual privacy training and orientation to covered workforce members.
• Coordinate with University business units and programs on HIPAA privacy issues.
• Work with the Human Research Protection Program/ Institutional Review Board to assess HIPAA applicability and compliance for research projects.

Risk Assessment and Auditing - 15%

• Conduct thorough risk assessments for departments, programs, and research projects, and monitor and address risks, as needed.
• Perform periodi internal privacy impact assessments and compliance audits.
• Develop effective and measurable quality improvement initiatives.
• Support ITS in the performance of security analyses and development of policies, procedures, and processes around HIPAA security.

Complaint Investigation and Response - 10%

• Serve as the University\'s designated HIPAA Privacy Officer across all campuses, with responsibility for notifying and cooperating with applicable government agencies in response to external compliance reviews and investigations.
• Investigate and respond to complaints regarding alleged breaches of institutional privacy policies, including recommending and implementing corrective action plans.

Other - 5%

• Perform other duties as assigned by the Vice President for Legal Affairs and General Counsel.

Minimum Qualifications

• Bachelor\'s degree and three years of experience in a HIPAA Privacy Officer or similar role.
• Any combination of relevant education and experience may be substituted for the educational requirement on a year-for-year basis.

Preferred Qualifications

Advanced degree (MS, PhD, and/or JD) and at least five years of experience in a HIPAA Privacy Officer or similar role.

Nationally recognized compliance certification (e.g