Hybrid Sr. HIPAA Privacy Expert presso UNITE HERE HEALTH

UNITE HERE HEALTH serves over 200,000 workers and their families in the hospitality and gaming industry nationwide. Our desire to be innovative and progressive drives us to develop impactful programs and benefits designed to engage our participants in managing their own health and healthcare. Our vision is exciting and challenging. Please read on to learn more about this great opportunity!

The Senior HIPAA Privacy Expert will develop, review, update and manage the organization's (aka the Fund’s) HIPAA privacy compliance program, including; Investigating and managing privacy and security incidents and supporting the management of breaches, governing the vendor management program, developing HIPAA training, analyzing privacy risks, and interacting with various business areas across the enterprise to ensure federal and state privacy regulation compliance. The HIPAA Privacy Expert will negotiate Business Associate Agreements and Data Use Agreements, oversee the privacy awareness program, maintain the HIPAA website, as well as participate and support many other privacy initiatives and activities.

ESSENTIAL JOB FUNCTIONS AND DUTIES 

• Documents, tracks, and investigates complaints and incidents; prepares reports, findings and recommendations
• Monitors and audits compliance with the organization’s policies and procedures, contractual obligations, individual privacy rights, and federal and state privacy and security regulations
• Develops, manages and implements privacy plans for specific risks identified due to operational or regulatory changes 
• Creates and delivers security and privacy awareness and compliance training to all employees, applicable contractors, and other parties, including new hire HIPAA orientation for new employees
• Responsible for Privacy’s role in our organizations’ process for controlling employee access to information systems containing protected health information
• Managing our vendor management program, privacy breach scenarios, HIPAA webpages on our internal website,
• Reviews Business Associate Agreements (BAAs), oversees maintenance of BAAs, educates employees on when they are needed and fields questions 
• Advises the Privacy Officer in ensuring proper reporting of violations or potential violations to oversight agencies, as well as providing the PO advice, opinions, recommendations and/or ideas
• Advises workforce members regarding appropriate use and disclosure of Protected Health Information (PHI); ensures consistent application and training of policies and documentation
• Partners with organizational stakeholders and senior management to ensure consistent application of privacy laws and regulations and to resolve common privacy issues
• Conducts research and maintains current knowledge of privacy regulations, including contractual and operational issues involving HIPAA and other regulations and laws affecting a national healthcare company, and assisting businesses and regions to adapt business practices when necessary to ensure compliance
• Provides reports on a regular basis, and as directed or requested, to keep the Sr. Legal Counsel & HIPAA Privacy Officer apprised of the operation and progress of compliance efforts
• Exemplifies the Fund's values in leading and fostering a respectful, trusting, and engaged culture of inclusion and engagement

ESSENTIAL QUALIFICATIONS 

•  5 ~ 7 years of direct experience 
• Working knowledge and experience researching, analyzing, and interpreting laws and regulations
• Direct knowledge and experience with HIPAA and state privacy laws
• Experience in working in a matrix organization across multiple geographic areas 
• Experience reviewing and negotiating HIPAA-related contracts, including business associate agreements, data use agreements, data processing agreements and confidentiality agreements
• Experience conducting privacy impact assessments and privacy risk assessments
• Bachelor's degree or equivalent work experience required
• Working knowledge and experience in welfare benefit plans and ERISA (preferred)
• Privacy related certification (preferred)

Salary range for this position: Exempt, $85,300 - $106,700. Actual base salary may vary based upon, but not limited to: relevant experience, qualifications, expertise, certifications, licenses, education or equivalent work experience, time in role, peer and market data, prior performance, business sector, and geographic location.

Work Schedule (may vary to meet business needs): Monday~Friday, 7.5 hours per day (37.5 hours per week) as a hybrid employee employee.

We reward great work with great benefits, including but not limited to: Medical, Dental, Vision, Paid Time-Off (PTO), Paid Holidays, 401(k), Short- & Long-term Disability, Pension, Life, AD&D, Flexible Spending Accounts (healthcare & dependent care), Commuter Transit, Tuition Assistance, and Employee Assistance Program (EAP).

#LI-Hybrid