Position Summary
Reporting directly to the Administrator, this position requires
overseeing and coordinating efforts across the company, including
Engineering, Nursing, HR, IT, legal, and other departments in the
facility, to identify key corporate security initiatives and standards
(for example, virus protection, security monitoring, intrusion detection,
access control to facilities, and remote access policies). It will
also involve working with outside consultants as appropriate for
independent security audits.
Qualifications
Five to ten years of progressive experience in computing and security,
including experience with Internet technology and security issues
preferred.
Proven ability as a member of a management team and ability to
communicate technical and security-related concepts to a broad range
of technical and non-technical staff.
Ability to work and effectively prioritize in a highly dynamic
work environment.
Experience with disaster recovery planning, testing, auditing,
risk analysis, business resumption planning and contingency planning
as well as contract and vendor negotiation experience.
Specific Responsibilities
Communication/Training
Establishes a security committee in conjunction with administration
and the HIPAA project manager. Assures the committee consists
of relevant personnel for the purpose.
Provides leadership to the Security Committee.
Provides information regarding security to all departments and
appropriate entities.
Fosters information security awareness with facility employees
and related entities. Works with employees to ensure coordination
and cooperation under the facility’s HIPAA security policies and
procedures.
Represents the organization on security issues with external
parties (state or local government bodies, business associates,
etc.).
Policies and Procedures
Manages development and implementation of security policy, standards,
guidelines, and procedures to ensure ongoing maintenance of security.
Provides overall guidance and assistance in identifying security
policies and procedures necessary for the organization.
Assures all necessary security policies and procedures are written
in plain, clear language, approved and distributed.
Oversees training and implementation of all security policies
and procedures.
Regulatory Compliance
Stays current on federal and state security and privacy laws.
Routinely completes gap analysis of current laws with organization
compliance.
Identifies key security program elements.
In the event of a compliance review or investigation, functions
as the liaison between the Office of Civil Rights and/or other legal
entities.
Assessment and Monitoring
Identifies protection goals and objectives consistent with corporate
strategic plan.
Assesses the organization’s current security compliance status
vs. necessary status (gap analysis). Periodically reassesses
status.
Works with the appropriate individuals to ensure the facility,
implements and maintains the appropriate security forms, materials
and practices.
Coordinates security product purchase proposals, implementation
plans and project schedules.
Establishes and administers a process for receiving complaints
concerning the facility’s security policies and procedures.
Documents, tracks and takes action on these complaints.
Ensures consistent action is taken for failure to comply with
security policies for all employees on the workforce. Works
in cooperation with human resources, administration and legal counsel,
as appropriate.
Reviews all security plans to ensure the facility’s security
practices are in place.
top of page
Position Summary
This position is responsible for establishing and maintaining
systems that are effective and efficient to ensure the facility
is operating in a manner to assure the privacy of the patient’s
protected health information. It also establishes and maintains
systems that are effective and efficient to educate the work force
in compliance with HIPAA privacy provisions and is accountable for
the facility’s privacy program and all associated policies and procedures
that serve the best interest of residents, employees and business
associates.
Qualifications
Working knowledge of project/change management
Experience relative to the complexity of the organization.
Knowledge or willingness to learn HIM and clinical information
management; information privacy laws; access and release of information;
and technologies.
Ability to organize, facilitates, communicate, and present information
effectively.
Specific Responsibilities
Communication/Training
Appoints privacy project leader in conjunction with administration
and the HIPAA project manager.
Provides leadership to the Privacy Committee.
Provides information regarding Privacy for all departments and
appropriate entities.
Oversees training and orientation to all employees, volunteers,
medical staff, business associates, etc., regarding HIPAA privacy
regulations.
Fosters information privacy awareness with facility employees
and related entities. Works with project leaders to ensure
coordination and cooperation under the facility’s HIPAA privacy
policies and procedures.
Represents the organization on privacy issues with external parties
(state or local government bodies, business associates, etc.).
Policies and Procedures
Provides assistance to privacy project leader in identifying
privacy policies and procedures necessary for the organization.
Assures all necessary policies and procedures are written in
plain, clear language, approved and distributed.
Oversees training and implementation of all privacy policies
and procedures with HIPAA education project leader.
Regulatory Compliance
Stays current on federal and state privacy laws. Routinely
completes privacy gap analysis of current laws with organization
compliance.
Ensures the facility meets HIPAA privacy standards deadlines.
Assessment and Monitoring
Assesses the organization’s current Privacy compliance status
vs. necessary status (gap analysis). Periodically reassesses
status.
Works with the appropriate individuals to ensure the facility
has, implements and maintains the appropriate privacy forms, materials
and practices.
Facilitates the implementation and monitoring of business
associate agreements. Reports problems to administration and takes
action if problems arise.
Along with Administration and health information management,
establishes mechanisms for accessing, providing, and tracking requests
for access to patient health information. In addition, will
ensure patient rights to inspect, amend and restrict access to their
protected health information are granted.
Establishes and administers a process for receiving complaints
concerning the facility’s privacy policies and procedures.
Documents, tracks and takes action on these complaints.
Ensures consistent action be taken for failure to comply with
privacy policies for all employees on the workforce and for business
associates. Works in cooperation with human resources, administration
and legal counsel, as appropriate.
Reviews all privacy plans to ensure the facility’s privacy practices
are in place. Is a liaison with HIPAA Program Director and
HIPAA committee.
top
of page
Position Summary
This position is responsible for working on and coordinating the
facility’s HIPAA compliance efforts and will provide project management
level guidance to HIPAA Team members. It also acts as an interface
between other organizations for HIPAA group related projects.
Qualifications
Management / Leadership responsibility within the organization
5-10 years of experience in supporting and managing projects
Working knowledge of IT systems, project / change management
Experience relative to the complexity, operation, and interrelationships
of the health care organization
Knowledge of, or willingness to learn HIPAA regulations; HIM /
privacy policy; and technology
Ability to organize, facilitate, communicate, and present information
effectively
Specific Responsibilities
Communication/Training
Serves as the Executive Sponsor’s primary link to HIPAA program
information and status.
Establishes the HIPAA team in conjunction with administration
and the Privacy/Compliance Officer. Assures the committee
consists of relevant personnel for the purpose.
Provides leadership to the HIPAA Team. Chairs the HIPAA
Team.
Provides information regarding HIPAA Rules and Regulations for
all departments and appropriate entities, as appropriate.
Oversees, directs, and/or ensures training and orientation to
all employees, volunteers, medical staff, business associates, etc.,
regarding HIPAA rules & regulations.
Fosters HIPAA awareness with facility employees and related entities.
Works with employees to ensure coordination and cooperation under
the facility’s HIPAA policies and procedures.
Work on projects of a diverse scope. Maintains appropriate
project management work plan documents.
Coordinates system HIPAA activities, initiatives and solutions.
Represents the organization on HIPAA issues with external parties
(state or local government bodies etc.).
Policies and Procedures
Provides overall guidance in identifying HIPAA policies and procedures
necessary for the organization.
Assures all necessary policies and procedures are written in plain,
clear language, approved and distributed.
Oversees training and implementation of all HIPAA policies and
procedures.
Regulatory Compliance
Maintains an accurate document file to demonstrate due diligence
In the event of a compliance review or investigation by a regulatory
enforcement agency, will function as the liaison to that agency.
Assessment and Monitoring
Oversees the responsibilities of the Privacy Officer, Security
Officer, and the TCI Coordinator.
Provides technical leadership to others through project management
or ongoing consulting.
Participate on cross-functional project teams across the organization.
Assesses the organization’s current HIPAA compliance status vs.
necessary status (gap analysis). Periodically assesses status.
Oversees the appropriate individuals to ensure that the facility
implements and maintains the appropriate HIPAA forms, materials
and practices.
Oversees the process for receiving complaints concerning the facility’s
HIPAA policies and procedures. Documents, tracks and takes
action on these complaints.
Oversees that consistent action be taken for failure to comply
with HIPAA policies for all employees on the workforce and for business
associates. Works in cooperation with human resources, administration
and legal counsel, as appropriate.
Reviews all information (privacy, TCI and security plans) to ensure
the facility’s practices are in line. Is a liaison with IT
and the privacy, TCI and security officers.
top of page
|
