HIPAA & Data Privacy Manager
Company: Patterson Companies
Location: Saint Paul
Posted on: May 6, 2021
Overview The HIPAA and Data Privacy Manager is responsible for
the Company's privacy program, including (i) daily oversight of the
privacy program, (ii) development, implementation, and maintenance
of privacy-related policies, procedures, and trainings, (iii)
monitoring of privacy program compliance, (iv) investigation and
tracking of privacy-related incidents and breaches, and (v)
ensuring the Company complies with required state, federal, and
international privacy requirements and regulations.
- Builds a strategic and comprehensive HIPAA compliance program
that defines, develops, maintains, and implements policies and
processes that enable consistent, effective privacy practices which
minimize risk and ensure the confidentiality of protected health
information (PHI), paper and/or electronic, across all media types.
Ensures HIPAA privacy forms, policies, standards, procedures, and
contract templates are up-to-date.
- Works with stakeholders across the organization to establish a
governance framework for the Company's HIPAA and data privacy
programs, including engaging with members of the Company's
commercial software development teams to address HIPAA and privacy
considerations throughout our software portfolio.
- Establishes and maintains a process to track, investigate, and
report inappropriate access and disclosure of PHI and monitors
patterns of inappropriate access and/or disclosure of PHI.
- Performs and/or oversees HIPAA and data privacy risk
assessments and remediation activities.
- Builds a general privacy program that addresses GDPR, CCPA, and
other relevant data privacy requirements, including developing,
implementing, and operationalizing policies, procedures, and
- Assesses and enhances the manner in which sensitive data (e.g.,
PHI, PII, PCI) is received, transmitted, and stored by the Company,
including identifying and implementing opportunities for improving
data security and retention protocols.
- Initiates and promotes activities that increase HIPAA and
privacy awareness within the organization. Identifies and
communicates regularly to internal stakeholders on privacy
compliance updates, including, but not limited to, those related to
HIPAA, GDPR, and CCPA.
- Leads efforts related to CMS claim reporting responsibilities
for software providers.
- Provides advice to and partners with the Information Security
Department on data security and classification matters. Partners
with Information Security Team Members to draft, implement, and
operationalize policies, procedures, and trainings related to data
security and classification.
- Supports the Information Security Department related to its
cybersecurity program, including supporting risk assessments and
implementing and operationalizing policies, procedures, and
- Supports and leads the execution of privacy maturity
assessments and risk assessments.
- Maintains the lead role in ensuring the Company has and
maintains the appropriate privacy and confidentiality consents,
forms, and notices related to its engagement and business with
third parties and customers.
- Oversees, develops, and delivers HIPAA and general privacy
training to the Company's employees.
- Manages the development, implementation, and ongoing monitoring
of all business associate agreements (BAAs) to address privacy
concerns, requirements, and responsibilities.
- Develops and implements a breach notification and remediation
playbook. Manages breach determination and notification
requirements under HIPAA, state, and other regulatory
- In conjunction with the Chief Compliance & Regulatory Officer
and Director, Compliance, helps represent the organization's
privacy interests with external parties, as needed, including
reviews, inquiries, or investigations by the U.S. Department of
Health and Human Service's Office for Civil Rights.
- Reports to the Director, Compliance and serves as Patterson's
Privacy Officer. Qualifications Minimum Qualifications
- Bachelors Degree required. Privacy certification
- 7+ years of experience leading, creating or managing privacy
- Knowledge and experience in state and federal information
privacy laws and regulations, including HIPAA and the HITECH
- Extensive familiarity with legislation and standards for the
protection of PHI.
- Familiarity with GDPR and CCPA compliance requirements.
- Demonstrated ability to draft, implement, and operationalize
policies, procedures, and employee training.
- Demonstrated organization, facilitation, written and oral
communication, and presentation skills.
- Demonstrated skills in collaboration, teamwork, and
- Excellent writing skills.
- A high-level of integrity and trust. Benefits Benefits: We
provide competitive benefits, unique incentive programs and rewards
for all eligible employees. Please click here for an overview of
benefits offered. EEO Statement An Equal Opportunity Employer As a
people-first company, Patterson promotes a culture that embodies
and celebrates diversity and inclusivity. We believe our employees'
unique experiences and differences are what strengthen us and drive
our success. We consider all qualified applicants without regard to
race, religion, color, sex, national origin, age, sexual
orientation, gender identity, disability or veteran status. We are
Patterson. We welcome you.
Keywords: Patterson Companies, St. Paul , HIPAA & Data Privacy Manager, Executive , Saint Paul, Minnesota
Didn't find what you're looking for? Search again!