Compliance HIPAA Privacy Analyst

DescriptionJob Description:GENERAL DESCRIPTION:The mission of Metrocare Services is to serve our neighbors with developmental or mental health challenges by helping them find lives that are meaningful and satisfying. We are an agency committed to quality gender-responsive, trauma-informed care to individuals experiencing serious mental illness, development disabilities, and co-occurring disorders. Metrocare programs focus on the issues that matter most in the lives of the children, families, and adults we serve.The HIPAA Privacy Analyst shall operate under the general supervision of the Privacy Program Manager and assist in the implementation and management of ongoing activities relating to Metrocare Services (Metrocare or the Center) compliance program. The position will exercise professional judgment and decision-making skills regarding applicable federal and state healthcare laws, rules, and regulations.The HIPAA Privacy Analyst is responsible for supporting the organizations privacy compliance program in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable state and federal regulations. This role ensures adherence to privacy policies and procedures through audits, investigations, training, and ongoing monitoring. The analyst will also take a lead role during Compliance and Ethics Week and manage breach notification protocols. Familiarity with MyAvatar Electronic Medical Records System is essential.ESSENTIAL DUTIES AND RESPONSIBILITIES:The essential functions listed here are representative of those that must be met to successfully perform the job.- Auditing and Monitoring: - Conduct regular and targeted audits of medical records, with a focus on privacy compliance, including use and disclosure of PHI. - Conduct site assessments monitoring activities related to privacy. - Work Collaboratively with department stakeholders for operational needs and compliance with local, state and federal regulations. - Utilize MyAvatar to monitor access and activity logs, identify potential unauthorized access, and ensure proper documentation. - Prepare and present audit findings to leadership, including recommendations for corrective action. - Investigations: - Investigate complaints and potential breaches of patient privacy, including inappropriate access or disclosure of PHI. - Document findings and support the breach determination process, including risk assessments and breach notification decisions.- Training and Education: - Develop and present HIPAA and privacy training for newly hired and annual refresher training for all employees. - Customize training modules based on audit findings and regulatory changes. - Provide targeted education sessions following policy violations or compliance gaps.- Compliance Program Support: - Lead or assist in organizing Compliance and Ethics Week events and educational activities. - Review and update privacy policies and procedures to ensure ongoing compliance with regulatory requirements. - Maintain awareness of updates to HIPAA and other relevant privacy regulations and ensure implementation of necessary changes.- Breach Notification and Policy Enforcement: - Assist in coordinating timely and compliant breach notifications to affected individuals, regulatory bodies, and business partners. - Maintain breach logs and assist in preparing reports for internal leadership and external agencies as required.- Performs other duties as PETENCIES:The competencies listed here are representative of those that must be met to successfully perform the essential functions of this job.- Conducts job responsibilities in accordance with the ethical standards of conduct, state contract, appropriate professional standards and applicable state/federal laws.- Analytical skills, profession l acumen, business ethics, thorough understanding of continuous improvement processes, problem solving, respect for confidentiality, and excellent communication skills.- Familiarity with healthcare laws, regulations, and standards is a plus.- In-depth knowledge of HIPAA Privacy and Security Rules, and breach notification requirements.- Experience using MyAvatar EMR system.- Strong analytical skills with experience conducting audits and investigations.- Excellent written and verbal communication skills.- Excellent organizational skills with the ability to prioritize workflow and meet deadlines.- Ability to handle multiple tasks and special projects simultaneously.- Ability to work independently and collaboratively across departments.- High attention to detail and strong organizational skills.QUALIFICATIONSEDUCATION, EXPERIENCE, LICENSES, AND CERTIFICATIONS:- Required: Bachelors degree (required) in Health Information Management, Health Administration, Compliance, or related field (preferred), certification in Healthcare Privacy.- Required: Minimum of 3 years of experience in healthcare, healthcare compliance, privacy, or audit role.DRIVING REQUIRED:Yes[]{style=

Created: 2025-12-25