Privacy Consultant

Introduction Do you want to join an organization that invests in you as a Privacy Consultant? At HCA, you come first. HCA Healthcare has committed up to $300 million in programs to support our incredible team members over the course of three years. Benefits At HCA, we want to ensure your needs are met. We offer eligible colleagues an attractive benefit package that includes medical, wellbeing, dental and vision benefits along with some unique benefits including: + Medical, Dental, Vision, Life Insurance and Flexible Spending + Paid Time Off (PTO) and Personal Leave + 401K (100% annual match - 3% to 9% of pay based on years of service) + Academic Assistance and Reimbursements for Tuition and Student Loans + Employee Discounts including Tickets, Retail, Mental Health Apps, Education Apps, Identity Theft Protection etc. + Home, Auto, and Pet Insurance + Employee Stock Purchase Program (ESPP) + Short Term & Long Term Disability coverage + Adoption Assistance + Legal Benefits and lots more + Learn more about Employee Benefits ( You contribute to our success. Every role has an impact on our patientsu2019 lives and you have the opportunity to make a difference. We are looking for a dedicated Privacy Consultant like you to be a part of our team. Job Summary and Qualifications The Privacy Consultant plays a critical role with the development and support of HCA Healthcareu2019s enterprise-wide Privacy Program, as well as the Companyu2019s compliance, governance, and strategy relative to information protection. The Consultant interacts extensively with leadership and business owners across the enterprise and provides consultative support on all privacy related matters. What you will do in this role: u00b7 Assists in managing the strategic planning process including key enterprise initiatives to develop a clear vision of the departmentu2019s objectives and to address all regulatory requirements related to privacy. u00b7 Assists in the development and executes the company privacy impact assessment (PIA) strategy to review business processes to evaluate and mitigate risks while identifying privacy controls necessary to protect sensitive information. Identify new process and products needing a PIA via TPA reviews, APM Governance reviews, Security reviews, DT&I Pods, and other ad-hoc requests. u00b7 Identifies, minimizes and mitigates legal and regulatory privacy compliance risks. u00b7 Assists in the review and analysis of proposed and final regulatory reform at the federal, state, and international levels (e.g., HIPAA, CCPA, CPRA, CPA, UKu2019s Data Use Act, DPDPA, Data Protection Laws, 21st Century Cures Act, Information Blocking). u00b7 Directs third party vendor compliance reviews and due diligence efforts. u00b7 Leads inquiries from external regulatory agencies (e.g., Office of Civil Rights) relative to compliance-related investigations based on the governmentu2019s provision of technical assistance. u00b7 Leads the pre- and post- due diligence privacy review process for new acquisitions and divestitures by completing milestones timely and creating and executing detailed work plans. u00b7 Leads enterprise-wide policy and procedure development and support. u00b7 Manages the Privacy SharePoint Sites u00b7 Responds to senior-level/advanced enterprise-wide inquiries submitted to centralized support mailboxes. u00b7 Manages the FPO Onboarding Process by identifying new FPOs across the enterprise via the FPO change forms and PSG monthly report; update and publish the FPO listing; update and manage the FPO DLs; assign HealthStream New FPO Training and provide follow-up; send Welcome Email and include new FPOs in monthly report; add FPOs to Webex space; and add new FPOs to Onboarding Training Call invite. u00b7 Contributes to the selection of relevant topics and drafting monthly awareness and ad-hoc communications. u00b7 Assists with review and approval of privacy related training materials (e.g., Annual Code of Conduct, New Employee Orientation). u00b7 Acts as a privacy subject matter expert relative to the application of the HIPAA Privacy Rule, HITECH Act, and privacy company policies and procedures. u00b7 Develops strategic working relationships across all lines of business and project partners as necessary to identify, evaluate, and reduce privacy risks. What qualifications you will need: u00b7 Bachelor's degree and 7 years experience or 14+ years of proven experience in privacy and security (e.g., HIPAA, HITECH) or other similar federal healthcare legislation in lieu of degree. u00b7 CHP, RHIA, RHIT, HCISPP, CISSP preferred u00b7 Proven experience in information privacy, risk management, and privacy regulations (e.g., HITECH, HIPAA). HCA Healthcare has been recognized as one of the Worldu2019s Most Ethical Companiesu00ae by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

Created: 2026-03-07