Job Attributes

Work Schedule/Shift

Day

Job ID

5000408531106

Req. No

70030638

Job Title

Program Manager- Clinic Privacy

Region

CHRISTUS System Office

Category

Healthcare

Division

Not Defined

Company

CHRISTUS Health

Travel

None

Facility

CHRISTUS Health-68600

Address

536 S. Beckham
Tyler, TX  75702
US

Type

Full Time

Apply Now Program Manager- Clinic Privacy Job in Tyler

POSITION SUMMARY:

The CHRISTUS Trinity Clinics Privacy Manager will help execute CHRISTUS' Corporate Compliance and Privacy Work Plans for CHRISTUS Trinity Clinics. The Manager will facilitate the region's compliance with Privacy with both federal and state laws and regulations. Additionally, the Manager will investigate actual and suspected privacy incidents and report findings in accordance with CHRISTUS Policies and processes. The manager helps ensure compliance with privacy regulations and integrity of internal controls; recommends improvements in internal control structure; reviews medical records in the course of privacy investigations or monitoring activities.

MAJOR RESPONSIBILITIES:

  • Assist the CHRISTUS Director of Privacy with auditing and monitoring business units to ensure compliance with federal and state privacy laws and regulations, including but not limited to Health Information Technology for Economic and Clinical Health (HITECH) Act;
  • Assist the CHRISTUS Director of Privacy with execution of the CHRISTUS Health System annual work plan, which addresses business risks and exposures related to the healthcare industry, including regulatory compliance and privacy initiatives, the OIG's work plan, senior leaderships' goals and objects, and issues that arise in the course of day-to-day operations;
  • Work with business units to identify privacy gaps and deficiencies;
  • Participate in the development of appropriate workflows and corrective actions to address identified gaps and deficiencies. Assist with developing compliance and privacy risk assessments for gaps identified and make recommendations for improvements;
  • Conduct regular Privacy Reviews to monitor employees' privacy knowledge;
  • Take a proactive approach to implement systems and processes to prevent and/or mitigate privacy concerns in the region;
  • Ensure CHRISTUS maintains appropriate privacy and confidentiality consent forms, authorization forms, Notice of Privacy Practices, and information notices and materials;
  • Work with identified departments to develop and implement operational privacy training.
  • Work with business units to develop monitoring metrics, identify and provide input on department-level policies and procedures, as appropriate, and assist in developing/delivering specialized operational training for department employees;
  • Collaborate with Information Security Officer or their regional designee to perform annual risk assessments. Assist in the development of a plan for assessing access to PHI and PII by employees, consultants, and business associates;
  • Assist in the development and/or execution of a complaint workflow so that departments can timely report privacy complaints received from patients, regulatory entities or internal privacy events, to the CHRISTUS Director of Privacy;
  • Investigate suspected or reported incidents involving the use, disclosure, and storage of PHI including potential breaches, patient complaints, and OCR complaints;
  • Assist the CHRISTUS Director of Privacy and businesses in the preparation and coordination of regulatory audits, including OIG, OCR, and accreditation agencies;
  • Work with the CHRISTUS Director of Privacy to prepare submission of required reporting of compliance incidents and/or HIPAA breaches to Federal and State regulators, as appropriate;
  • Coordinate with patients whose PHI has been breached or who have reported a concern;
  • Coordinate with IT Security Officer or regional designee regarding security issues;
  • Assist in the completion of annual Compliance and Privacy risk assessment processes;
  • Track Privacy training completion for your area of responsibility;
  • Ensure Business Associate Agreements (BAAs) are updated within your region and area of responsibility;
  • Maintain current knowledge of applicable federal and state laws applicable to healthcare privacy;
  • Maintain rapport with business units to facilitate solid communications;
  • Serve as a resource for questions regarding application of relevant laws and regulations and the privacy program policies and procedures;
  • Provide appropriate CHRISTUS Director of Privacy, CHRISTUS Clinic Management Services Compliance Director, and the Vice President and Chief Compliance and Privacy Officer for regional and system board reporting;
  • Provide or direct compliance or privacy education, as permitted;
  • Develop and deliver course content for targeted training initiatives as directed by the annual work plan;
  • Initiate, facilitate, and promote activities to foster awareness of privacy within all entities;
  • Coordinate and conduct, whenever possible, privacy monitoring "walkthroughs" at entities;
  • Respond to and resolve privacy related issues received via the CHRISTUS Health Integrity Line;
  • Maintain a process to document and track the progress of investigations and mitigation of privacy issues in the incident management system (e.g., Privacy Pro, Ethics Point, etc.);
  • Prepares the regional report for the system Compliance Office and Board of Directors, as directed by the CHRISTUS Director of Privacy;
  • Research compliance, HIPAA Privacy and other privacy regulations as needed or requested and provide written guidance to affected parties;
  • Keep the CHRISTUS Clinic Management Services Compliance Director updated and informed on privacy incidents/breaches for general awareness and for reporting purposes; and
  • Other projects and duties as assigned.
POSITION QUALIFICATIONS A. Education/Skills
  • Bachelor's Degree required; prefer in business, accounting, health care administration, legal
  • Knowledge of HIPAA Privacy
  • Working knowledge of hospital/clinic operation processes
  • Knowledge of audit and investigation techniques

 B. Experience

  • Minimum of 3 to 5 years general healthcare experience with knowledge of hospital/clinic operations, physician services and health plan requirements.
  • Prefer 5 years of general privacy experience
  • Prefer 4 years of experience in regulatory research and knowledge of federal and state law
C. Licenses, Registrations, or Certifications
  • CHPC or CHPS Preferred
Apply Now
Not ready to apply? Join our Talent Pool