Privacy Specialist (Healthcare Environment)

Trilogy Federal provides financial management, information technology (IT) consulting, program management services, and strategic consulting to federal agencies. Trilogy has an extensive history helping federal clients achieve their most ambitious business modernization and optimization goals with the ability to deliver targeted subject matter expertise and full life cycle support.
Trilogy Federal is seeking a Privacy Specialist (Healthcare Environment) to support the Department of Veterans Affairs (VA). The ideal candidate will be a knowledgeable privacy expert with specialized experience in healthcare data protection, thriving in a fast-paced, client-focused environment. This role requires a meticulous, collaborative professional to join our team, ensuring the privacy and security of sensitive healthcare information within VA corporate IT systems, including legacy applications and DevSecOps-driven initiatives. 
The selected Privacy Specialist must hold an active Healthcare Information Security and Privacy Practitioner (HCISPP) certification and bring expertise in safeguarding Veteran health data in alignment with VA’s Veteran-focused Integration Process (VIP) Lean-Agile framework and federal healthcare privacy regulations. This position will focus on implementing and maintaining privacy controls, ensuring compliance, and supporting VA’s mission to protect patient information. Please note this position is contingent upon award (Q2/Q3 2025), and may require occasional customer site visits in D.C.

Primary Responsibilities:

• Develop and implement privacy policies and controls for VA corporate IT systems, ensuring the protection of Veteran healthcare data across legacy and modernized environments (e.g., AWS, Azure). 
• Conduct privacy impact assessments (PIAs) and risk analyses, identifying and mitigating risks to sensitive health information in compliance with HIPAA, FISMA, and VA privacy standards. 
• Collaborate with Cyber Security Architects, Data Architects, and DevOps teams to integrate privacy-by-design principles into Continuous Integration/Continuous Delivery (CI/CD) workflows and Agile processes. 
• Monitor and audit systems handling protected health information (PHI), ensuring adherence to federal regulations (e.g., HIPAA Privacy and Security Rules, NIST 800-66) and VA policies. 
• Serve as a subject matter expert on healthcare privacy, advising VA stakeholders, including the Contracting Officer’s Representative (COR) and Privacy Officer, on compliance requirements and best practices. 
• Utilize VA-approved tools (e.g., Jira, GitHub, ServiceNow) to document privacy controls, track compliance activities, and contribute to Biweekly Status Reports on privacy status and incidents. 
• Support the VIP Lean-Agile framework by embedding privacy considerations into Agile ceremonies (e.g., sprint planning, retrospectives) and ensuring data protection aligns with sprint deliverables. 
• Coordinate with data migration and cloud teams to safeguard PHI during transitions to modern platforms, ensuring secure handling and storage of healthcare data. 
• Respond to privacy incidents, supporting investigations and implementing corrective actions to prevent recurrence and protect VA operations and patients. 
• Stay current on emerging privacy threats and regulations (e.g., GDPR influences, AI in healthcare), recommending enhancements to VA’s privacy posture as needed. 
• Mentor team members on healthcare privacy regulations and practices, contributing to Trilogy’s staff development and compliance-focused initiatives. 
• Drive exceptional customer satisfaction by delivering robust, Veteran-centric privacy solutions that safeguard sensitive health data and align with VA’s healthcare mission. 

Minimum Requirements:

• Bachelor’s degree in Healthcare Administration, Information Technology, Cybersecurity, or a related field.
• Healthcare Information Security and Privacy Practitioner (HCISPP) certification required.
• 8+ years of experience in privacy management, data protection, or a related role within a healthcare or federal environment, preferably with VA or similar agencies. 
• Proven expertise in healthcare privacy regulations (e.g., HIPAA, HITECH), risk assessment, and compliance, with hands-on experience in auditing and securing PHI. 
• Strong analytical and communication skills, with the ability to navigate complex privacy challenges in a dynamic, fast-paced setting. 
• Familiarity with VA security and privacy standards (e.g., FISMA, NIST, VA Handbook 6500) and the VIP Lean-Agile framework is highly desirable. 
• Proficiency in MS Office Applications (Word, Excel, PowerPoint, Visio, SharePoint) and VA-approved tools (e.g., Jira, GitHub, ServiceNow). 
• Ability to adapt to evolving privacy requirements and travel occasionally to VA sites in Washington, D.C., as needed. 
• Ability to obtain a Public Trust Clearance

Preferred Qualifications:

• Master’s preferred
• Additional certifications such as Certified Information Privacy Professional (CIPP/US) or CISSP preferred. 

Benefits (including but not limited to):

• Health, dental, and vision plans
• Optional FSA
• Paid parental leave
• Safe Harbor 401(k) with employer contributions 100% vested from day 1
• Paid time off and 11 paid holidays
• No cost group term life/AD&D plan, and optional supplemental coverage
• Pet insurance
• Monthly phone and internet stipend
• Tuition and training reimbursement

Regarding remote positions, Trilogy Federal is able to offer virtual employment in the following states: Colorado, Connecticut, D.C., Florida, Georgia, Illinois, Maryland, New York, South Carolina, Texas, and Virginia.

Trilogy Federal is an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.