Privacy Analyst - Risk

The incumbent will work closely with the Mayo Clinic Privacy Officer, Site Privacy Officers, Senior Privacy Analysts, and other Privacy Analysts to ensure compliance with Federal and State Privacy regulations including HIPAA & HITECH, FERPA, State Privacy laws, State Data Breach laws, Business Associate Agreements, and Mayo Clinic Privacy policies and procedures. 

Job Duties and Responsibilities: 
* Conduct audits of Mayo Clinic employee access to the Electronic Medical Records (EMRs) and ancillary ePHI systems
* Work directly with Human Resources to oversee and document Privacy investigations
* Respond timely and professionally to questions from Mayo Clinic employees and Mayo Clinic patients related to: release of information, restrictions, revocations, authorizations, amendment requests, privacy breach reporting, encryption, Business Associate Agreements, HIPAA, Privacy policies, Confidential Information data transfers (PHI, PII, IP, personnel information, student information, etc.) 
* Identify questionable EMR access patterns through analysis of proactive auditing reports
* Consult with business proponents to consider Privacy risks related to organizational initiatives
* High Profile Patient auditing including coordinating visits with Development and Physical Security, managing appropriate HPP confidentiality flags, and auditing all medical record access
* Investigate and document Privacy-related Compliance Hotline reports
* Present in-person Privacy training for Mayo Clinic employees 
* Conduct on-site audits of various Mayo Clinic departments to assess compliance with Privacy and Information Security policies 
* Work directly with Information Security to monitor Confidential Information transmitted outside Mayo Clinic to enforce policy compliance while mitigating organizational risk
* Assist with implementation of procedures to ensure compliance with Privacy-related policies
* Work collaboratively on multi-disciplinary workgroups and projects
* Investigate complaints filed with the Office for Civil Rights and other regulatory agencies
* Report privacy breaches to affected patients, HHS, and other persons/entities as required by law
* Other functions and projects as assigned
* Some travel may be required to other Mayo Clinic sites and/or training conferences

 

*This position is a 100% remote work. Individual may live anywhere in the US.

**This vacancy is not eligible for sponsorship / we will not sponsor or transfer visas for this position.

During the selection process, you may participate in an OnDemand (pre-recorded) interview that you can complete at your convenience. During the OnDemand interview, a question will appear on your screen, and you will have time to consider each question before responding. You will have the opportunity to re-record your answer to each question - Mayo Clinic will only see the final recording. The complete interview will be reviewed by a Mayo Clinic staff member and you will be notified of next steps.

Bachelor's degree required and a minimum of 3 years' experience in compliance, privacy, health information management, internal audit, human resources, legal, investigations, information security, or a related field. Master’s or Juris Doctor degree preferred.

• Ability to maintain highest level of confidentiality
• Healthcare provider/payer experience
• Knowledge of Federal and State regulations related to Privacy and data security of confidential information
• Systems knowledge of EMRs 
• Effective training and presentation skills
• Investigation and audit experience
• Proficient in Excel, Word, and Power Point
• Demonstrated ability to set priorities and to respond to changing demands from multiple sources
• Ability to follow-through, meet regulatory deadlines, anticipate requirements, and build relationships
• Strong analytical and problem-solving skills
• Ability to communicate effectively with diverse groups including attorneys, physicians, patients, allied health staff, researchers, and vendors
• Ability to work collaboratively in a team environment with minimal supervision 

 

Licensure or Certifications:
Preferred certifications: CHC (Certified in Healthcare Compliance-HCCA), CHPC (Certified in Healthcare Privacy Compliance-HCCA), CFE (Certified Fraud Examiner-ACFE), HCISPP (Healthcare Information Security and Privacy Practitioner-ISC2), CISSP (Certified Information Systems Security Professional-ISC2), CIPP (Certified Information Privacy Professional-IAPP), CHPS (Certified in Healthcare Privacy and Security-AHIMA).

Why Mayo Clinic
Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans – to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic. You’ll thrive in an environment that supports innovation, is committed to ending racism and supporting diversity, equity and inclusion, and provides the resources you need to succeed.
Benefits Highlights

• Medical: Multiple plan options.
• Dental: Delta Dental or reimbursement account for flexible coverage.
• Vision: Affordable plan with national network.
• Pre-Tax Savings: HSA and FSAs for eligible expenses.
• Retirement: Competitive retirement package to secure your future.