Director of Privacy and ROI

Job DetailsJob Location: South Charlotte Office - Charlotte, NC 28226Position Type: Full TimeTravel Percentage: Local TravelJob Shift: DayVIA Health Partners is an industry leader and top-10 nationally ranked provider of end-of-life care.  More importantly we are proud to be a community based, not for profit hospice & palliative care provider.  We have deep community roots, with decades of experience serving ALL patients’ and families’ needs regardless of their ability to pay or their medical complexity. We are a people first organization whose funds go to serve our mission.

Due to our significant growth, we are looking for amazing new staff who share these same values. Apply now and be a part of our success story.

We provide excellent benefits including:


Medical, Vision, and Dental plans through BCBS
28 days of Paid Time Off
Excellent mileage reimbursement rate 
403b Retirement plan with matching
Focused programs honoring Veteran patients
Assistance with achieving Certified Hospice & Palliative Nurse (CHPN)
Best Orientation and Onboarding program you’ve experienced
Seasoned Hospice leaders guiding your career growth


 

Essential Functions


Identified role of Privacy Officer—to lead the organization’s HIPAA privacy program through policy and procedure development, risk assessments, audits, and training in coordination with leadership and HIPAA Security Officer
Responsible for all HIPAA patient rights, safeguards, and regulatory allowances, including but not limited to: patient access requests, amendment requests, accounting of disclosure issues, and disclosure disputes, escalating to leadership, legal where interpretation of law or organizational risk is involved
Responsible for all disclosures and management of ROI procedures across all branches and service lines. This includes both reviewing and validating documentation supporting authority to request, receive or authorize disclosure of PHI.  Act as Subject Matter Expert for all related legal documentation such as HCPOA, guardianships, executorship, letters of administration, and other personal representative documentation as covered under HIPAA or applicable state law.
Responsible for intake, review, and response to subpoenas, attorney letters, disability and insurance requests, government inquiries, and other third party legal or quasi legal demands for records.  Coordinate with leadership on complex legal requests including requested tied to litigation, law enforcement, disputed family/representative status, etc.
Maintain complete, audit-ready documentation of all requests, legal basis for disclosure, approvals, denials, redactions, deadlines, and final release actions. This includes responsibility for accounting disclosures, patient access processes, and documentation of investigations and program activity.
Partner with Compliance, HIM, CIO, Security, Clinical Software, IT and Operations to support policy administration, risk reduction, and technology modernization, including review of AI-enabled or automated workflows that may affect PHI, disclosure practices, or documentation integrity. This includes oversight of privacy impact, AI-related risk, and process controls around digital tools, especially when PHI or clinical documentation is involved.
Serve as an operational subject matter resource to branch/site teams on lawful release practices, authorization sufficiency, representative documentation, and documentation retention requirements. HIPAA and HIM roles in health systems commonly include staff education and policy support
Assist compliance and HIM with all audit response activities, ADR/CERT requests, or other Medicare/Medicaid/Third Party request for records as part of medical review and program integrity, or other internal compliance reviews as party of survey readiness
Review, revise, and maintain inventory of all HIPAA related forms, letters, templates, and related procedures and job aids, (i.e. release of information authorization form, Notice of Privacy Practice, coversheets and templates for responses
Coordinate with branch level leadership, Business Office Managers, social workers, and HIM for development of SOP for identified low risk, high volume requests for letters, forms containing PHI and requiring authorization.
Responsible for all medical record retention, storage, and destruction and all associated documentation
Customer Service

Has knowledge of and implements VIA’s  Core Values, the principles, and processes for providing customer and personal services to all VIA customers, both internal and external. This includes customer needs assessment, meeting quality standards for services, and evaluation of customer satisfaction.


 Assumes responsibility for related duties as required or assigned.

Ensures that VIA’s professional reputation is maintained and projected through job performance.
Assumes responsibility for professional development and staying abreast of current trends in the field.  Incorporates new information and methods into practice. 
Maintains current professional licensure or certification (if applicable).


May perform other duties as assigned.

QualificationsMinimum Qualifications


Bachelor’s degree in Health Information Management, Healthcare Administration, Public Health, Business, Legal Studies, or related field
Minimum of 5 years or progressively responsible experience in at least one of the following: privacy/compliance operations, release of information, HIM, healthcare paralegal work or healthcare regulatory operations
Working knowledge of HIPAA Privacy Rule, personal representative standards, and healthcare record confidentiality requirements.
Experience using EHR/EMR systems, document management systems, disclosure logs, and Microsoft Office tools.


Preferred


Certification in healthcare privacy/HIPAA/HIM compliance  (HPOC, CHPS, CHPSE, RHIT, RHIA, CHC, CHPC) 
Prior experience in healthcare legal operations, record subpoena processing, privacy operations, and legal document review
Experience supporting privacy review of digital-health, telehealth, analytics, or AI tools 
Hospice, palliative, home health, or post-acute experience