Washington University in St. Louis logo

Privacy Analyst (Hybrid) - Faculty Practice Plan

Washington University in St. Louis
3 hours ago
Full-time
On-site
Baltimore, Maryland, United States
Analyst

Scheduled Hours

40

Position Summary

Responsible for managing all HIPAA incidents, privacy complaints, and reports of suspected inappropriate access to our clinical applications. Serves as an expert on HIPAA Privacy and provides guidance to workforce members on HIPAA related questions, concerns or incidents.

Job Description

Primary Duties & Responsibilities:

  • Assumes primary responsibility for the initial screening of, timely investigation, triaging and documentation of HIPAA incidents and complaints.
  • Conducts thorough and comprehensive investigations, including data gathering, analysis, interviews, report writing and initiation of corrective action.
  • Ensures timely assessment of incidents to include documentation of risk assessments and breach notification.
  • Manages our privacy monitoring program focused on access to our clinical applications in conjunction with our vendor partner, Fair Warning.
  • Performs timely review of the alerts and conducts thorough and comprehensive investigations, including data gathering, user interviews performed in coordination with Human Resources, analysis of access patterns and documentation of findings.
  • Recommends corrective action and sanctions in conjunction with Human Resources.
  • Ensures timely assessment of alerts to include documentation of risk assessments and breach notification.
  • Serves as an expert on the HIPAA Regulation, University privacy and security policies and procedures and privacy and security resources.
  • Advises workforce members on application of above to specific scenarios in a timely fashion.
  • Assists HIPAA Privacy Educator with developing and promoting activities intended to foster privacy awareness and knowledge across the entire enterprise.
  • Conducts on-site privacy monitoring of clinical areas and business units and performs desk audits to ensure compliance with regulations and policies.
  • Works collaboratively with departments to implement corrective action plans if indicated.
  • Creates and maintains dashboard reporting on HIPAA Privacy Office activities to document adherence to the HIPAA Regulations. Dashboard includes reported incidents, privacy monitoring alerts, disclosures, breaches, sanctions, training and patient’s acknowledgement of the offer of Notice of Privacy Practice.
  • Serves as a resource to departmental HIPAA liaisons, including providing orientation to new liaisons, maintaining resources and an updated liaison contact list and offering frequent reminders and education.
  • Assists patients in exercising their patient privacy rights, including amending their medical records, receiving an accounting of the disclosures of their medical records, requesting restrictions on access to their medical records and other rights related to patient privacy.
  • Works collaboratively with BJC compliance and other covered entities to investigate HIPAA incidents.

The above statements are intended to describe the general nature and level of work performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all job duties performed by the personnel so classified. Management reserves the right to revise or amend duties at any time.

Required Qualifications

Education:

Bachelor’s degree or combination of education and/or experience may substitute for minimum education.


Certifications/Professional Licenses:

No specific certification/professional license is required for this position.


Work Experience:

No specific work experience is required for this position.


Skills:

Audit Management, Clinical Care, Conducting Investigations, Electronic Health Records (EHR)


Driver's License:

A driver's license is not required for this position.

More About This Job

WashU seeks highly motivated individuals who are able to perform duties in a manner consistent with our core mission and guiding principles.

Preferred Qualifications

Education:

No additional education unless stated elsewhere in the job posting.


Certifications/Professional Licenses:

Certified in Healthcare Compliance (CHC) - Health Care Compliance Association (HCCA), Certified in Healthcare Privacy and Security (CHPS) - American Health Information Management Association (AHIMA), Certified in Healthcare Privacy Compliance (CHPC) - Health Care Compliance Association (HCCA), Registered Health Information Administrator (RHIA) - American Health Information Management Association (AHIMA)


Work Experience:

No additional work experience unless stated elsewhere in the job posting.

Skills:

Data Compilation, Deadline Management, Epic EHR, Health Care, Healthcare Auditing, Health Information, HIPAA Regulations, Microsoft Office, Nursing Fundamentals, Oral Communications, Working Independently, Written Communication

Grade

G11

Salary Range

$53,100.00 - $90,600.00 / Annually

The salary range reflects base salaries paid for positions in a given job grade across the University. Individual rates within the range will be determined by factors including one's qualifications and performance, equity with others in the department, market rates for positions within the same grade and department budget.

Questions

For frequently asked questions about the application process, please refer to our External Applicant FAQ.

Accommodation

If you are unable to use our online application system and would like an accommodation, please email CandidateQuestions@wustl.edu or call the dedicated accommodation inquiry number at 314-935-1149 and leave a voicemail with the nature of your request.

All qualified individuals must be able to perform the essential functions of the position satisfactorily and, if requested, reasonable accommodations will be made to enable employees with disabilities to perform the essential functions of their job, absent undue hardship.

Pre-Employment Screening

All external candidates receiving an offer for employment will be required to submit to pre-employment screening for this position. The screenings will include criminal background check and, as applicable for the position, other background checks, drug screen, an employment and education or licensure/certification verification, physical examination, certain vaccinations and/or governmental registry checks. All offers are contingent upon successful completion of required screening.

Benefits Statement

Personal

  • Up to 22 days of vacation, 10 recognized holidays, and sick time.

  • Competitive health insurance packages with priority appointments and lower copays/coinsurance.

  • Take advantage of our free Metro transit U-Pass for eligible employees.

  • WashU provides eligible employees with a defined contribution (403(b)) Retirement Savings Plan, which combines employee contributions and university contributions starting at 7%.

Wellness

  • Wellness challenges, annual health screenings, mental health resources, mindfulness programs and courses, employee assistance program (EAP), financial resources, access to dietitians, and more!

Family

  • We offer 4 weeks of caregiver leave to bond with your new child. Family care resources are also available for your continued childcare needs. Need adult care? We’ve got you covered.

  • WashU covers the cost of tuition for you and your family, including dependent undergraduate-level college tuition up to 100% at WashU and 40% elsewhere after seven years with us.

For policies, detailed benefits, and eligibility, please visit: https://hr.wustl.edu/benefits/

EEO Statement

Washington University in St. Louis is committed to the principles and practices of equal employment opportunity. It is the University’s policy to provide equal opportunity and access to persons in all job titles without regard to race, ethnicity, color, national origin, citizenship (where prohibited by federal law), age, religion, sex, sexual orientation, gender identity or expression, disability, protected veteran status, or genetic information.