Shirley Ryan AbilityLab
Principal Responsibilities
Ensuring Compliance: The core responsibility is to monitor and manage patient information security to ensure compliance with HIPAA and other relevant healthcare regulations. Track and manage privacy obligations and timelines to ensure compliance.
Policy Development & Implementation: Creating and updating privacy policies and procedures to reflect current regulations and best practices.
Risk Assessment & Mitigation: Identifying potential privacy risks, conducting regular assessments, and implementing strategies to mitigate those risks.
Auditing & Monitoring: Performing audits to ensure adherence to privacy policies and procedures, and monitoring data handling practices.
Training & Education: Contribute to training, awareness, and continuous improvement of the privacy program. Providing training to staff on privacy regulations, policies, and procedures.
Investigation & Incident Response: Investigating privacy breaches and incidents and developing appropriate responses and corrective actions.
Collaboration: Working with legal, IT, and clinical teams to ensure a coordinated approach to privacy and data protection.
Staying Current: Staying informed about changes in healthcare regulations, privacy laws, and technological trends. Serves as an internal subject matter expert on Privacy laws and regulations.
Data Analysis: Analyzing data to identify potential privacy issues and trends.
Perform all other duties that may be assigned in the best interest of SRAlab.
Reporting Relationships
Reports to the Executive Director, Corporate Compliance
Knowledge, Skills & Abilities Required
Education & Certification
Bachelor’s degree in Health Information Management, Public Health, Legal Studies, Compliance, or a related field required.
Juris Doctor and/or Master’s Degree in Health Care or Corporate Compliance preferred.
Certification in Healthcare Privacy Compliance (CHPC), Certified Information Privacy Professional (CIPP/US), or equivalent credential strongly preferred.
Technical & Regulatory Expertise
Strong understanding of HIPAA Privacy and Security Rules, with proven ability to apply regulatory requirements in practice.
In-depth knowledge of healthcare privacy regulations and related compliance frameworks.
Proficiency with Microsoft Office Suite; experience with case management tools a plus.
Core Skills & Competencies
Analytical skills to assess risks, interpret privacy regulations, evaluate data, and identify areas of non-compliance.
Attention to detail to ensure accuracy, compliance, and thoroughness across all tasks and documentation.
Project management skills to plan, lead, and oversee privacy-related initiatives effectively.
Problem-solving skills to respond to privacy incidents and develop practical, sustainable solutions.
Excellent communication and interpersonal skills to effectively engage with staff, management, and external stakeholders.
Strong organizational skills with the ability to manage multiple priorities.
Ability to work independently with minimal supervision, as well as collaboratively within a team environment.
Working Conditions
Normal office environment with little or no exposure to dust or extreme temperature.
This role operates in a dynamic, fast-paced environment requiring adaptability to shifting priorities.
Pay and Benefits
Pay Range:
$52,312.00 annually - $89,424.00 annually
Benefits: Shirley Ryan AbilityLab offers a comprehensive benefits program that is competitive with our industry peers in our geographic locations. The benefits information is available at: sralab.org/benefits
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. Shirley Ryan AbilityLab is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
#J-18808-Ljbffr
Ensuring Compliance: The core responsibility is to monitor and manage patient information security to ensure compliance with HIPAA and other relevant healthcare regulations. Track and manage privacy obligations and timelines to ensure compliance.
Policy Development & Implementation: Creating and updating privacy policies and procedures to reflect current regulations and best practices.
Risk Assessment & Mitigation: Identifying potential privacy risks, conducting regular assessments, and implementing strategies to mitigate those risks.
Auditing & Monitoring: Performing audits to ensure adherence to privacy policies and procedures, and monitoring data handling practices.
Training & Education: Contribute to training, awareness, and continuous improvement of the privacy program. Providing training to staff on privacy regulations, policies, and procedures.
Investigation & Incident Response: Investigating privacy breaches and incidents and developing appropriate responses and corrective actions.
Collaboration: Working with legal, IT, and clinical teams to ensure a coordinated approach to privacy and data protection.
Staying Current: Staying informed about changes in healthcare regulations, privacy laws, and technological trends. Serves as an internal subject matter expert on Privacy laws and regulations.
Data Analysis: Analyzing data to identify potential privacy issues and trends.
Perform all other duties that may be assigned in the best interest of SRAlab.
Reporting Relationships
Reports to the Executive Director, Corporate Compliance
Knowledge, Skills & Abilities Required
Education & Certification
Bachelor’s degree in Health Information Management, Public Health, Legal Studies, Compliance, or a related field required.
Juris Doctor and/or Master’s Degree in Health Care or Corporate Compliance preferred.
Certification in Healthcare Privacy Compliance (CHPC), Certified Information Privacy Professional (CIPP/US), or equivalent credential strongly preferred.
Technical & Regulatory Expertise
Strong understanding of HIPAA Privacy and Security Rules, with proven ability to apply regulatory requirements in practice.
In-depth knowledge of healthcare privacy regulations and related compliance frameworks.
Proficiency with Microsoft Office Suite; experience with case management tools a plus.
Core Skills & Competencies
Analytical skills to assess risks, interpret privacy regulations, evaluate data, and identify areas of non-compliance.
Attention to detail to ensure accuracy, compliance, and thoroughness across all tasks and documentation.
Project management skills to plan, lead, and oversee privacy-related initiatives effectively.
Problem-solving skills to respond to privacy incidents and develop practical, sustainable solutions.
Excellent communication and interpersonal skills to effectively engage with staff, management, and external stakeholders.
Strong organizational skills with the ability to manage multiple priorities.
Ability to work independently with minimal supervision, as well as collaboratively within a team environment.
Working Conditions
Normal office environment with little or no exposure to dust or extreme temperature.
This role operates in a dynamic, fast-paced environment requiring adaptability to shifting priorities.
Pay and Benefits
Pay Range:
$52,312.00 annually - $89,424.00 annually
Benefits: Shirley Ryan AbilityLab offers a comprehensive benefits program that is competitive with our industry peers in our geographic locations. The benefits information is available at: sralab.org/benefits
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified. Shirley Ryan AbilityLab is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
#J-18808-Ljbffr