Privacy Program Specialist, Consultant

Your Role The Privacy Office is responsible for development, implementation, and oversight of Blue Shield's Privacy Program. The Privacy Program ensures that Blue Shield and its affiliated covered entities, including Blue Shield of California Promise Health Plan, are in compliance with state and federal privacy laws and regulations, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), and California's Confidentiality of Medical Information Act (CMIA). The Privacy Program Specialist, Consultant reports to the Privacy Office Sr. Manager and plays an essential role in advancing and enforcing Blue Shield's Privacy Program. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires at least 7 years of prior relevant experience Requires prior experience in healthcare privacy, cybersecurity incident management, investigative services, or another related field Requires a solid understanding of state and federal privacy laws, including HIPAA/HITECH, CMIA, and privacy-related consumer protections laws, such as the Telephone Consumer Protection Act (TCPA), as well as knowledge of Department of Health Care Services (DHCS) privacy requirements for Medi-Cal Managed Care Health Plans and Centers for Medicare or Medi-Cal and Medicaid (CMS) Medicare or Medi-Cal Managed Care Plans Excellent organizational skills and strong independent judgment, problem-solving, critical and analytical thinking skills, including an exceptional "moral compass" and work ethic Ability to work collaboratively in a team, perform duties with minimal supervision, multi-task, and to deliver a quality work product in a highly regulated, demanding, and constantly changing corporate environment Proficient in Microsoft Word, Access, Excel, PowerPoint, and Outlook Possesses extensive experience in directly handling investigations Privacy healthcare-related experience that includes a familiarity with Privacy Impact Assessments and Data Protection Impact Assessments; auditing and monitoring; investigating, managing, and reporting privacy incidents; health information management CIPP/US Certification or HCCA CHPC Certification preferred Experience and knowledge of compliance or privacy incident management software