Director, Privacy Operations

About SCAN

SCAN Group is a not-for-profit organization dedicated to tackling the most pressing issues facing older adults in the United States. SCAN Group is the sole corporate member of SCAN Health Plan, one of the nation's leading not-for-profit Medicare Advantage plans, serving more than 285,000 members in California, Arizona, Nevada, and Texas. SCAN has been a mission-driven organization dedicated to keeping seniors healthy and independent for more than 40 years and is known throughout the healthcare industry and nationally as a leading expert in senior healthcare. SCAN employees are a group of talented, passionate professionals who are committed to supporting older adults on their aging journey, while also innovating healthcare for seniors everywhere. Employees are provided in-depth training and access to state-of-the-art tools necessary to do their jobs, as well as development and growth opportunities. SCAN takes great pride in recognizing our team members as experts in their fields and rewarding them for their efforts. If you are interested in becoming part of an organization that is innovating senior healthcare visit www.thescangroup.org, www.scanhealthplan.com, or follow us on LinkedIn; Facebook; and Twitter.

The Job

The Director, Privacy Operations, under general direction of the Chief Privacy Officer, will ensure SCAN's data handling practices comply with privacy regulations, while managing privacy risks through continuous monitoring and mitigation strategies. This role will also oversee the implementation of privacy policies, manage incident response, lead privacy training initiatives and cultivate a culture of privacy excellence.

You Will

• Privacy Program Oversight: Under general direction, manage the privacy program at the SCAN health plans and affiliated health care entities, ensuring compliance with all relevant privacy laws and regulations, including HIPAA, HITECH and state-specific laws.
• Risk Management: Conduct regular privacy risk assessments, audits, and gap analyses to identify and mitigate potential privacy risks. Maintain privacy risk register and ensure alignment and execution on all related work;
• Policy Development: Develop, implement and maintain privacy policies and procedures, ensuring they align with legal requirements and best practices in the healthcare industry;
• Monitoring and Auditing: Implement systems for monitoring and auditing compliance with privacy policies, procedures, and appropriate data access, including managing internal reviews or regulatory audits;
• Collaboration and Communication: Collaborate with internal departments (IT, Information Security, Compliance, HR, etc.) and external partners to address privacy concerns and develop proactive strategies;
• Incident Response: Oversee the investigation and management of privacy incidents and breaches, including reporting and notification processes to regulatory bodies, patients, and plan members, as required;
• Emerging Regulations: Stay informed of changes to privacy laws and regulations, adapting policies and practices to meet evolving requirements and industry standards.
• Training and Education: Develop and deliver privacy training programs for employees, ensuring staff are knowledgeable and compliant with privacy policies and regulations;
• Privacy Liaison: Serve as organizational resource for SCAN privacy team, ensuring alignment with SCAN's strategic goals. Serve as privacy subject matter expert to SCAN health plans and affiliated health care entities.
• All other duties as assigned

Your Qualifications

• Bachelor's Degree or equivalent experience required
• Graduate or Advanced Degree or equivalent experience preferred
• Healthcare Administration, Law, Business or related field preferred
• Prior leadership experience is required
• CHPC, CIPP-US, CIPM, CISSP or similar
• Minimum of 7-10 years of experience in privacy, compliance, or legal roles within healthcare or health insurance.
• In-depth knowledge of HIPAA, HITECH, and state privacy laws governing healthcare data and health plans. Strong knowledge of security standards such as HITRUST and SOC-2 preferred.
• Familiarity with emerging technologies and privacy challenges in digital health is a plus.
• Leadership - Skilled to develops others
• Business Insight - In-Depth understanding of the business
• Strategic Mindset - Creates strategies to sustain competitive advantage
• Strong leadership and project/team management skills
• Excellent communication and collaboration skills
• Critical thinking and problem-solving skills
• High attention to detail and the ability to manage multiple projects simultaneously
• Ability to handle sensitive and confidential information with discretion

What's in it for you?

• Base Pay Range: $147,900 to $236,600 annually
• An annual employee bonus program
• Robust Wellness Program
• Generous paid-time-off (PTO)
• 11 paid holidays per year, 1 floating holiday, birthday off, and 2 volunteer days
• Excellent 401(k) Retirement Saving Plan with employer match
• Robust employee recognition program
• Tuition reimbursement
• An opportunity to become part of a team that makes a difference to our members and our community every day!

We're always looking for talented people to join our team! Qualified applicants are encouraged to apply now!

At SCAN we believe that it is our business to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects our community through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more.

SCAN is proud to be an Equal Employment Opportunity and Affirmative Action workplace. Individuals seeking employment will receive consideration for employment without regard to race, color, national origin, religion, age, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender perception or identity, age, marital status, disability, protected veteran status or any other status protected by law. A background check is required.

#LI-JB1 #LI-Remote