Information Privacy Analyst Senior

Hennepin Healthcare is an integrated system of care that includes HCMC, a nationally recognized Level I Adult Trauma Center and Level I Pediatric Trauma Center and acute care hospital, as well as a clinic system with primary care clinics located in Minneapolis and across Hennepin County. The comprehensive healthcare system includes a 473-bed academic medical center, a large outpatient Clinic & Specialty Center, and a network of clinics in the North Loop, Whittier, and East Lake Street neighborhoods of Minneapolis, and in the suburban communities of Brooklyn Park, Golden Valley, Richfield, and St. Anthony Village. Hennepin Healthcare has a large psychiatric program, home care, and operates a research institute, philanthropic foundation, and Hennepin EMS. The system is operated by Hennepin Healthcare System, Inc., a subsidiary corporation of Hennepin County.

Equal Employment Opportunities: We believe equity is essential for optimal health outcomes and are committed to achieve optimal health for all by actively eliminating barriers due to racism, poverty, gender identity, and other determinants of health. We are committed to equitable care and working in an environment that celebrates, promotes, and protects diversity, equity, inclusion, and belonging. We are committed to bringing in individuals with new cultural perspectives to assist in creating a more equitable healthcare organization.

SUMMARY:

We are currently seeking an Information Privacy Analyst Senior to join our team. This full time role will work days (hybrid: ability to be on site approximately weekly is expected).

Purpose of this position: Under the direction of the Information Privacy Director, the Information Privacy Analyst Senior develops, maintains, and performs activities in support of effective privacy and data practices programs. Primary responsibilities include assisting with privacy program development and maintenance, supporting compliance with requests for data under the Minnesota Government Data Practices Act, conducting investigations, performing auditing and monitoring functions, and conducting education and outreach activities. Subject matter areas of expertise include, but are not limited to, HIPAA, state and federal privacy laws and regulations, and data practices laws.

RESPONSIBILITIES:

Minnesota Government Data Practices Act

• As a data practices designee, ensures timely responses to government data practices requests, including searching for, retrieving, reviewing, and redacting data, and providing timely responses to requester inquiries regarding the status of requests
• Assists in the administration of the data practices compliance program
• Provides guidance to leadership and Business Partners about timely response for requests for government data
• Writes and updates organizational policies and procedures for the data practices compliance program
• Remains current on developments in data practices laws, case law, and advisory opinions, and participates in continuing education and training opportunities related to the MGDPA

HIPAA Information Privacy Program

• Works closely with the Information Privacy Director to develop, implement, and maintain an effective information privacy program
• Provides consultation and guidance on projects regarding information privacy compliance
• Creates, coordinates, and updates the privacy training and awareness program, and conducts privacy presentations as needed
• Writes and updates organizational policies and procedures for the information privacy program
• Conducts regular and occasional privacy risk assessments and supports the development, and monitoring, of work plans to address identified risks
• Remains current on emerging privacy regulations and participates in continuing education and training opportunities related to applicable privacy laws, guidance, and best practices
• Conducts timely investigations and breach analysis into reported privacy inquiries and complaints, including performing audits of the electronic health record, and provides guidance to Business Partners and management about the assessment of privacy policy violations
• Coordinates with relevant department leaders to appropriately and consistently apply corrective measures for privacy violations
• Complete breach notification activities in a timely manner
• Maintains accurate records by thoroughly documenting investigations and outcomes in a timely manner and within the designated incident management system

General Duties

• Creates and enhances new and existing metrics and reporting tools pertinent to the department's operations
• Effects compliance with applicable laws, regulations and accreditation standards, and promotes a culture of compliance

QUALIFICATIONS:

Minimum Qualifications:

• Bachelor's degree
• 3-5+ years of experience working with Information Privacy and/or the Minnesota Government Data Practices

-OR-

• An approved equivalent combination of education and experience

Preferred Qualifications:

• Prior experience working in a health care privacy role/department

Knowledge/ Skills/ Abilities:

• Strong knowledge of applicable information privacy laws and regulations, including but not limited to, the Health Insurance Portability and Accountability Act and its implementing regulations (HIPAA), the Minnesota Health Records Act, and the federal regulations for substance treatment records (45 CFR Part 2)
• Knowledge of the Minnesota Government Data Practices Act and compliance with public disclosure law
• Ability to maintain a high level of integrity, confidentiality, and trustworthiness in working with complex and sensitive situations
• Ability to work with all levels of the organization with a collaborative but firm approach
• Strong written and verbal communication skills, including proficiency in public speaking and conducting training
• Strong interest in and ability to create and implement training programs

License/Certifications:

• Certification in Information Privacy, such as CIPP/US, CHPC

You've made the right choice in considering Hennepin Healthcare for your employment. We offer a wealth of opportunities for individuals who want to make an impact in our patients' lives. We are dedicated to providing Equal Employment Opportunities to both current and prospective employees. We are driven to connect talented individuals with life-changing career opportunities, enabling you to provide exceptional care without exception. Thank you for considering Hennepin Healthcare as a future employer.

Please Note: Offers of employment from Hennepin Healthcare are conditional and contingent upon successful clearance of all background checks and pre-employment requirements.