This site uses cookies. To find out more, see our Cookies Policy

Chief Privacy Officer in Memphis at Vaco

Date Posted: 3/20/2018

Job Snapshot

Job Description

Our client is looking for a Chief Privacy Officer to join their team. In this role, you will have the primary responsibility for the development, implementation, administration of and adherence to the Company's policies and procedures covering the privacy of and access to personal data in compliance with organizational and regulatory requirements. Collaborates with Legal and Information Systems leadership to identify personal data risks and to establish procedures to mitigate these risks. Monitors and reviews progress of business units and trading partners to develop and implement data privacy strategies, goals, monitoring and reporting. Position reports directly to the Audit Committee of the Board of Directors with dotted line to the Chief Financial Officer.

Duties and Responsibilities:

  • Manages and maintains a strategic and comprehensive privacy program that defines, develops, and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI), paper and/or electronic, across all media types. Ensures privacy forms, policies, standards, and procedures are up-to-date.
  • Works with the Company's senior management and the Security Officer to maintain proper governance for the privacy program
  • Serves in a leadership role for privacy compliance
  • Collaborate with the Security Officer to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department
  • Maintains, with the Security Officer, an ongoing process to track, investigate, and report inappropriate access and disclosure of PHI Monitor patterns of inappropriate access and/or disclosure of PHI
  • Performs or oversees initial and periodic information privacy risk assessment/analysis, mitigation, and remediation
  • Conducts ongoing compliance monitoring activities in coordination with the Company's other compliance and operational assessment functions
  • Takes a lead role, to ensure the Company has and maintains appropriate privacy and confidentiality consents, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements
  • Oversees, develops, and delivers initial and ongoing privacy training to the workforce
  • Participates in the development, implementation, and ongoing compliance monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed
  • Manages all required breach determination and notification processes under HIPAA and applicable State breach rules and requirements
  • Maintains and administers a process for investigating and acting on privacy and security complaints
  • Performs required breach risk assessment, documentation, and mitigation. Works with Human Resources to ensure consistent application of sanctions for privacy violations.
  • Initiates, facilitates, and promotes activities to foster information privacy awareness within the organization and related entities
  • Maintains current knowledge of applicable federal and state privacy laws and accreditation standards
  • Works with the Company's administration, legal counsel, and other related parties to represent the Company's information privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard
  • Cooperates with the U.S. Department of Health and Human Service's Office for Civil Rights, State regulators and/or other legal entities in any compliance reviews or investigations
  • Serves as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues


  • Bachelor's degree in health information management or a related field with 3-5 years of experience in the privacy field
  • Knowledge and experience in state and federal information privacy laws, including but not limited to HIPAA
  • Demonstrated organization, facilitation, written and oral communication, and presentation skills
  • Recommended privacy certification such as Certified in Healthcare Privacy and Security (CHPS) and/or other healthcare industry related credential, e.g. RHIA, RHIT

Additional Requirements:

  • Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals
  • Demonstrated skills in verbal communication and listening
  • Demonstrated skills in providing excellent service to customers
  • Excellent writing skills
  • A high level of integrity and trust
  • Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient privacy
  • Health care legal, operational, and or financial skills