The Privacy Program Manager is responsible for communicating, driving and proactively monitoring compliance with all applicable federal (HIPAA) and state privacy laws in support of Collective Health’s Privacy Program. Reporting to the Chief Compliance and Privacy Officer, this position will act as a subject matter expert in the areas of healthcare privacy and will support the Privacy Officer and Senior Privacy Counsel to ensure that all aspects of the Privacy Program are fully implemented across the organization.

What you'll do:

• Manage day-to-day operations of the Privacy Program at the direction of the Privacy Officer.
• Lead Privacy Program initiatives to ensure business operations of Collective Health are supported and comply with state and federal privacy laws including, but not limited to data governance, disclosure of data, and systems access controls.
• Ensure all Privacy Program projects are completed timely and appropriately communicated to proper teams and leaders across Collective Health.
• Responsible for reviewing and drafting necessary privacy policies and other documents needed to align with company business practices, regulatory requirements, and programmatic functions.
• Responsible for creating and performing privacy audits, as needed, including SOC and HITRUST audits.
• Responsible for managing and auditing the Business Associate and vendor programs to ensure compliance with privacy laws and internal processes.
• Responsible for developing clear, digestible Privacy Program training materials, including annual Privacy Training.
• Responsible for triaging/responding to privacy inquiries/incidents, including the management of breach notification and reporting.
• Responsible for coordinating across teams (e.g., security, legal and compliance) to ensure the completion of privacy-related audits.
• Responsible for supporting and assisting with any third-party, privacy-based inquiries, audits or investigations.
• Responsible for assisting the Privacy Officer and Privacy Counsel with operational aspects of the Privacy Program.
• Reporting regulatory research and staying up-to-date with changes in laws, regulations and industry standards in healthcare privacy.
• Serve as a subject matter expert in the area of healthcare privacy regulations, including HIPAA.

To be successful in this role, you'll need:

• Bachelor's degree in a related field or other relevant professional experience; Masters or Juris Doctorate strongly preferred.
• 5-10 years experience working in healthcare or advising health care entities.
• Minimum of 5 years experience serving in a role supporting a HIPAA-based privacy program.
• Significant knowledge of privacy laws and regulations, including HIPAA and state laws, as applicable.
• Experience conducting complex privacy audits and/or investigations.
• Excels in a fast-paced, complex environment where business initiatives and priorities are constantly evolving
• Proven ability to build relationships and collaborate with a broad range of stakeholders, team members, and departments
• Outstanding judgment.
• Excellent communication and presentation skills
• Ability to work both independently and as part of multidisciplinary teams.
• CHPC certified, or certification eligible.

Pay Transparency Statement

This job can be performed from our Lehi, UT, or Plano, TX, office, or hired for remote work in the following states: CA, CO, CT, FL, GA, IL, MA, MI, MN, NJ, NY, NC, OH, OR, TX, UT, or WA. #LI-remote

The actual pay rate offered within the range will depend on factors including geographic location, qualifications, experience, and internal equity. In addition to the salary, you will be eligible for stock options and benefits like health insurance, 401k, and paid time off. Learn more about our benefits at https://jobs.collectivehealth.com/#benefits.