Skip to main content
Back to jobs

Privacy Analyst (Hybrid) - Faculty Practice Plan

External
Washington University in St. Louis logoWashington University In St. Louis · Washington University Medical Campus
Full-timeOn-siteToday
AuditingClassificationComplianceDocumentationElectronic Health RecordsEpic
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Requirements

  • Audit Management, Clinical Care, Conducting Investigations, Electronic Health Records (EHR)
  • Driver's License:
  • A driver's license is not required for this position.
  • More About This Job
  • WashU seeks highly motivated individuals who are able to perform duties in a manner consistent with our core mission and guiding principles.
  • Education:
  • No additional education unless stated elsewhere in the job posting.
  • Certifications /Professional Licenses :
  • Work Experience:
  • No additional work experience unless stated elsewhere in the job posting.
  • Data Compilation, Deadline Management, Epic EHR, Health Care, Healthcare Auditing, Health Information, HIPAA Regulations, Microsoft Office, Nursing Fundamentals, Oral Communications, Working Independently, Written Communication
  • Grade
  • G11
  • Salary Range
  • $53,100.00 - $90,600.00 / Annually
  • The salary range reflects base salaries paid for positions in a given job grade across the University. Individual rates within the range will be determined by factors including one's qualifications and performan

Benefits

Health insurance

Additional Information

Scheduled Hours 40 Position Summary Responsible for managing all HIPAA incidents, privacy complaints, and reports of suspected inappropriate access to our clinical applications. Serves as an expert on HIPAA Privacy and provides guidance to workforce members on HIPAA related questions, concerns or incidents. Job Description Primary Duties & Responsibilities: Assumes primary responsibility for the initial screening of, timely investigation, triaging and documentation of HIPAA incidents and complaints. Conducts thorough and comprehensive investigations, including data gathering, analysis, interviews, report writing and initiation of corrective action. Ensures timely assessment of incidents to include documentation of risk assessments and breach notification. Manages our privacy monitoring program focused on access to our clinical applications in conjunction with our vendor partner, Fair Warning. Performs timely review of the alerts and conducts thorough and comprehensive investigations, including data gathering, user interviews performed in coordination with Human Resources, analysis of access patterns and documentation of findings. Recommends corrective action and sanctions in conjunction with Human Resources. Ensures timely assessment of alerts to include documentation of risk assessments and breach notification. Serves as an expert on the HIPAA Regulation, University privacy and security policies and procedures and privacy and security resources. Advises workforce members on application of above to specific scenarios in a timely fashion. Assists HIPAA Privacy Educator with developing and promoting activities intended to foster privacy awareness and knowledge across the entire enterprise. Conducts on-site privacy monitoring of clinical areas and business units and performs desk audits to ensure compliance with regulations and policies. Works collaboratively with departments to implement corrective action plans if indicated. Creates and maintains dashboard reporting on HIPAA Privacy Office activities to document adherence to the HIPAA Regulations. Dashboard includes reported incidents, privacy monitoring alerts, disclosures, breaches, sanctions, training and patient's acknowledgement of the offer of Notice of Privacy Practice. Serves as a resource to departmental HIPAA liaisons, including providing orientation to new liaisons, maintaining resources and an updated liaison contact list and offering frequent reminders and education. Assists patients in exercising their patient privacy rights, including amending their medical records, receiving an accounting of the disclosures of their medical records, requesting restrictions on access to their medical records and other rights related to patient privacy. Works collaboratively with BJC compliance and other covered entities to investigate HIPAA incidents. The above statements are intended to describe the general nature and level of work performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all job duties performed by the personnel so classified. Management reserves the right to revise or amend duties at any time. Required Qualifications Education: Bachelor's degree or combination of education and/or experience may substitute for minimum education. Certifications /Professional Licenses : No specific certification/professional license is required for this position. Work Experience: No specific work experience is required for this position.


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Washington University in St. Louis? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect