Manager, Privacy and Records Governance

Benefits

Additional Information

Extraordinary Careers. Endless Possibilities. With the nation's largest home infusion provider, there is no limit to the growth of your career. Option Care Health, Inc. is the largest independent home and alternate site infusion services provider in the United States. With over 8,000 team members including 5,000 clinicians, we work compassionately to elevate standards of care for patients with acute and chronic conditions in all 50 states. Through our clinical leadership, expertise and national scale, Option Care Health is re-imagining the infusion care experience for patients, customers and team members. Join a company that is taking action to develop an inclusive, respectful, engaging and rewarding culture for all team members. At Option Care Health your voice is heard, your work is valued, and you're empowered to grow. Cultivating a team with a variety of talents, backgrounds and perspectives makes us stronger, innovative, and more impactful. Our organization requires extraordinary people to provide extraordinary care, so we are investing in a culture that attracts, hires and retains the best and brightest talent in healthcare. Job Description Summary: The Privacy Manager supports and advances the company's enterprise privacy program, helping to ensure compliance with HIPAA, applicable state privacy laws, records management requirements, and emerging AI and digital health governance obligations. This role leads day-to-day privacy and records governance operations, including oversight of third-party contractors, and supports enterprise efforts related to privacy incident response, privacy risk management, records life cycle governance, and continuous enhancement of organizational controls. The Privacy Manager serves as a key cross functional partner in supporting responsible innovation, including AI enabled initiatives, while helping safeguard company and patient information and strengthen the organization's privacy and information governance framework. This role reports to the Vice President, Chief Privacy Officer and Data Protection and sits within the company's Compliance and Privacy function. Job Description: Job Responsibilities (listed in order of importance and/or time spent) Incident & Breach Management: Manage day-to-day privacy incident intake, tracking, investigation support, and resolution, including maintaining accurate records of incidents, audits and assessments. Support breach response activities, including drafting patient and regulatory notifications, coordinating with internal stakeholders, and assisting with regulatory submissions as appropriate. Administer and optimize privacy program tools (e.g. Radar, TrustArc) to support incident management, assessments, and reporting. Prepare privacy incident and trend reporting for leadership and regulatory purposes, including identifying opportunities for control improvement. Privacy Program Enhancement & Governance: Support continuous improvement of the enterprise privacy program through enhancements to policies, controls, metrics, processes, and supporting tools. Partner with the Vice President, Chief Privacy Officer & Data Protection to translate evolving privacy, AI, and digital health requirements into practical governance and operational practices.Manage third-party contractors and external resources supporting privacy program initiatives and operations. Support governance for the company's processes to conduct de-identification of sensitive data Compliance Monitoring, Privacy Risk Assessment & Assurance: Conduct privacy audits, monitoring, and compliance assessments to evaluate adherence to HIPAA, applicable state privacy laws and organizational policies. Perform privacy risk assessments for new projects, business development initiatives, vendors, technologies, and AI-enabled initiatives, and support remediation of identified gaps. Track and analyze privacy program metrics and prepare reporting and presentations for leadership. Policy, Training and Awareness: Develop, review and update privacy policies, standards, and procedures under the direction of the Vice President, Chief Privacy Officer & Data Protection. Support enterprise privacy training, awareness, and educational initiatives that promote a strong culture of privacy and responsible data stewardship. Records & Information Governance Manage day-to-day administration of the company's record management program including records retention defensible disposition records classification and policy implementation. Help develop and maintain records retention schedules procedures and governance standards consistent with legal regulatory operational and business requirements. Oversee third party vendors and contractors supporting record storage retrieval retention and destruction activities. Partner across the organization to strengthen information lifecycle management practices including appropriate retention minimization and secure disposition of information assets. Supervisory