Ready to help us transform healthcare? Bring your true colors to blue.
The Privacy Program Manager will, with direction from the Privacy Officer, support the BCBSMA Privacy Program. The Manager works collaboratively with relevant business areas on matters related to the protection of personal health information. The Manager will be responsible for managing the Privacy Program, including coordination of activities related to the development, implementation, maintenance of, and adherence to, BCBSMA's privacy policies and procedures regarding the handling of personal health information. The Privacy Program Manager will promote privacy training and education throughout the company and work with business unit leaders to ensure all associates have the requisite information and knowledge to protect members' health information consistent with applicable policy, practice and regulation. In addition, the Privacy Program Manager will assist the Privacy Officer and other business units with drafting and negotiating various forms of confidentiality agreements with accounts, vendors and other third-parties. This position will have a high-level of visibility and will require professionalism, leadership, collaboration and innovation.
- Assure privacy practices and policies are developed and communicated. Support compliance with privacy laws, regulations and policies; develop monitoring plan.
- Manage process for receiving, documenting, tracking, investigating, and taking action on all privacy-related data events and complaints concerning the organization's privacy policies and procedures in coordination and collaboration with other business units and, as necessary, legal counsel.
- Monitor current privacy trends, legislation and activities, and work collaboratively to implement best practices, maintain awareness of external privacy/security regulations impacting BCBSMA business operations; participate in internal response/readiness; modify policies as indicated
- Initiate, facilitate and promote activities to foster information privacy training and awareness within the organization, including developing and implementing company-wide Privacy training and awareness program Newsline tips and other forms of general workforce awareness.
- Manage the Privacy Oversight structure including the Privacy and Security Champion Council Meetings; and reports to the Compliance Oversight Committee by developing agenda items/speakers, managing meeting materials and meeting schedules, anticipating reporting requirements and updates to Compliance Oversight Committee
- Working with legal counsel, management, key departments, and committees to ensure the organization has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements.
- Develop a distribution and communication plan for relevant privacy program initiatives including policy manual updates, departmental monitoring activities, internal/external document revisions, and training and awareness campaign among others.
- Assist the Privacy Officer and other business units with drafting and negotiating various forms of confidentiality agreements with accounts, vendors and other third-parties.
Knowledge, Skills and Abilities:
- The successful candidate will be able to effectively partner with business areas in the development of operational solutions and strategies.
- Highly-developed problem-solving, analytical and prioritization skills.
- Highly effective written, oral and interpersonal communication skills to address a wide variety of sophisticated audiences.
- Demonstrate professionalism, discretion and judgment through sound decision-making to obtain solutions through collaborative efforts with a wide-variety of offices and departments
- Thorough understanding of state and federal statutes, laws and regulations, industry standards, trends and/or regulatory requirements in expertise subject area.
- Experience in conducting investigations.
- Ability to productively assemble, engages, and leads cross-functional teams and leading projects from start to finish.
- Demonstrated critical thinking skills and ability to implement strategic policy recommendations.
- Works well in a complex and evolving environment; remains adaptable to meet the needs of the organization.
- Demonstrated project management skills including determining project scope, creating and managing project plans, facilitating effective team meetings, and completing projects required.
Education and Experience:
- Bachelor’s degree required; Paralegal degree strongly preferred or paraprofessional experience in legal assistant work or demonstrated major in paralegal studies
- Minimum four (4) years direct HIPAA/privacy law experience, five (5) years of relevant audit, privacy, compliance or other relevant experience preferably in health care organization but other experience in non-health care field will be considered.
- Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified in Healthcare Compliance (CHC), Certified HIPAA Professional (CHP) or equivalent professional certification is preferred