Sign upLog in
Jobs in Los Angeles, CA

JCOD HIPAA Program Manager

TPI Global (formerly Tech Providers, Inc.)

Los Angeles, CA

Apply
JOB DETAILS
SKILLS
Access Control, Adobe Acrobat, Analysis Skills, Auditing, Backend as a Service (BaaS), Business Administration, Cloud Computing, Cryptography, Customer Support/Service, Federal Laws and Regulations, HIPAA (Health Insurance Portability and Accountability Act), Healthcare, Healthcare Administration, Incident Management, Incident Response, Information/Data Security (InfoSec), Internal Audit, Leadership, Legal, Maintain Compliance, Microsoft Exchange Server, Microsoft Office, Microsoft Windows Azure, Negotiation Skills, Organizational Skills, People Management, Policy Development, Policy Evaluation, Presentation/Verbal Skills, Privacy Impact Assessment (PIA), Privacy Regulations, Procedure Development, Project/Program Management, Regulations, Regulatory Compliance, Retention Programs, Risk, Risk Analysis, Risk Management, Root Cause Analysis, Safety Codes, Safety/Work Safety, Security Auditing, Staff Training, Standard Operating Procedures (SOP), State Laws and Regulations, Team Player, Threat Modeling, Vendor/Supplier Evaluation
LOCATION
Los Angeles, CA
POSTED
3 days ago
Role: HIPAA Program Manager
Location: Los Angeles, CA, 90012 (Hybrid)
Duration: 12 months + Potential to extend / convert
 
Position Description
The HIPAA Program Manager (PM) works under the direction of the Chief Privacy Officer or user agency personnel and manages or oversees all aspects of one or more HIPAA compliance projects while interacting with mid-level officials of similar capacity at the user agency and private sector. The HIPAA PM will perform HIPAA compliance activities and data protection initiatives, with a particular focus on the County’s access to and the use of protected health information (PHI), in support of the Countywide Privacy Program. They will be responsible for performing HIPAA compliance auditing and monitoring functions, assisting with the development and enhancement of policies and procedures as required by the HIPAA Privacy Rule, provide guidance to County departments about privacy impact assessments and HIPAA risk assessments, provide guidance about the assessment of HIPAA and Privacy policy violations and/or incident response investigations, perform and evaluate HIPAA risk assessments and privacy risk assessments, participate in the review and update of the HIPAA and Privacy Awareness trainings and educational activities, and conduct HIPAA-focused presentations at events. The HIPAA PM is responsible for having in-depth knowledge of federal and state health privacy laws and regulations (strong focus on California laws), including those governing access, release of information and security technologies such as, but not limited to HIPAA, HITECH Act, CA Civ Code §1798.29, CMIA, Health & Safety Code, section 1208.15;will evaluate situations against federal and state health privacy laws and regulations (strong focus on California laws);determine key business issues and develop appropriate plans from multidisciplinary perspectives;advise on HIPAA compliance programs, including incident management;understand internal auditing standards. The HIPAA PM evaluates organizations existing policies and procedures for HIPAA compliance by performing and evaluating HIPAA risk assessments and privacy risk assessments. They will work with and maintain confidential information;be organized to analyze and synthesize information quickly;and be able to work independently in a fast-paced environment.   
 
Skills Required
The HIPAA PM will possess knowledge and experience in customer service;decision making;flexibility;interpersonal skills;organizational awareness;written and oral communication;planning and evaluating;analysis and risk management;independence;and be proficient in Microsoft Office and Adobe Acrobat software.     
Ability to operationalize HIPAA requirements into workflows, SOPs, and procedures.
Technical knowledge of security controls, audit logging, system risk, and cloud environments (e.G., Azure/M365). Skills in data governance, retention strategy, and developing archiving/“hot vs. Cold”storage plans.
Experience supporting governance structures, charters, and escalation processes.
Expertise in PHI workflow mapping across systems and divisions. Strong incident response and root-cause analysis capabilities. Advanced HIPAA training development and presentation skills.             
 
Experience Required
This classification requires at least a minimum of four (4) years of experience on privacy requirements in healthcare settings and healthcare industry operations, including: HIPAA policy development and governance, HIPAA compliance monitoring, privacy impact assessments (PIAs) and HIPAA risk assessments, third party vendor risk assessments, HIPAA compliance audits, and training. At least three (3) years of that experience must be with HIPAA requirements, incident response investigations, and breach notification laws/regulations.  
3 years of experience leading or managing HIPAA compliance implementation projects or transitioning an organization into HIPAA-covered entity status.
3 years of experience working directly with IT teams on HIPAA Security Rule safeguards, including access control models, audit logging, encryption, retention models, and cloud-based data governance.
2 years of experience developing or enforcing data retention schedules, PHI lifecycle governance, or data archiving strategies (e.G., “hot”vs. “cold”storage models).
3 years of experience coordinating HIPAA or data privacy work across multiple divisions (e.G., Legal, IT, Fiscal, Contracts, Program Operations) and preparing executive-level briefings.
3 years of experience operationalizing HIPAA policies into SOPs, workflows, staff procedures, and implementation guides.
3 years of experience conducting HIPAA risk assessments, Privacy Impact Assessments (PIAs), threat modeling, or HIPAA audit readiness assessments.
3 years of experience managing HIPAA incident response investigations, performing root-cause analysis, and applying federal and breach laws .
2 years of experience reviewing, negotiating, or operationalizing HIPAA-related Business Associate Agreements (BAAs), Data Exchange Agreements (DEPAs), or third-party HIPAA vendor risk assessments.
2 years of experience developing or delivering HIPAA or privacy-focused training to staff, managers, contractors, or providers.
2 years of experience managing multi-phase compliance or regulatory projects using GANTT charts or other structured project-management tools
 
Education Required
This classification requires the possession of (a) a bachelor’s degree or higher, and
(b) a certification in one or more of the following: Certified in Healthcare Compliance (CHC), Certified in Healthcare Privacy Compliance (CHPC), Certified Information Privacy Professional/United States (CIPP/US) or Certified Information Privacy Manager (CIPM) certification. The certification is required and may not be substituted with additional experience.
An advanced degree, including a Master’s in Business or Healthcare Administration, Master of Laws (LL.M), or Juris Doctor, may be substituted for two (2) years towards the minimum years of experience.
 

About the Company

T

TPI Global (formerly Tech Providers, Inc.)

Similar Job Searches

Area Director JobsArea Manager JobsArea Supervisor JobsAssistant Director JobsAssistant General Manager JobsAssistant Manager JobsAssistant Supervisor JobsClub Manager JobsDepartment Manager JobsDepartment Supervisor Jobs