The CHRISTUS Trinity Clinics Privacy Manager will help execute CHRISTUS' Corporate Compliance and Privacy Work Plans for CHRISTUS Trinity Clinics. The Manager will facilitate the region's compliance with Privacy with both federal and state laws and regulations. Additionally, the Manager will investigate actual and suspected privacy incidents and report findings in accordance with CHRISTUS Policies and processes. The manager helps ensure compliance with privacy regulations and integrity of internal controls; recommends improvements in internal control structure; reviews medical records in the course of privacy investigations or monitoring activities.
Assist the CHRISTUS Director of Privacy with auditing and monitoring business units to ensure compliance with federal and state privacy laws and regulations, including but not limited to Health Information Technology for Economic and Clinical Health (HITECH) Act;
Assist the CHRISTUS Director of Privacy with execution of the CHRISTUS Health System annual work plan, which addresses business risks and exposures related to the healthcare industry, including regulatory compliance and privacy initiatives, the OIG's work plan, senior leaderships' goals and objects, and issues that arise in the course of day-to-day operations;
Work with business units to identify privacy gaps and deficiencies;
Participate in the development of appropriate workflows and corrective actions to address identified gaps and deficiencies. Assist with developing compliance and privacy risk assessments for gaps identified and make recommendations for improvements;
Conduct regular Privacy Reviews to monitor employees' privacy knowledge;
Take a proactive approach to implement systems and processes to prevent and/or mitigate privacy concerns in the region;
Ensure CHRISTUS maintains appropriate privacy and confidentiality consent forms, authorization forms, Notice of Privacy Practices, and information notices and materials;
Work with identified departments to develop and implement operational privacy training.
Work with business units to develop monitoring metrics, identify and provide input on department-level policies and procedures, as appropriate, and assist in developing/delivering specialized operational training for department employees;
Collaborate with Information Security Officer or their regional designee to perform annual risk assessments. Assist in the development of a plan for assessing access to PHI and PII by employees, consultants, and business associates;
Assist in the development and/or execution of a complaint workflow so that departments can timely report privacy complaints received from patients, regulatory entities or internal privacy events, to the CHRISTUS Director of Privacy;
Investigate suspected or reported incidents involving the use, disclosure, and storage of PHI including potential breaches, patient complaints, and OCR complaints;
Assist the CHRISTUS Director of Privacy and businesses in the preparation and coordination of regulatory audits, including OIG, OCR, and accreditation agencies;
Work with the CHRISTUS Director of Privacy to prepare submission of required reporting of compliance incidents and/or HIPAA breaches to Federal and State regulators, as appropriate;
Coordinate with patients whose PHI has been breached or who have reported a concern;
Coordinate with IT Security Officer or regional designee regarding security issues;
Assist in the completion of annual Compliance and Privacy risk assessment processes;
Track Privacy training completion for your area of responsibility;
Ensure Business Associate Agreements (BAAs) are updated within your region and area of responsibility;
Maintain current knowledge of applicable federal and state laws applicable to healthcare privacy;
Maintain rapport with business units to facilitate solid communications;
Serve as a resource for questions regarding application of relevant laws and regulations and the privacy program policies and procedures;
Provide appropriate CHRISTUS Director of Privacy, CHRISTUS Clinic Management Services Compliance Director, and the Vice President and Chief Compliance and Privacy Officer for regional and system board reporting;
Provide or direct compliance or privacy education, as permitted;
Develop and deliver course content for targeted training initiatives as directed by the annual work plan;
Initiate, facilitate, and promote activities to foster awareness of privacy within all entities;
Coordinate and conduct, whenever possible, privacy monitoring "walkthroughs" at entities;
Respond to and resolve privacy related issues received via the CHRISTUS Health Integrity Line;
Maintain a process to document and track the progress of investigations and mitigation of privacy issues in the incident management system (e.g., Privacy Pro, Ethics Point, etc.);
Prepares the regional report for the system Compliance Office and Board of Directors, as directed by the CHRISTUS Director of Privacy;
Research compliance, HIPAA Privacy and other privacy regulations as needed or requested and provide written guidance to affected parties;
Keep the CHRISTUS Clinic Management Services Compliance Director updated and informed on privacy incidents/breaches for general awareness and for reporting purposes; and
Other projects and duties as assigned.
Bachelor's Degree required; prefer in business, accounting, health care administration, legal
Knowledge of HIPAA Privacy
Working knowledge of hospital/clinic operation processes
Knowledge of audit and investigation techniques
Minimum of 3 to 5 years general healthcare experience with knowledge of hospital/clinic operations, physician services and health plan requirements.
Prefer 5 years of general privacy experience
Prefer 4 years of experience in regulatory research and knowledge of federal and state law
CHRISTUS HEALTH is an international Catholic, faith-based, not-for-profit health system comprised of almost more than 600 services and facilities, including more than 60 hospitals and long-term care facilities, 350 clinics and outpatient centers, and dozens of other health ministries and ventures. CHRISTUS operates in 6 U.S. states, Colombia, Chile and 6 states in Mexico. To support our health care ministry, CHRISTUS Health employs approximately 45,000 Associates and has more than 15,000 physicians on medical staffs who provide care and support for patients. CHRISTUS Health is listed among the top ten largest Catholic health systems in the United States.
Since 1975, the American Association for Physician Leadership has helped physicians develop their leadership skills through education, career development, thought leadership and community building.
Now more than ever, physicians are leaders in their organizations and communities. The American Association for Physician Leadership® maximizes and supports physician leadership through education, community, and influence.