HIM Privacy Manager 9/16/2016
JOB DESCRIPTIONAPPLY ABOUT US
As a not-for-profit organization, Partners HealthCare is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Womens Hospital and Massachusetts General Hospital, Partners HealthCare supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research.
Were focused on a people-first culture for our systems patients and our professional family. Thats why we provide our employees with more ways to achieve their potential. Partners HealthCare is committed to aligning our employees personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal developmentand we recognize success at every step.
Our employees use the Partners HealthCare values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk, and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.
Under the general direction of the Site Administrative Manger of Health Information Management, the Privacy Manager is responsible for ongoing activities related to the development, implementation and maintenance of a hospital-wide privacy and security program. Identification and maintenance of appropriate level of resources (human and technical) to carry out the functions and operations of the Privacy Office. Operational management of a privacy and security compliance assurance program. To assist Health Information Services in identifying, managing and reducing risk (i.e. compliance, quality of care, medical identity theft and reimbursement issues) associated with inadequate privacy and security standards or tools in place.
PRINCIPAL DUTIES & RESPONSIBILITIES
Establish, implement and maintain an ongoing, hospital-wide privacy and security compliance, education and training program. This includes
* Facilitating and promoting activities to foster privacy and confidentiality awareness throughout the hospital.
* Establishing and administering a process for receiving, documenting, tracking, investigating, and taking action on all complaints and reported incidents concerning potential violations of patient privacy and confidentiality.
* Ensuring compliance with privacy and information security policies and practices and consistent application of sanctions for failure to comply for all staff and employees, in cooperation with Human Resources, as applicable.
* Maintaining preparedness and providing timely response to Office of Civil Rights, DPH, CMS, other legal entities, and organization officers in any compliance reviews, audits or investigations.
Responsible for having a thorough working knowledge of all departmental policies and procedures as well as all aspects of the functionality of the unit, including any applications used within the unit and other applications used within the department.
Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information privacy technologies to ensure Hospital adaptation and compliance.
Establish and maintain a positive and productive team environment and a stable work environment through leadership, mentoring and coaching staff. Supervise staff in the day-to-day operational functions of the unit. Manage and delegate assignments of team resources in operations of the unit as well as other projects. Manage daily and on-call scheduling and timekeeping for unit team, including PTO approvals, and management of timekeeping exceptions
Facilitate training and provide direction and guidance to direct reports in a complex environment to ensure that all staff are appropriately informed, trained, guided, supported and evaluated. Work to develop staff for operational projects and leadership roles.
Hire, manage and develop staff of privacy specialists. Evaluate overall employee performance, authoring annual reviews, and developing the career action plans for staff in a timely manner. Work with staff to develop an individualized professional development plan by setting clear goals. Monitor the quality of work performed by staff throughout the fiscal year. Provides orientation and training to new staff regarding the operational and system policies and procedures.
Perform ongoing, hospital-wide privacy risk assessments in response to changing environment, operational changes or significant events in order to continually safeguard patient and employee confidential and protected health information. Work collaboratively and consult with site information security officer to identify and refer matters requiring ISO participation or an information security risk assessment. Establishes with management and operations a mechanism to track access to protected health information, within the purview of the Hospital, as required by law, and to allow qualified individuals to review or receive reports on such activities. Works cooperatively with appropriate managers and other administration in overseeing patients rights to inspect, amend, and restrict access to protected health information.
Participate in the development and maintenance of up to date documentation (privacy and confidentiality consent documents, authorization forms, and information notices), resources (publications, newsletters, web site, seminars, etc.) policies, procedures, business associate agreements, and guidelines that reflect current hospital and legal practices and requirements. This is done in collaboration with legal counsel, compliance, site management, and medical staff leadership to facilitate education and awareness of the hospitals approach and ongoing adherence to HIPAA.
Promote and encourage high quality customer service to all Partners departments, entities and affiliates through on-going communication, feedback and follow-through with customers and peers. Collaborate with clinicians and other health professionals in order to accomplish goals and maintain relationships required for cross departmental cooperation and projects.
Serve as internal privacy consultant to all clinical inpatient and ambulatory departments as well as non-clinical departments.. Serves as a member of the enterprise and site Privacy and Security Committees and other meetings as assigned. Participate in professional development activities offered by relevant organizations and share information with committees and departmental staff.
Uses the Partners HealthCare values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk, and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration
* Bachelors Degree in health information or related area. Masters Degree in health care area or Law Degree strongly preferred.
* 5-7 years of progressive health related managerial experience.
* 5-7 years privacy and security or compliance experience
SKILLS, ABILITIES, AND COMPETENCIES
Exhibits strong professionalism and a highly proficient persona. Individual must possess the knowledge, skills and abilities in order to gain credibility as the internal privacy and security expert/consultant.
Identifies privacy and information