Executive Director, Chief Privacy Officer
POSITION SUMMARYThis position acts as the Privacy Officer for the system and is responsible for leading the system’s privacy compliance program, including providing leadership in the development, implementation and oversight of patient, member and employee privacy strategies, standards, policies, and procedures. The incumbent is responsible for the building and implementation of, an accountable, patient, member, employee privacy-conscious culture and system privacy compliance infrastructure with the objective of ensuring the organization is in compliance with all applicable regulatory requirements, including federal and state requirements. The incumbent serves as the primary advisor to the organization’s senior management team on matters related to patient, member and employee privacy and related risks. The incumbent is responsible for the on-going monitoring and auditing of all information privacy initiatives, projects, and operational activities to provide optimal patient, member and employee privacy effectiveness and efficiencies.In addition, this position is responsible for leading system privacy investigations and coordinating the system’s response to privacy incidents and breaches in collaboration with legal counsel.CORE FUNCTIONS1. Provides leadership in development, implementation, and oversight of patient, member and employee privacy system-wide / regional standards, programs, and / or systems in order to achieve desired and integrated strategic business initiatives, objectives, and outcomes including, but not limited to, growth, accountability and patient care.2. Directs, supervises, and evaluates the work of staff and managers as assigned. Holds staff accountable for achieving plans and performance targets. Works with staff to identify and resolve the most complex issues and problems impacting care coordination programs. Supports development and continued professional growth to meet company and individual goals for long-term success. Demonstrates an expectation for continuous quality improvement utilizing processes that include consideration of all stakeholders.3. Builds and supports effective relationships with internal and external stakeholders and organizations. Develops partnerships, coordinates activities, reviews work, exchanges information, and / or resolves problems related to care coordination programs.Works collaboratively with legal counsel on confidential, sensitive, and privileged matters.4. Directs and participates in the development, implementation, and consistent application of effective organizational policies, procedures, and practices. Develops and supports internal controls to ensure that assets are safeguarded, policies and operating procedures are followed, necessary controls are effective and efficient, and compliance with current laws and regulations is achieved.5. Develops and oversees appropriate budgets to meet corporate goals and objectives. Meets annual budgetary goals. Translates organizational plans, goals, and initiatives into assumptions for annual operating and / or capital budgets. Negotiates contracts with external vendors for products and / or services and monitors / evaluates quality and / or performance. Manages and reports expenditures.6. Communicates the department vision, translating it into actionable projects and activities. Maximizes management staff’s contributions and assures timely decision-making reflecting the mission, vision, and values of the system.7. Reviews, prepares, analyzes, and presents reports and recommendations to senior leadership regarding operations, programs, services, and / or other applicable areas of interest in order to provide concise and accurate information that aids in decision-making.Presents reports and / or privacy-related incident response updates to board-level committees as needed.8. Pursues continuing education and professional organization memberships to advance knowledge of healthcare and privacy. Maintains a working knowledge of applicable Federal, State, and local laws and regulations, Banner Health’s Corporate Integrity Program, Code of Ethics, as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.9. This position has administrative leadership responsibility for the daily operation of multiple services and departments within a broad division. This position requires the skill to negotiate. Customers of this position are both internal and external, including leadership, staff, medical staff, regulatory agencies, and the community.10. Performs all functions according authority for employment actions, including coaching, candidate selection, training and development, performance appraisals, work assignments, and disciplinary action. This position also has budgetary responsibility.Banner Health Leadership will strive to uphold the mission, values, and purpose of the organization. They will serve as role models for staff and act in a people-centered, service excellence-focused, and results-oriented manner.MINIMUM QUALIFICATIONSThis position requires knowledge typically attained through completion of a Bachelor’s Degree in health information management, business, healthcare administration or equivalent.At least ten years of experience in state and federal privacy laws, privacy-related regulatory guidance, privacy incident response, and compliance program oversight.Must understand HIPAA and state and federal regulations for confidentiality and accreditation requirements. Must have experience influencing and facilitating organizational change. Requires experience in managing large, complex corporate projects and activities.PREFERRED QUALIFICATIONSMaster’s Degree and / or Doctor of Jurisprudence (JD) from an American Bar Association accredited school is preferred.Certification in Healthcare Privacy Compliance (HPC) from the HCCA is preferred.Additional related education and / or experience preferred.EOE / Female / Minority / Disability / VeteransOur organization supports a drug-free work environment.Privacy Policy