Job Search

One Mission. More Than Half a Million Reasons.
As we empower every New Yorker
to live the healthiest life possible.

Share This Job
Job Details

Privacy Specialist

Job Ref: 80573
Category: Professional
Department: OFFICE CORPORATE COMPLIANCE
Location: 50 Water Street, 7th Floor, New York, NY 10004
Job Type: Regular
Employment Type: Full-Time
Salary Range: $90,000.00 - $102,315.00

Empower. Unite. Care.

MetroPlusHealth is committed to empowering New Yorkers by uniting communities through care. We believe that Health care is a right, not a privilege. If you have compassion and a collaborative spirit, work with us. You can come to work being proud of what you do every day.

About NYC Health + Hospitals

MetroPlusHealth provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Exchange, Partnership in Care, MetroPlus Gold, Essential Plan, etc. As a wholly-owned subsidiary of NYC Health + Hospitals, the largest public health system in the United States, MetroPlusHealth's network includes over 27,000 primary care providers, specialists and participating clinics. For more than 30 years, MetroPlusHealth has been committed to building strong relationships with its members and providers to enable New Yorkers to live their healthiest life.

Position Overview

The Privacy Specialist reports to the Director of Corporate Compliance and Privacy. The Privacy Specialist will support the oversight and management of Corporate Compliance and Privacy activities, including assisting in the review of privacy policies, investigating reports of non-compliance and privacy complaints or alleged violations, addressing and tracking inquires received via the privacy officer inbox, responding to all privacy related questions, managing breach notifications and remediation efforts, monitoring and auditing business areas, supporting the organization with corrective actions and contributing to the annual Compliance risk analysis and Work Plan. Ensuring the Corporate Compliance and Privacy Program and related trainings are accurate and up to date.

Job Description

  • Assist the Director of Corporate Compliance and Privacy in the development of the annual risk assessment and implementation of the annual work plan
  • Responsible for the initial screening, timely investigation, and triaging of privacy matters
  • Ensuring a thorough and comprehensive investigation of the alleged privacy violation is performed, including data gathering, analyses, interviews, and issuing a final report
  • Essential to this role is the ability to track and trend emerging issues and work with the Director to develop a respond on an organizational level for systemic issues
  • Must be able to perform a breach incident assessment
  • Compile packet for self-disclosure in the event of a breach and draft required member notification
  • Ensures all privacy requirements for notifications are met
  • Manage ongoing monitoring activities and develop and execute audits as identified in the annual compliance work plan
  • Needs to exhibit full ownership of work plan items as assigned, requiring little direction from supervisor
  • Research and respond to questions and concerns relating to privacy matters, including Part 2, NYS Mental Hygiene Laws, etc. with internal parties
  • Develop, issue, and monitor corrective action plans as issues arise from ongoing monitoring and auditing activities. Must be able to track, trend and escalate matters as needed
  • Annually, reviews privacy notices regulated by the federal government as well as DFS
  • Ensures annual mailings are completed as required
  • Creating, reviewing, and submitting internal and external reports as required
  • Will need to engage with leadership from various areas and vendors to compile information needed for response. Includes data submitted for the Internal Compliance Committee and the Audit and Compliance Committee of the Board of Directors
  • Responsible for ensuring P&Ps related to Corporate Compliance are reviewed and updated on an annual basis and as regulatory changes occur
  • Assists in gathering supporting documents related to our privacy program evaluation conducted by a third party
  • Must remain abreast of emerging topics and issues impacting privacy on the State and Federal level. If any changes impact the organization, must be able to work across departments to ensure proper implementation of items
  • Manage the Privacy Officer email inbox, including tracking and addressing inquiries
  • Support the Director of Corporate Compliance and Privacy with any required regulatory reporting
  • Other duties as assigned or requested

Minimum Qualifications

  • A Bachelor’s degree required
  • Minimum 3-5 years of experience in a privacy related function
  • Experience in Managed Care preferred
  • Knowledge and understanding of applicable privacy laws and regulations such as 42 CFR Part 2, HIPAA, NYS Mental Hygiene Laws, etc.
  • Prior successful experience working with regulators on privacy audits, reporting and other matters
  • Experience managing complicated projects, keeping track of details, and staging work to deliver projects on time
  • Proven ability to articulate regulatory requirements to business and technical staff to capture information and achieve results
  • Experience with developing reporting and metric

Professional Competencies

  • Broad-based in-depth knowledge of the managed care industry, including: strategic compliance planning, regulatory concerns, compliance requirements, and corporate integrity principles
  • The ability to comprehend and interpret regulatory, legislative, and contractual mandates
  • Experience with managed care, Medicare and federal and/or state regulations, quality improvement and compliance oversight
  • High-level of skill in leading interdepartmental and cross-functional strategy development; experience managing professional staff on multiple projects to ensure corporate deadlines and objectives are met. Simultaneously manage multiple projects.
  • Excellent oral, written, and presentation skills, as well as conceptual and analytic skills are necessary in order to review and articulate corporate objectives and Federal regulations across all relevant audiences
  • The utmost integrity in the discreet and confidential handling of confidential materials is necessary
  • Demonstrated knowledge of managing and building relationships with stakeholders, including senior management, with strong influencing and negotiation skills
  • Excellent interpersonal skills with a high level of diplomacy and political awareness, and ability to work effectively as a member of the senior management team.
  • Sound working knowledge of Windows-based software packages, including Word, Excel, PowerPoint, SharePoint, and Visio as well as online/Internet-based research tools