The HIPAA Privacy Officer's general responsibilities are to oversee and serve as the subject matter expert for all HIPAA-related compliance activities, including the development, implementation and maintenance of appropriate privacy- and security-related policies and procedures; conduct various risk analyses, as needed or required; manage breach notification investigations, determinations, and responses, including breach notifications; develop and/or conduct appropriate privacy and security training for all workforce members, as appropriate; and delegate a Privacy Officer designee for each covered department, as appropriate.
1.Develop, establish, conduct, implement
Develop, establish and maintain processes, policies, documentation for HIPAA and privacy security for Ohio University.
Develop, implement and maintain appropriate privacy and security related policies and procedures and advises the University on the compliance implications of any new or existing policies.
Conduct ongoing compliance monitoring activities and investigate high impact issues in coordination with other compliance functions at OU.
Participate in the development, implementation and ongoing compliance monitoring of all third party vendors/business partners, to ensure all privacy concerns, requirements and responsibilities are addressed.
Establish a mechanism to track access to PHI in the organization and to allow qualified individuals to review or receive a report on such activity
Establish and administer a process for receiving, documenting, tracking, investigating and resolving all complaints concerning OU's privacy policies and procedures, and collaborate with legal counsel to respond, as necessary.
Develop or obtain appropriate privacy and security training for all workforce members, as appropriate
2.Collaborate, serve, cooperate
Collaborate with OU administration, compliance officer and legal to establish/maintain a University-wide Privacy Oversight Committee (could be HIPAA steering)
Serve in leadership role for the University-wide Privacy Oversight Committee.
Delegate a Privacy Officer designee for each covered department, as appropriate
Work with legal counsel and key departments to ensure OU maintains appropriate privacy and confidentiality consent forms, authorization forms, and information notices and that such materials reflect current OU practices and requirements.
Work cooperatively with any HIPAA covered components (including health plan) to oversee compliance with rights to access, amendment, accounting of disclosures, restrictions, and confidential communications, when appropriate.
Ensure compliance with OU privacy policies and procedures, and work with HR, IT, and legal counsel to ensure consistent application of sanctions for employee violations of such policies and procedures.
Serve as a member of, or a liaison to, OU's IRB.
Work with IT to review all OU information security plans to ensure alignment between security and privacy practices.
Serve as information privacy consultant to all departments.
Cooperate with OCR, other regulators, and organization officers in any compliance reviews or investigations.
3.Professional development and organizational culture
Maintain current knowledge of applicable federal and state privacy laws and regulations related to HIPAA
Maintain current knowledge of applicable accreditation standards,
Maintain knowledge of university policies that govern the ethical conduct of behavioral and clinical research involving behavioral and clinical research involving human subjects
Collaborate with IT to monitor advancements in information privacy and security technologies to ensure OU's adaptation and compliance
Fosters a work environment emphasizing excellence, collaboration, integrity, trust, and diversity
Maintains sensitive and confidential information
- Must have completed a minimum of a Bachelor’s Degree in a field that is relative to this position.
-Must have a minimum of 6 years of professional work experience that is relative to the scope, functions, and responsibilities of this position.
-An equivalent combination of education and experience may be considered in lieu of the Bachelor's Degree.
- Completed a Masters degree in the one of the following fields: Business Administration, Public Administration, Health Administration, Higher Education Administration, or Risk Management.
Planning Unit: Heritage College of Osteopathic Medicine
Department: COM-Dean's Office
Applicants may contact this person if they have questions about this position: Nicole Sealey, firstname.lastname@example.org, 740-593-2552
Employment Type: Full-Time Regular
Commensurate with education and experience. Employees also enjoy a generous benefits package which includes health benefits, paid time off, and educational benefits for employees and eligible dependents.
Internal Number: 29223
About Ohio University
Ohio University is home to one of the nation’s friendliest and most picturesque campuses. But more importantly, it’s where you can become part of a two-century tradition of excellence and embark upon a rewarding career that will make a real difference. From teaching and research to admissions, facilities maintenance, and residence life, our faculty and staff propel Ohio University’s mission of helping students become their best selves. OHIO offers competitive compensation and outstanding benefits. For a complete list of employment opportunities, please visit www.ohiouniversityjobs.com.
Ohio University is an equal access/equal opportunity affirmative action institution. For more information about Ohio University’s policies prohibiting discrimination and harassment, visit www.ohio.edu/equity.