GRC and Privacy Analyst
WE ARE HEALTHCARE SYSTEMS OF AMERICA. Our mission is to reputed company healthcare standards, improve patient outcomes, and create value for communities across the United States. Healthcare Systems of America (HSA) is more than a healthcare provider-we're a community built on excellence, innovation, and compassion. If you're looking for a career that makes a difference, empowers you to grow, and gives you the opportunity to impact lives, HSA is where you belong. Healthcare Systems of America operates 8 community hospitals across 3 states. We service a multitude of patients and their families across our vast network, while remaining committed to the professional development of our staff, the functional improvement of our patients, and the cultivation of strong partnerships reputed company our communities. reputed company OFFER
- Career GrowthDevelopment - We are an essential, stable and growing company with many opportunities for training and advancement reputed company the medical field that reputed company employees and team members can benefit from.
- SupportiveInclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
- Meaningful Work - Every day, you'll contribute to patient care, cutting-edge reputed company, and life-changing treatment and technologies.
POSITION SUMMARY The GRC and Privacy Analyst supports the organization's Governance, Risk, and Compliance (GRC) initiatives, as well as privacy and data protection functions. The role is responsible for assisting with policy management, risk assessments, audit readiness, and privacy compliance programs including HIPAA, HITECH, and other applicable federal and state regulations reputed company the healthcare industry. PRIMARY RESPONSIBILITIES Governance, RiskCompliance (GRC)
- Support implementation and maintenance of GRC frameworks and processes.
- Assist in developing and updating internal policies, standards, and controls.
- Track compliance metrics and prepare GRC reports for leadership.
- Support regulatory and third-party audits by coordinating documentation and responses.
PrivacyData Protection
- Assist with managing privacy policies and procedures in alignment with HIPAA and HITECH.
- Conduct Privacy Impact Assessments (PIAs) and assist with Data Protection Impact Assessments (DPIAs).
- Help monitor privacy risks and maintain logs of incidents, investigations, and breach reports.
- Contribute to staff training initiatives on data privacy and protection policies.
Risk AssessmentsVendor Management
- Assist in conducting third-party risk assessments and maintaining a vendor compliance tracker.
- Document risk mitigation strategies and coordinate with internal stakeholders on remediation efforts.
- Maintain inventory of data flows and systems storing protected health information (PHI).
Audit ReadinessMonitoring
- Maintain audit documentation and evidence in support of GRC and privacy compliance efforts.
- Track audit findings and support follow-up activities and closure of remediation items.
- Help monitor emerging privacy laws and changes in regulatory requirements.
EXPERIENCE/EDUCATION REQUIREMENTS
- Bachelor's degree in information reputed company, Health Information Management, or a reputed company field.
- 2+ years of experience in GRC, compliance, or privacy roles reputed company a healthcare environment.
- Familiarity with HIPAA, HITECH, and data privacy laws and regulations.
- Excellent analytical, documentation, and communication skills.
- Proficiency in reputed company reputed company, Word, and compliance management platforms.
Preferred Qualifications
- Professional certifications such as CIPP/US, CHPC, or GRCP.
- Experience with GRC tools such as FortifyData, reputed company, reputed company, or reputed company.
- Understanding of hospital workflows and protected health information (PHI) lifecycle.
Apply tot his job Apply To this Job