HealthierHere is looking for an Assistant Director of Information Privacy and Security.
See the position details and how to apply below.
Reports To: Chief Financial and Operations Officer
Classification: Full-time/Exempt
Hiring Pay Range: $110,000-$130,000
Benefits: 100% Paid by employer: medical, dental, vision, life, AD&D, LTD. 403(b) Retirement matched at 5%; increasing to 10% over time, 100% immediate vesting. PTO: 3 weeks’ vacation, 2 weeks sick, 4 wellness days, 13 holidays, $750 annual wellness benefit, and optional Flex plan and dependent coverage.
Work Location: Currently we are fully remote. A hybrid approach is planned for mid-2024 with a location in King County, WA
Work Schedule: Monday – Friday, 8:00 am to 5:00 pm
How to Apply:
To apply, please send your resume to: Giuliana Franco, HR Recruitment Consultant – gfranco@healthierhere.org with “Assistant Director of Information Privacy and Security” in the subject line.
Position Overview
This position oversees all activities related to the development, implementation, maintenance of, and adherence to HealthierHere’s information privacy and security policies and procedures. Due to HealthierHere’s business lines, the Assistant Director of Information Privacy and Security will be expected to ensure compliance with relevant federal and state laws, as well as industry best practices, regarding the management and protection of personally identifiable information (PII) and personal health information (PHI), as well as sensitive information such as mental health information protected by Washington State low and SUD treatment information covered under 42 CFR Part 2. In order to ensure that HealthierHere’s internal information infrastructure is in adherence with privacy and security policies and practices, this position will establish and implement privacy and security policies and procedures for the internal information technology supporting HealthierHere operations, including the management of the IT and Systems Project Manager position and HealthierHere’s third-party IT operations vendor.
Major Responsibilities
• Develop and implement policies and procedures related to data privacy and security protocols, in support of organizational operations and workstreams.
• In partnership with the Director of Operations, develop, implement, and maintain policies, procedures, and related trainings regarding relevant federal and state laws, regulations, and data privacy best practices, including but not limited to HIPAA and FERPA.
• Oversee relevant third-party contracts related to privacy and security policies and practices, including vendors conducting vulnerability assessments, penetration testing, relevant legal counsel, and other related services.
• Oversee the development and maintenance of HealthierHeres Business Continuity and Disaster Recovery Plan, partnering with the Chief Technology Officer on implementation and modifications, as needed.
• Work across HealthierHere teams and workstreams to ensure consistency and compliance with privacy and security policies and practices. Work with HealthierHere teams to identify and develop additional privacy and security policies and practices, as needed based on organizational business needs.
• Participate in HealthierHeres data governance process to ensure privacy and security of client information in line with established policies and procedures.
• Identify privacy and security training needs and implement formal and ongoing information privacy and security trainings for HealthierHere staff and contractors.
• Initiate, facilitate, and promote activities to increase information privacy and security awareness and knowledge within HealthierHere and our partner organizations.
• Develop resources related to information privacy and security protections to support capacity building at HealthierHeres partner organizations.
• Serve as information privacy and security subject matter expert to HealthierHere leadership and teams.
• Coordinate and maintain appropriate contracts and agreements related to information access and usage, including Business Associate Agreements, Data Sharing Agreements, relevant Memorandum of Understanding, Nondisclosure Agreements, etc.
• Supervise the IT and Systems Project Manager and third-party office infrastructure IT vendor to ensure all internal IT projects and operations adhere to information privacy and security policies and best practices.
• Serve as the organizations Privacy Officer and Security Officer, overseeing and ensuring compliance with implemented policies and procedures and responding to any identified complaints, investigations, etc.
Minimum Qualifications
• 5+ years of experience managing data and information usage protected under state and federal privacy/security laws/regulations (HIPAA, FERPA, etc.).
• 3-5 years of experience related to information privacy and security policies, practices, and/or implementation.
• Demonstrated knowledge of HIPAA Privacy Rule and Security Rules.
• Experience working across teams and stakeholder groups, including across audiences with varying levels of familiarity with information privacy and security concepts.
• Demonstrated strong written and communication skills, with specific skill for translating advanced technical/legal concepts into a format and language that is understandable and actionable to a broad audience of stakeholders.
• Demonstrated ability to balance implementation of necessary information security and privacy protocols with complex programmatic needs and considerations.
• Demonstrated commitment to advancing equity and social justice, and strong alignment with HealthierHere’s organizational values.
Preferred Qualifications
• Demonstrated knowledge of information privacy and security laws and regulations beyond HIPAA, such as FERPA and relevant Washington State laws.
• Demonstrated experience working for, or closely with, a HIPAA covered entity and/or business associate.
• Experience in large scale data sharing projects, preferably across sectors.
• Experience related to data governance, in particular around data use and sharing within and across organizations.
Commitment to Diversity, Equity and Inclusion
As an equal opportunity employer, it is the policy of HealthierHere to provide equal employment opportunity to all its employees and applicants for employment, and to assure that there is no discrimination against any person on the basis of his or her race, color, sex, religion, marital status, national origin, age, sexual orientation, citizenship, veteran status, or the presence of any sensory, mental, or physical disability in accordance with state and federal laws. HealthierHere is an equal opportunity employer committed to an inclusive, multicultural workplace. HealthierHere values diversity and strives to have a diverse workforce and is committed to equal employment opportunity. HealthierHere actively encourages members of diverse communities to apply.
Schedule and Worksite
This position works full-time Monday – Friday during standard business hours. HealthierHere is currently performing all work remotely through with a hybrid approach planned for mid-2024. There may be situations where the employee is required to report to an off-site HealthierHere work location. Employees will be provided with a HealthierHere-issued laptop and must maintain a workspace with a secure internet connection where they can reliably and securely perform work and remain available and responsive during scheduled work hours.
Who We Are
HealthierHere is a regional collaborative committed to transformative change in the health and well-being of King County residents. We bring together community members and leaders from diverse sectors to address persistent health disparities, improve population health, prevent disease and address the social determinants of health. We strive for the “quadruple aim”—providing better care, lower costs, and a better experience for patients and providers.
HealthierHere is one of nine Accountable Communities of Health in Washington State responsible for addressing health equity and supporting whole person integrated care. This is one part of a much broader effort to achieve significant gains in health and well-being for our community.
As an organization, HealthierHere operates under a set of core values that include equity, community, partnership, innovation, and results. These values guide our work with each other and with our community partners. HealthierHere leads with equity. We work to intentionally eliminate disparities and address the current power dynamic and structural racism in our health care system that perpetuates inequities. We believe that every community member in King County should receive the type of care that they deserve - with respect and without stigma - to address their unique and individual needs.
As our name suggests, we are committed to health equity and believe that here, in King County, everyone’s health matters.