Everything from finding the right online university to finding the right job!

Quick Degree Finder

HIPAA Compliance Officer

Salary: $35.22-$43.00 hourly / $6,126-$7,479 monthly / Range: 6474

DEFINITION: Under general direction, develops, promulgates, and maintains the County's HIPAA medical privacy and data security compliance program; ensures that County policies comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA); and performs related duties as required.

DISTINGUISHING CHARACTERISTICS: This is a single-position management classification located in the General Services Department. It is responsible, through collaboration with the County Administrator's Office and County Counsel, for developing a Countywide medical privacy and data security policy and collaborating with affected departments to implement appropriate procedures and measures to guarantee the privacy and security of protected health information.


1. Chairs the County's HIPAA Committees, which are charged with the responsibility for monitoring regulatory requirements, developing Countywide HIPAA privacy and security programs, and implementing appropriate strategies to promote compliance.
2. Acts as a resource for departments affected by HIPAA and provides education on the requirements to perform actions such as an initial inventory, gap analyses, and risk assessments to determine appropriate privacy and security-related organizational policies and procedures; conducts studies of current information and data flow of protected health information within and between affected County departments and programs including exchanges with contract providers and vendors; coordinates with the County Administrator's Office, County Counsel, and other department heads and departmental program managers to develop and implement the County's HIPAA compliance program and address various compliance issues.
3. Coordinates with County Counsel and impacted departments to develop all legally required documents and forms, including, but not limited to: Notice of Privacy Practices, Authorization, Request to Access/Amend Record; Request to Restrict Access, and Denial of Access or Amendment; oversees development and implementation of business associate agreements to ensure all privacy and security concerns, requirements, and responsibilities are addressed.
4. Informs affected departments on requirements for contingency plans for medical data security including data backup plans, disaster recovery, emergency mode operation plans, and applications and data criticality analyses; works with affected departments to develop physical safeguards for data security such as facility access and security procedures, contingency procedures for disaster recovery, and a recording process for maintenance related to security.
5. Develops and implements privacy and security awareness training relevant to HIPAA compliance issues for all affected County employees, including documenting ongoing HIPAA-related training; coordinates with Human Resources, County Counsel, and County departments to establish appropriate sanctions, as required by HIPAA, for employees who fail to comply with the County's HIPAA policies and procedures.
6. Establishes and administers formal processes for receiving, investigating, taking action on, and documenting all complaints related to the County's HIPAA policies and procedures in coordination with other County managers, County Counsel, and Human Resources; cooperates with the federal Department of Health and Human Services Office for Civil Rights and other officials in any compliance reviews or investigations of alleged breaches of privacy policy and procedures; prepares and submits written reports to the Board of Supervisors and County Administrator regarding the status of the County's medical privacy and security program.
7. Receives and responds to complaints regarding alleged breaches of the County's HIPAA policies and procedures; ensures complaints are acted upon in a timely manner; coordinates and conducts investigations into complaints; recommends appropriate corrective measures, including sanctions if justified by the results of the investigation.
8. Maintains current knowledge of applicable standards and revises the HIPAA compliance program as necessary; informs County departments of new HIPAA legislation and regulations; on an on-going basis, maintains accessible documentation regarding HIPAA compliance for departmental use; conducts medical privacy and security audits of departments to ensure continued compliance with all applicable federal, state and local legislation; serves as an internal resource to all County departments for HIPAA-related matters; prepares a summary report of HIPAA compliance program activities for distribution to County departments.


1. Two years of management experience with significant responsibility for developing and implementing policies and procedures that ensure compliance with federal, state, or local laws and regulations, and data systems security and data administration, one year of which will have been experience working directly with HIPAA compliance; or,
2. a combination of training, education, and experience that is equivalent to the employment standard listed above and that provides the required knowledge and abilities.

Knowledge of: HIPAA-related rules and regulations; techniques of administrative and organizational systems analysis; principles and practices of project planning, monitoring, and evaluation; methods of research including the use of automated systems; effective interviewing and investigation techniques; computer software, including word processing, spreadsheet, database and security programs; operation, capacity, and capabilities of current information technology equipment; data administration including the categorizing, storing, and dissemination of information; standard English usage and grammar.

Ability to: read, learn, understand, and interpret the Health Insurance Portability and Accountability Act of 1996; learn other relevant information privacy laws related to access and release of protected medical information; research, analyze, and apply legislation and legal precedents to resolve issues; communicate effectively both verbally and in writing; make independent decisions; analyze situations and take appropriate action; represent the County in an effective and professional manner; establish and maintain effective working relationships with the public, other departments and agencies, boards and commissions, public officials, and community groups; organize own and others' work on multiple projects while meeting deadlines; influence others over whom one has little or no authority; maintain confidentiality of information.

Test Preparation Schools & Programs (by State) Letter & Writing Career & Training

Link to us | Home | Privacy Policy Copyright 2019 The EDUers.com. All Rights Reserved