Labcorp Senior Project Analyst - HIPAA in Burlington, North Carolina
Project Analyst - HIPAA
We are currently seeking a Project Analyst to support the HIPAA program for Labcorp's Corporate Compliance Department located at Corporate Headquarters, 531 South Spring Street, Burlington, NC 27215.
The Project Analyst supports the patient privacy and compliance activities across Labcorp to mitigate risk and ensure compliance with ethical and regulatory standards related to the Health Insurance Portability and Accountability Act (HIPAA), patient privacy and all applicable state and/or federal regulations.
The Project Analyst should possess or develop a working knowledge of laws, regulations, polices, and procedures relating to HIPAA Protected Health Information (PHI), paper and/or electronic, across all media types. The Project Analyst helps to ensure privacy forms, policies, standards, and procedures are current and documented. Works to help resolve compliance issues with respect to regulatory standards to duly authorized enforcement agencies as appropriate or required. Collaborates with the Office of Information Security (OIS) for alignment of security and privacy compliance policies, procedures, and investigations.
The Project Analyst helps to administer the Privacy Program, including but not limited to, implementation and maintenance of privacy policies and procedures, investigation and tracking of privacy incidents and reporting inappropriate access and/or disclosure of protected health information (PHI) according to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, Health Information Technology for Economic and Clinical Health (HITECH) Act and applicable state/federal laws. Cooperates with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), State regulators and/or other legal entities in any compliance reviews or investigations.
- Assists and collaborates with the HIPAA Privacy Officer, Privacy Team and Office of Information Security (OIS) on implementing risk management strategies, including models or methodologies of administrative, physical and technical measures to prevent, control or reduce identifiable risks based on assessment of operations and vulnerabilities with patient privacy and security of protected health information (PHI). Helps to devise systems to monitor validity of risk assessments, to develop contingency plans to mitigate risk, and to cooperate with Internal Audit Department regarding the HIPAA Privacy Program.
- Supports and collaborates with HIPAA Privacy Officer and Privacy Team on implementing programs to monitor compliance with regulations and organizational standards related to patient privacy and Protected Health Information. Identifies compliance issues that require follow-up or investigation, communicates emerging compliance issues to the Global Privacy Head and helps ensure that employees are informed about compliance reporting systems, policies, and practices. Supports the coordination of the HIPAA breach notification process and communication of results to patients according to HIPAA regulations.
Policy and Procedure Development
- Aids in the development and implementation of policies and procedures related to patient privacy compliance throughout the Organization. Documents and communicates policies and procedures, established protocols related to reporting (internal systems and external regulatory bodies).
- Conducts or helps to direct the internal investigation for patient privacy and compliance-related incidents or complaints. Consults with the Global Privacy Head as directed by the HIPAA Privacy Officer to address legal compliance concerns, collaborates with the Compliance Department and Human Resources to implement consistent disciplinary action strategies in cases of compliance standard violations. Cooperates with OCR, State regulators and/or other legal entities as appropriate.
- Reviews contracts and agreements, including Business Associate Agreements and Limited Data Sets with Data Use Agreements, as directed by the HIPAA Privacy Officer.
Communication and Training
- Supports HIPAA Privacy Officer with communications, monitoring, and enforcement of compliance standards. Helps in the updating of employee training on privacy and security related topics, policies, or procedures.
Our ideal candidate will have:
Normally requires a Degree from accredited college or university with 7 plus years of experience.
Certified HIPAA professional with demonstrated experience supporting HIPAA Covered Entities and/or Business Associates.
Demonstrated knowledge of HIPAA and HITECH rules.
This includes, but is not limited to rules related to treatment, payment and health care operations regarding a Covered Entity, Notice of Privacy Practices, de-identification standards, minimum necessary standards, workforce requirements, accounting for disclosures, patients access to their medical records, and exceptions to the HIPAA privacy rule such as for law enforcement, public health and emergencies, regulatory reporting, reviews preparatory to research.
M-Friday 8am- 5pm
As an EOE/AA employer, the organization will not discriminate in its employment practices due to an applicant's race, color, religion, sex, national origin, sexual orientation, gender identity, disability or veteran status.