Interested in our Privacy and Security Specialist Position?
POSITION OVERVIEW:
Are you passionate about the combination of protecting individual privacy and understanding and communicating the technology risks to the business and turning that understanding of risk into appropriate risk treatment? If so, Acclivity Health is looking for you, a talented and driven individual to contribute to both Privacy and Security Risk Management. We are looking for someone to understand the Privacy and Security challenges for Acclivity Health and our diverse customer base and assist Acclivity Health in delivering improvements to the organization that in turn improve risk profile for the Company and our customers.
You will be involved in understanding the compliance requirements for the organization (including HIPAA, HITECH, and HITRUST requirements) and contractual requirements (including both client contracts and vendor contracts) and how they impact both Privacy and Security. You will be required to review and update organization policies/standards/procedures. You will be involved in performing both Privacy and Security risk assessments. Additionally, your role will encompass preparing for and responding to audits/assessments, contractual reviews, and customer/prospective customer inquiries.
PRIVACY/SECURITY ROLES & RESPONSIBILITIES:
Every workforce member at Acclivity has a critical role and responsibility to protect and maintain company, client, and patient data, that they use or are otherwise within their control.
- Abide by Policies and Procedures
- Complete all training requirements
- Read and adhere to privacy and security communications
- Report actual or suspected privacy, security, or policy violations, and breaches to the Chief Security Officer (CSO) and Chief Privacy Officer (CPO)
- Knowledge of healthcare regulatory requirements such as HIPAA/HITECH
- An understanding of Privacy and Security frameworks such as ISO 27001/27002, HITRUST and Generally Accepted Privacy Principles (GAPP)
- Familiarity with Privacy laws (e.g. GDPR, CCPA, PIPEDA)
- Familiarity with the performance of Security and Privacy Risk Assessments
- Familiarity with the Acclivity Health Technology Platform and how the platform impacts Privacy and Security
- Leading practices related to Privacy and Security
- Highly collaborative across the Acclivity Health organization in order to drive successful Privacy and Security practices across all teams.
EXPECTATIONS:
There are some established characteristics of our successful employees. They are self-motivated team players who possess important attributes. Those attributes (not limited to) include:
- Judgement
- Communication
- Curiosity
- Courage
- Passion
- Selflessness
- Innovation
- Inclusion
- Integrity
- Impact
QUALIFICATIONS & EDUCATION REQUIREMENTS:
- 2+ years of Information Privacy and/or Information Security Experience (or related audit or risk management experience)
- Bachelor’s Degree in Information Security or Information Privacy or a field related to Information Security and/or Information Privacy
- Privacy or Security Certification(s) such as CIPP-US, Security+, CEH, CISSP, CISA, CISM, CRISC
- Excellent written and verbal communication skills
- Expertise in privacy, security, business risk analysis, and making complex business/risk trade-off recommendations
- Knowledge of privacy compliance, risk management and technical frameworks
- Independently driven, resourceful, and able to deliver results with minimal direction
- Passion, Integrity, and Energy!
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Employee shall maintain the appropriate skills and qualifications required for their role(s).
