Privacy Compliance Analyst
Salt Lake City, UT
Applications have closed
PointClickCare
For more than 20 years, PointClickCare has been the backbone of senior care. We’ve amassed the richest senior care dataset making our market density untouchable and our connections to the healthcare ecosystem exponentially more powerful than those of any other platform.
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
As a member of PointClickCare’s Legal and Compliance team, you will work on critical initiatives and projects that significantly impact PointClickCare, its customers, and other stakeholders. Reporting to PointClickCare’s Privacy Officer and Associate General Counsel, you will identify, analyze, and distill ever-changing information-privacy requirements applicable to PointClickCare’s various operations throughout the United States and Canada in order to assess, modify, and carry out PointClickCare’s privacy policies, procedures, and training. You will be relied upon to provide accurate, timely, and relevant information to enable informed leadership decisions.
The subject matter of your work will focus primarily on the privacy of protected health information (PHI) that PointClickCare holds as a HIPAA business associate on behalf of HIPAA covered entities (and in accordance with other applicable federal and state patient privacy laws (e.g., 42 CFR Part 2, etc.)). A meaningful portion of your work, however, will also address the patchwork of emerging consumer- and employee-based privacy laws (e.g., CCPA/CPRA, VCDPA, UCPA, CPA, etc.) that affect certain limited aspects of PointClickCare’s business.
In addition to proactive policy work, you will lend your expertise in response to day-to-day privacy compliance matters from inside and outside the company, including questions regarding specific information security events and questions from customers regarding PointClickCare’s data use practices. In this role, you will collaborate with team members from across multiple departments, including Security and Trust, Data Intelligence, Product Management, Clinical Solutions, Customer Success, and Government Affairs.
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
As a member of PointClickCare’s Legal and Compliance team, you will work on critical initiatives and projects that significantly impact PointClickCare, its customers, and other stakeholders. Reporting to PointClickCare’s Privacy Officer and Associate General Counsel, you will identify, analyze, and distill ever-changing information-privacy requirements applicable to PointClickCare’s various operations throughout the United States and Canada in order to assess, modify, and carry out PointClickCare’s privacy policies, procedures, and training. You will be relied upon to provide accurate, timely, and relevant information to enable informed leadership decisions.
The subject matter of your work will focus primarily on the privacy of protected health information (PHI) that PointClickCare holds as a HIPAA business associate on behalf of HIPAA covered entities (and in accordance with other applicable federal and state patient privacy laws (e.g., 42 CFR Part 2, etc.)). A meaningful portion of your work, however, will also address the patchwork of emerging consumer- and employee-based privacy laws (e.g., CCPA/CPRA, VCDPA, UCPA, CPA, etc.) that affect certain limited aspects of PointClickCare’s business.
In addition to proactive policy work, you will lend your expertise in response to day-to-day privacy compliance matters from inside and outside the company, including questions regarding specific information security events and questions from customers regarding PointClickCare’s data use practices. In this role, you will collaborate with team members from across multiple departments, including Security and Trust, Data Intelligence, Product Management, Clinical Solutions, Customer Success, and Government Affairs.
Key Responsibilities:
- Assist in the development of, and ongoing updates to, PointClickCare’s privacy policies, controls, and training materials
- Assist in the unification/consolidation of privacy policies across PointClickCare’s subsidiaries
- Identify, communicate, and document privacy risks, privacy policy gaps, and privacy policy exceptions
- Stay informed of relevant regulatory and industry changes, trends, and best practices and assess the potential impact of these changes on PointClickCare
- Meet regularly with the Product Management and Clinical Solutions teams to ensure “privacy-by-design” consistency in all PointClickCare services
- Assist in responding to internal and external privacy impact assessments, privacy questionnaires, and other privacy compliance questions
- Assist the Security and Trust team on all privacy-related matters encompassed within security assessments/audits (e.g., for HITRUST CSF, SOC 2 Type II, etc.)
- Assist the Security and Trust team in analyzing the privacy implications and reporting obligations associated with information security incidents/events
- Work with Cloud Operations and other data storage teams to ensure alignment with privacy policies and data retention policies
- Perform privacy risk/impact/compliance assessments of certain sub-business associates and other third-party service providers
- Assist with responses to data/records requests
- Successfully set priorities, perform tasks in an orderly fashion, and meet deadlines
Required Experience and Skills:
- BA/BS degree
- 3-5 years of relevant work experience
- Extensive knowledge and experience in United States health and general privacy compliance requirements
- Demonstrated capacity to understand, compare, analyze, and communicate complex regulatory and business challenges
- Experience defining, drafting, and implementing policies and training materials
- Experience conducting ongoing privacy compliance and monitoring activities
- Demonstrated organization, facilitation, communication, and presentation skills
- Strong project management skills, including ability to think end-to-end and manage multiple priorities/projects simultaneously for multiple stakeholders
- Excellent interpersonal skills; a team player with ability to collaborate at all levels of the organization
- Strong analytical capability and problem-solving skills, with attention to detail
- Keen judgement, integrity, and tact
- Strong written and verbal communication
- Self-starter with the ability to work independently
- Privacy-related certifications (e.g., CIPP, CIPM, etc.)
- Familiarity with Canadian health and general privacy laws (e.g., PIPEDA, PHIPA, etc.)
- SaaS business experience
- Health information exchange experience
Preferred Experience:
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCPA CIPP Cloud Compliance HIPAA HITRUST Monitoring Privacy SaaS Security assessment SOC SOC 2
Perks/benefits: Team events
Region:
North America
Country:
United States
Job stats:
9
0
0
Categories:
Analyst Jobs
Compliance Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs