Privacy Officer
Remote or In Office
Applications have closed
PointClickCare
For more than 20 years, PointClickCare has been the backbone of senior care. We’ve amassed the richest senior care dataset making our market density untouchable and our connections to the healthcare ecosystem exponentially more powerful than those of any other platform.
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
Key Responsibilities:
· Oversees all ongoing activities related to the development, implementation and maintenance of PointClickCare’s privacy program and policies in accordance with applicable (i) United States federal and state laws, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); and (ii) Canadian federal and provincial laws.· Ensures, in conjunction with PointClickCare’s Security team, that PointClickCare is using reasonable and appropriate measures to safeguard the confidentiality, integrity and accessibility of personal information (“PI”), including personal health information (“PHI”, and together with PI, “Personal Information”), that is stored and processed on behalf of PointClickCare customers.· In the event of an incident of suspected or actual unauthorized handling of Personal Information, determines escalation and response procedures (in conjunction with PointClickCare’s Security team).· Works with all PointClickCare personnel involved with any aspect of release of PHI, to ensure full coordination and cooperation under PointClickCare’s legal and privacy policies, procedures and requirements. · Coordinate with PointClickCare’s Security team to ensure that all mechanisms designed to track access to PHI by PointClickCare personnel are consistent with PointClickCare’s legal and privacy obligations.· Coordinate with PointClickCare’s Security team to oversee and administer ongoing activities to enforce, review, and, where appropriate, audit and monitor PointClickCare personnel and vendors with regard to compliance with HIPAA policies and procedures, contractual privacy and data protection obligations, individual privacy rights, and federal, state and provincial privacy and security regulations.· Responds, or oversees responses to, routine and non-routine data requests to use and disclose PHI; ensures consistent application of policies and documentation of such requests. · Reviews for approval all non-standard data-sharing arrangements.· Drafts and revises all HIPAA-related policies, procedures, forms and processes as required to align to current industry trends and regulatory and operational changes.· Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements to ensure that all privacy concerns, requirements and responsibilities are addressed.· Collaborates with the Engineering, Information Technology and Security teams to ensure system integration of, and alignment with, privacy, data protection and cyber security practices (i.e., privacy compliance and data protection by design). · Oversees, directs, delivers, or ensures delivery of privacy training and orientation to all PointClickCare personnel.· Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning PointClickCare’s privacy policies and procedure.- Serves as PointClickCare’s subject matter expert on all privacy and data protection laws and regulations and on key projects where data protection and privacy must be considered and/or managed.- Acts as a general privacy resource for all PointClickCare personnel and initiates, facilitates and promotes activities to foster information privacy awareness within the organization.- Advises the executive leadership team by assessing current privacy practices and identifying risks, developing solutions and risk mitigation strategies.- Provides reports on a regular basis to keep the General Counsel apprised of the operations and progress of privacy compliance efforts.- Maintains current knowledge of applicable federal, state and provincial privacy laws and regulations, monitors advancements in information privacy technologies; and assists with adaptation of business practices when necessary to ensure compliance.- Appointed as PointClickCare’s “privacy official” for purposes of 45 CFR § 164.530 (but not as PointClickCare’s security official, as described at 45 CFR § 164.308) and as PointClickCare’s “Chief Privacy Officer” as referenced in its, or its subsidiaries’, information privacy and security policies and third-party certification documentation (e.g., HITRUST, etc.).
Required Experience:
· Law degree preferred.· Extensive knowledge and experience in United States health and general privacy laws, requirements and industry best practices, with a particular focus on HIPAA.· Extensive knowledge and understanding, or an ability to quickly acquire extensive knowledge and understanding, of Canadian health and general privacy laws.· Experience defining, drafting and implementing policies and procedures and training.· Experience conducting ongoing privacy compliance and data protection monitoring activities.· Demonstrated organization, facilitation, communication, and presentation skills.· Strong analytical capability and problem-solving skills, with attention to detail.· Strong project management skills, including ability to think end-to-end and manage multiple priorities/projects simultaneously for multiple stakeholders.· Demonstrated ability to influence and drive senior internal and external stakeholders to a decision.· Excellent interpersonal skills; a team player with ability to partner at all levels of the organization and who is able to act as both a leader and an individual contributor as required.#LI-SG1 #LI-Remote
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
Key Responsibilities:
· Oversees all ongoing activities related to the development, implementation and maintenance of PointClickCare’s privacy program and policies in accordance with applicable (i) United States federal and state laws, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); and (ii) Canadian federal and provincial laws.· Ensures, in conjunction with PointClickCare’s Security team, that PointClickCare is using reasonable and appropriate measures to safeguard the confidentiality, integrity and accessibility of personal information (“PI”), including personal health information (“PHI”, and together with PI, “Personal Information”), that is stored and processed on behalf of PointClickCare customers.· In the event of an incident of suspected or actual unauthorized handling of Personal Information, determines escalation and response procedures (in conjunction with PointClickCare’s Security team).· Works with all PointClickCare personnel involved with any aspect of release of PHI, to ensure full coordination and cooperation under PointClickCare’s legal and privacy policies, procedures and requirements. · Coordinate with PointClickCare’s Security team to ensure that all mechanisms designed to track access to PHI by PointClickCare personnel are consistent with PointClickCare’s legal and privacy obligations.· Coordinate with PointClickCare’s Security team to oversee and administer ongoing activities to enforce, review, and, where appropriate, audit and monitor PointClickCare personnel and vendors with regard to compliance with HIPAA policies and procedures, contractual privacy and data protection obligations, individual privacy rights, and federal, state and provincial privacy and security regulations.· Responds, or oversees responses to, routine and non-routine data requests to use and disclose PHI; ensures consistent application of policies and documentation of such requests. · Reviews for approval all non-standard data-sharing arrangements.· Drafts and revises all HIPAA-related policies, procedures, forms and processes as required to align to current industry trends and regulatory and operational changes.· Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements to ensure that all privacy concerns, requirements and responsibilities are addressed.· Collaborates with the Engineering, Information Technology and Security teams to ensure system integration of, and alignment with, privacy, data protection and cyber security practices (i.e., privacy compliance and data protection by design). · Oversees, directs, delivers, or ensures delivery of privacy training and orientation to all PointClickCare personnel.· Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning PointClickCare’s privacy policies and procedure.- Serves as PointClickCare’s subject matter expert on all privacy and data protection laws and regulations and on key projects where data protection and privacy must be considered and/or managed.- Acts as a general privacy resource for all PointClickCare personnel and initiates, facilitates and promotes activities to foster information privacy awareness within the organization.- Advises the executive leadership team by assessing current privacy practices and identifying risks, developing solutions and risk mitigation strategies.- Provides reports on a regular basis to keep the General Counsel apprised of the operations and progress of privacy compliance efforts.- Maintains current knowledge of applicable federal, state and provincial privacy laws and regulations, monitors advancements in information privacy technologies; and assists with adaptation of business practices when necessary to ensure compliance.- Appointed as PointClickCare’s “privacy official” for purposes of 45 CFR § 164.530 (but not as PointClickCare’s security official, as described at 45 CFR § 164.308) and as PointClickCare’s “Chief Privacy Officer” as referenced in its, or its subsidiaries’, information privacy and security policies and third-party certification documentation (e.g., HITRUST, etc.).
Required Experience:
· Law degree preferred.· Extensive knowledge and experience in United States health and general privacy laws, requirements and industry best practices, with a particular focus on HIPAA.· Extensive knowledge and understanding, or an ability to quickly acquire extensive knowledge and understanding, of Canadian health and general privacy laws.· Experience defining, drafting and implementing policies and procedures and training.· Experience conducting ongoing privacy compliance and data protection monitoring activities.· Demonstrated organization, facilitation, communication, and presentation skills.· Strong analytical capability and problem-solving skills, with attention to detail.· Strong project management skills, including ability to think end-to-end and manage multiple priorities/projects simultaneously for multiple stakeholders.· Demonstrated ability to influence and drive senior internal and external stakeholders to a decision.· Excellent interpersonal skills; a team player with ability to partner at all levels of the organization and who is able to act as both a leader and an individual contributor as required.#LI-SG1 #LI-Remote
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance HIPAA HITRUST Monitoring Privacy
Perks/benefits: Career development Insurance
Region:
Remote/Anywhere
Job stats:
9
0
0
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs