Privacy Analyst

Navia is a national, consumer-directed benefits provider serving 10,000+ employers across all 50 states. The company provides comprehensive health, finance, lifestyle, and compliance solutions to employers and consumers. We take pride in offering industry-leading customer service, communications, and technology.
Founded in 1989, Navia began as Flex-Plan Services, and over the years has grown into one of the nation’s premier benefit providers. Navia offers FSA, HSA, HRA, Commuter, Lifestyle, 401K, Benefit Administration, Education, COBRA, and much more.
 

• Project manage all incidents end to end with contributions cross departmentally. Includes assignment of duties, determination of communications, updates to process and procedures, implement changes to process and technical requirements and contribute to disciplinary process.
• Update and implement new procedures for responding to privacy incidents, including breach notification requirements, investigation protocols, and corrective actions. 
• Develop and implement privacy policies in accordance with federal regulations and industry best practices.
• Monitor and enforce compliance with privacy regulations throughout the organization, including proper handling, storage, and transmission of PHI.
• Create and implement regular training for employees to educate them about the rules and regulations, privacy practices, and their responsibilities in protecting information.
• Conduct periodic risk assessments to identify potential vulnerabilities in PHI security and privacy practices and develop strategies to mitigate risks. 
• Coordinate and oversee internal audits to assess compliance with privacy requirements and collaborate with external auditors as needed. 
• Identify and minimize risks associated with the processing of personal data. Ongoing review against privacy impact assessment and mapping of collection, use, and sharing of PII. Contribute to all risk assessments under our SOC.
• Serve as the organization's primary liaison with regulatory agencies, legal counsel, client’s, and other stakeholders on matters related to privacy compliance. 
• Stay abreast of developments and changes in regulations, as well as emerging trends and best practices in healthcare privacy and security
• 
    Requirements

• Bachelor's degree in healthcare administration, business administration, information technology, or related field (Master's degree preferred). 
• Certified in Healthcare Privacy Compliance (CHPC) or Certified Information Privacy Professional (CIPP) certification preferred. 
• Minimum of 5 years of experience in healthcare compliance, privacy, or related field. 
• In-depth knowledge of regulations, including the Privacy Rule, Security Rule, and Breach Notification Rule. 
• Strong analytical and problem-solving skills, with the ability to interpret complex regulatory requirements and apply them to practical scenarios. 
• Excellent communication and interpersonal skills, with the ability to effectively train and educate staff members at all levels of the organization. 
• Demonstrated leadership abilities, with a track record of effectively managing privacy initiatives and driving organizational change. 
• High level of integrity and discretion, with a commitment to maintaining confidentiality and protecting patient privacy.