Corporate Privacy Manager

MJHS is a large not-for-profit health system in the Greater New York area. Our range of health services include home care, hospice and palliative care for adults and children, rehabilitation and nursing care at Menorah and Isabella Centers, and the research based MJHS Institute for Innovation and Palliative Care. We also offer Elderplan/HomeFirst: health plans for Medicare and dual-eligible individuals. As a not-for-profit organization, many of our programs and services are made possible through the generosity of grateful families, corporate donors and grants, as well as our own employees.

At MJHS, quality care is our mission. We are committed to creating a workforce as diverse as our community. We have a great culture; we offer great benefits that include a work/life balance and competitive rates.

MJHS attracts individuals who see their work as a calling as well as a job. Professionals in every job category have stated that they appreciate being left to make their own decisions, are encouraged to voice their opinions, and are given the necessary breathing room to do their work with minimal supervision. Yet, at the same time, they feel that management and their co-workers are solidly behind them and readily accessible.

Our Corporate team may not provide direct care, but we still touch people's lives in a very real and substantial way. The services we provide contribute greatly to the overall patient and member experience, supporting our reputation for excellence.

• Manage the Privacy Program for MJHS, its participating agencies, and Elderplan. Develop, implement, and maintain privacy policies and procedures for MJHS, its participating agencies, and Elderplan, in compliance with all applicable privacy regulations
• Collaborate with the MJHS and Elderplan Compliance departments to develop privacy program training content
• Oversee administration of new-hire and annual privacy and security training for all staff
• Perform ad hoc live, department specific privacy training upon request or in response to privacy incidents
• Receive and respond to reports of all potential privacy incidents, including documentation and investigation, root cause analysis, and HIPAA breach analysis
• Conduct privacy risk assessments to identify potential privacy non-compliance
• Perform routine auditing and monitoring in response to risk assessment results and to ensure staff are adhering to privacy policies and procedures
• Investigate potential non-compliance identified through auditing, monitoring, patient complaints, hotline reports, direct reports, or other means
• Participate in HIPAA enterprise risk assessments, third-party vendor risk assessments, and other risk management activities as necessary
• Complete other duties as assigned by the VP, Compliance & Privacy