Management Analyst III (HIPAA)

About The Position

Requirements

• Minimum educational experience is a master’s degree from an accredited university with a focus on Cybersecurity, Computer Science, Information Sciences, or other comparable fields of study, plus three years of specialized experience with Cybersecurity equivalent to the GS-13/14 level in the Federal Government.
• Must have an expert understanding and implementation of HIPAA policies.
• Ability to obtain and retain a Public Trust clearance level II.
• Ability to work well with a team in a high-visibility, fast-paced environment.
• Must be flexible in balancing competing and new priorities with strong analytic communication and writing skills.
• Understanding of the public health or healthcare system/field.
• A combination of education and experience may be used to qualify for this position. Experience must be equivalent to at least four years of specialized experience equivalent to the GS-13/14 level in the Federal Government.

Nice To Haves

• Preference will be given to candidates with relevant industry certifications from CISSP, CISM, CIPP/CIPT/CIPT.

Responsibilities

• Provides advice on mission support issues of policy, impact of administrative rules, compliance, and enforcement mechanisms related to OCR’s HIPAA Privacy and Security Rules and Cybersecurity initiative.
• Provides recommendations regarding improving the quality and efficiencies of OCR’s HIPAA and Cybersecurity projects, activities, and mission. Coordinates with OCR leaders to evaluate program efficiencies, identify areas of overlap, and provides recommendations for improvements and/or consolidation of workstreams.
• Provides project management and develops and implements processes to improve OCR’s HIPAA and Cybersecurity initiatives for compliance and enforcement authorities regarding case investigations, conduct of compliance reviews, and case resolution and enforcement strategies concerning Health and Human Services divisions, State and local governments, and private entities.
• Provides mission support, policy, and regulatory analysis on OCR’s HIPAA and Cybersecurity initiatives to the OCR Director and Deputy Directors on issues of policy, impact of administrative rules, compliance, and enforcement mechanisms.
• Provides input for OCR’s HIPAA and Cybersecurity initiatives on the implementation of policies and procedures under OCR’s compliance and enforcement authorities.
• Provides high-quality research and analysis for OCR’s HIPAA and Cybersecurity initiatives by processing and investigating cases, conducting compliance reviews in support of OCR’s nationwide goals.
• Supports OCR officials’ intra- and inter-agency efforts regarding OCR’s HIPAA and Cybersecurity initiatives to develop, coordinate and implement mission activities.
• Interfaces with appropriate governmental staff as well as federal and state agencies and other regulated entities, complainants, covered entities and business associates, advocacy groups, and other stakeholders as required.
• Provides outreach activities on OCR’s HIPAA and Cybersecurity initiatives such as outreach to stakeholders, media relations, and special initiatives to maximize the impact of OCR’s mission activities, program goals, and strategic objectives.

Benefits

• medical, dental, and vision insurance
• life and disability insurance
• 401(k) plan with employer match
• paid holidays
• PTO (sick/vacation)
• employee assistance program (EAP)
• educational reimbursement
• Pet Insurance