Job Details

Privacy Compliance Officer

Oregon Health Authority, Salem, OR

Job - Government

Close Date: 09/17/2019

The Oregon Health Authority is modernizing and expanding and currently has a fantastic opportunity for an experienced IT Privacy Expert to serve as their new Privacy Compliance Officer and to join an excellent team.

The Oregon Health Authority promotes health equity by developing policies and programs to eliminate health disparities and reach health equity for all Oregonians.

What you will do!
As a Privacy Compliance Officer (PCO), you will work in the Office of Information Services, the shared technology services provider for the Oregon Department of Human Services and the Oregon Health Authority. You will provide direction and expertise on all aspects of information privacy, privacy compliance, and confidentiality within both agencies (OHA and DHS), serving as a subject matter expert in these areas.

In this role, you will be part of the Office of Information Services’ Information Security and Privacy Office (ISPO). Your responsibilities will include:
Development and implementation of privacy policies and processes, development and maintenance of privacy practices, identification of training needs, program process modifications, drafting and maintenance of agencies’ Notice of Privacy Practices communications, monitoring and responding to privacy related complaints, incidents and issues related to unauthorized disclosure of individually identifiable information, responding to questions and inquiries relating to privacy and compliance, development and maintenance of agencies’ Oregon Administrative Rules on privacy, leadership on projects related to privacy and compliance.

This position is designed and intended to satisfy federal, state and local rules requiring agencies and entities to have a Privacy Officer. These laws include but are not limited to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). You will work with agency staff, the Joint Privacy Committee, and other work groups for planning, coordinating and implementing policy and initiatives, and act as the privacy program manager.

You will work with all levels of management in state agencies, federal and national entities, and serve as a key point of contact with internal and external constituents on all issues pertaining to the protection of personally identifiable information, personal health information, CJIS information and other protected information for past and current clients of the agencies as well as employee information.

Additionally, you will be a key member of the Joint Privacy Committee and may lead teams for projects as well as participate in initiatives for the ISPO. You may lead and participate in other committees as needed. You will function as a project manager or project sponsor with respect to federal and state rule and law changes and the agencies’ compliance with these changes.

What's in it for you?
Collaboration in an open office with a team of bright individuals to work with and learn from. We offer full medical, vision and dental with paid sick leave, vacation, personal leave and ten paid holidays per year. If you are an experienced Privacy Expert, don't delay, apply today!

• Eight (8) years of professional-level experience in Privacy. OR A Bachelor's Degree in Business or Public Administration, Behavioral or Social Sciences, Finance, Political Science or any degree demonstrating the capacity for the knowledge and skills; AND Five (5) years of professional-level experience in Privacy. OR A Master’s Degree in or any degree demonstrating the capacity for the knowledge and skills; AND Four (4) years of professional-level experience in Privacy. OR A Doctor’s Degree in Information Technology with a specialty in Security, Privacy or Law or any degree demonstrating the capacity for the knowledge and skills; AND Three (3) years of professional-level experience in Privacy.
• Successful completion of CIPP-US and CIPM Certifications or ability to acquire these certifications within 12 months of hire.
• Knowledge of federal, state and agency laws and guidelines pertaining to protection from the unauthorized disclosure of individually identifiable information.
• Experience with data governance and the management of regulated data.
• A law degree or related advanced degree.
• Project Management experience in an IT environment.
• Demonstrated experience with HIPAA/HITECH, PII and other varieties of protected information.
• Knowledge of programs within the Oregon Health Authority and Department of Human Services.
• Ability to build and maintain professional and harmonious business relationships including work adjustment and adaptability, cooperativeness, loyalty and team work.
• Excellent written and verbal communication and presentation skills.
• Experience working with diverse groups with varying priorities and goals and moving those groups toward consensus.

Complete details: