The attorneys in the HIPAA & Privacy Law Unit guide the City in adherence to the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”) and counsel all City departments and subunits required to comply with the HIPAA Privacy Rule and Breach Notification Rule. The HIPAA & Privacy Law Unit is also responsible for overseeing and supporting the City’s HIPAA privacy compliance program, which involves monitoring the City’s compliance with the Privacy Rule; reporting to the City HIPAA Steering Committee; overseeing the development, implementation, and maintenance of City privacy policies and workforce training; investigating and reporting of HIPAA incidents; managing the City’s response to governmental audits and investigations; and receiving complaints from individuals regarding the City’s privacy policies or practices.
The HIPAA & Privacy Law Unit is seeking a mid to senior level privacy attorney to provide regulatory and compliance guidance to the City’s health and social services departments.
Duties will include:
Conducting research, drafting legal opinions, and analyzing legal issues related to HIPAA and other data privacy laws;
Communicating with City business stakeholders, subject matter experts, vendors, and others involved in data sharing and privacy matters;
Preparing responses to audits and investigations by governmental entities;
Assisting in investigating and mitigating HIPAA incidents;
Reviewing, revising, and drafting HIPAA related terms in contracts with business associates and other agreements involving the City’s protected health information;
Creating, updating, and implementing training materials and other compliance tools;
Updating HIPAA policies and procedures in response to legal and operational changes;
Coordinating with other attorneys to evaluate the applicability of state, federal, and local laws and regulations protecting the confidentiality of the City’s health and social services information; and
Addressing other legal and compliance issues as they arise.
This is not an entry level position. The candidate should have at least 5 years of law firm or in-house experience in healthcare law, with significant involvement in HIPAA/data privacy matters. Experience as a privacy officer also desirable. Privacy certification preferred but not required (Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified in Healthcare Privacy Compliance (CHPC), Certified HIPAA Professional (CHP), or equivalent).
Competencies, Knowledge, Skills and Abilities:
Extensive knowledge of relevant regulations and standards for the protection of health information
Ability to communicate clearly and effectively, orally and in writing
Ability to perform complex legal analyses
Confidence making presentations to a wide variety of audiences, for example, presenting reports to senior leadership and providing live training to large groups
Ability to foster effective working relationships and influence organizational behaviors
Self-direction and ability to prioritize, plan work, and manage projects independently
When you Apply, don't forget to mention that you found this job on Attorneyjobsinusa.com.
Additional Information Please provide a cover letter with your
application. Any questions related to this position should be directed
to Julie Assis, Divisional Deputy City Solicitor, HIPAA & Privacy
Law Unit (julie.assis @phila.gov).