Privacy and Compliance Specialist

Essential Duties and Responsibilities:

• Review reported incidents related to potential or actual privacy, security, or data breaches.
• Coordinate the incident or breach management process (as appropriate) with project management, DOH and the corporate Privacy and Data Protection Office.
• Work with project management, DOH and the corporate Privacy and Data Protection Office to develop and disseminate all required notifications of suspected or actual breach of protection of protected health information or personally identifiable information.
• Mentor Privacy Specialists with incident investigations and review privacy reports and deliverables.
• Conduct project related privacy risk assessments and internal audits.
• Review privacy practices and supports periodic compliance audits of sub-contractors and vendors for the project site to assure compliance with contract requirements, quality principles and Business Associate Agreements.
• Manage the collection, analysis and reporting of privacy program data and metrics.
• Develop departmental work instructions and reference materials.
• Develop project privacy and security training and awareness materials.
• Conduct training regarding compliance, privacy, and quality awareness.
• Prepare data in support of regularly scheduled meetings, facilitating as required.
• Support the effectiveness of the quality management system and complies with ISO 9001.
• Support the Compliance Manager with assigned duties and acts as the department's subject matter expert.
• Responsible for maintaining confidentiality in daily tasks.
• Maintain current knowledge of the federal and state rules, regulations, and guidance related to security and privacy including but not limited to HIPAA, HITECH, Federal Exchange regulations (ACA regulations).
• Maintain awareness of corporate and project privacy and security policies and procedures.
• Develop, maintain, document and report on the Contractor's privacy measures.
• Ensure the system complies with all current and future federal and state privacy regulations and standards.
• Conduct audits and implement safeguards to maintain data integrity and confidentiality, specifically in regard to Protected Health Information (PHI) and Personally Identifiable Information (PII).
• Lead initiatives to train contractor and DHS employees, as requested, on compliance requirements and privacy best practices.
• Provides support for external privacy audits. The Privacy & Compliance Specialist position is not required to be onsite; however, the client will require travel to our site in Little Rock, AR for the purpose of training, audits, and/or compliance review.

Minimum Requirements

• Bachelor's degree in relevant field of study and 5+ years of relevant professional experience required, or equivalent combination of education and experience.
• Must possess a minimum of five (5) years of experience managing or in a key management position for a large-scale government human services project, including a minimum of three (3) years of that experience in a Privacy Officer role (or a role of similar scope and responsibility).
• Must have excellent communication skills, writing skills, facilitation skills, and formal presentation skills.
• Must be willing and able to travel to Little Rock, AR as business and/or client needs dictate.
• Preferred Certifications: Certified Health Care Privacy and Security (CHPS), Certified in Cybersecurity (CC), OffSec Certified Professional (OSCP), OffSec Certified Professional Plus (OSCP+), Junior Penetration Tester (PT1), Practical SOC Analyst Associate (PSAA), Practical Web Pentest Associate (PWPA), Practical Web Pentest Professional (PWPP), Practical Junior Penetration Tester (PJPT), Practical Network Penetration Tester (PNPT), Certified Information Privacy Professional (CIPP), or Certified Ethical Hacker (CEH).

Home Office Requirements:

• Internet speed of 20mbps or higher required (you can test this by going to www.speedtest.net ) .
• Connectivity to the internet via either Wi-Fi or Category 5 or 6 ethernet patch cable to the home router .
• Must currently and permanently reside in the Continental US .

#LI-Remote EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at [email protected] . Minimum Salary $68,900.00 Maximum Salary $75,000.00 Apply tot his job Apply To this Job