• Privacy Analyst

    Rush University Medical Center (Chicago, IL)


    Job Description

    Business Unit: Rush Medical Center

     

    Hospital: Rush University Medical Center

    Department: RUSH Privacy

    **Work Type:** Full Time (Total FTE between 0.9 and 1.0)

    **Shift:** Shift 1

    **Work Schedule:** 8 Hr (8:00:00 AM - 4:00:00 PM)

     

    Rush offers exceptional rewards and benefits learn more at our Rush benefits page (https://www.rush.edu/rush-careers/employee-benefits).

     

    **Pay Range:** $66,560 - $84,864 per year

     

    Rush salaries are determined by many factors including, but not limited to, education, job-related experience and skills, as well as internal equity and industry specific market data. The pay range for each role reflects Rush’s anticipated wage or salary reasonably expected to be offered for the position. Offers may vary depending on the circumstances of each case.

    Summary:

    Provides project support to HIPAA Privacy and Security efforts of the Corporate Compliance Department supporting Rush. Provides data reporting and analysis of Privacy Office activities for internal and executive reporting. Serves as the lead auditor of access to ePHI throughout the enterprise, to include administration of an automated access auditing capability. Implements technology, including database design, for the tracking of HIPAA privacy and security activities and reports on metrics. Conducts analysis of risk through assessment activities for HIPAA Privacy and Security, including EOC rounds. Provides administrative support to the department and coordinates with other departments and activities, as needed. Exemplifies the Rush mission, vision and values and acts in accordance with Rush policies and procedures.

    Required Job Qualifications:

    + Bachelor’s degree in related area or an equivalent combination of education and experience.

    + Four years of experience in healthcare privacy or health information management related field.

    + Intermediate Microsoft Excel, Access, SharePoint, and Word skills.

    + Strong skills in communication, project/time management and prioritization/organization.

    + Must be able to work effectively with individuals at all levels in the organization.

    Preferred Job Qualifications:

    + Master’s degree.

    Responsibilities:

    + Prepares data flow diagrams to support the analysis of privacy and security projects.

    + Conducts analysis of data and prepares charts to determine trends regarding privacy and security risks.

    + Creates reports to support metrics, projects and information analysis.

    + Designs and conducts audits of access to the electronic health record (EHR), analyzes results, and identifies possible instances of inappropriate access or use of the HER.

    + Administers an enterprise-wide application capable of auditing access to applications processing ePHI enterprise-wide.

    + Administers a rotating schedule of audits to ensure a complete cycle of for cause and not-for-cause audits are accomplished.

    + Designs and implements databases using Microsoft Access and other database tools. Develops the means to create automated reports that provide metrics of operational effectiveness.

    + Administers software and databases for the office, including those built on Access, Excel, and outsourced/portal-based, as assigned.

    + Coordinates the intake and reporting of Hotline reports under the supervision of the Privacy Director.

    + Maintains the Privacy Office intranet site, including posting of files and creating linked content through Sharepoint.

    + Maintains technical equipment for the office and interfaces with Information Services, when needed.

    + Supports the conduct of HIPAA risk assessments by collecting and reporting information using prepared checklists, as needed.

    + Conducts privacy and security assessments as part of Environment of Care rounds at RUMC.

    + Provides support to HIPAA privacy and security incident response and analysis as directed.

    + Prepare and send privacy forms to patients, as needed.

    + Performs administrative functions (filing, mailing, mail, etc.) of the Privacy Office.

    + Performs process improvement activities.

    + Interfaces with other support functions within the institution (e.g., Information Services or Medical Center Engineering) for equipment or service requests.

    + Other duties as assigned.

     

    Rush is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.

     

    **Position** Privacy Analyst

    **Location** US:IL:Chicago

    **Req ID** 22254