HonorVet Technologies. We''re a Service Disable Veteran-Owned IT staffing firm, ISO 9001 and ISO 27001 certified, working with federal agencies, state governments, and Fortune 500 enterprise clients across the US. What makes us different isn''t a tagline; it''s the way we work. We don''t forward resumes and hope for the best. We take the time to understand where a professional like you is headed and only reach out when we genuinely believe there''s a fit worth exploring. I came across your profile, and something stood out.
Position Title: JCOD HIPAA Program Manager
Location: Los Angeles, CA, 90012
Duration: 12 months contract to start with the possibility of extension
Position Description: The HIPAA Program Manager (PM) works under the direction of the Chief Privacy Officer or user agency personnel and manages or oversees all aspects of one or more HIPAA compliance projects while interacting with mid-level officials of similar capacity at the user agency and private sector. The HIPAA PM will perform HIPAA compliance activities and data protection initiatives, with a particular focus on the County''s access to and the use of protected health information (PHI), in support of the Countywide Privacy Program. They will be responsible for performing HIPAA compliance auditing and monitoring functions, assisting with the development and enhancement of policies and procedures as required by the HIPAA Privacy Rule, provide guidance to County departments about privacy impact assessments and HIPAA risk assessments, provide guidance about the assessment of HIPAA and Privacy policy violations and/or incident response investigations, perform and evaluate HIPAA risk assessments and privacy risk assessments, participate in the review and update of the HIPAA and Privacy Awareness trainings and educational activities, and conduct HIPAA-focused presentations at events. The HIPAA PM is responsible for having in-depth knowledge of federal and state health privacy laws and regulations (strong focus on California laws), including those governing access, release of information and security technologies such as, but not limited to HIPAA, HITECH Act, CA Civ Code § 1798.29, CMIA, Health & Safety Code, section 1208.15; will evaluate situations against federal and state health privacy laws and regulations (strong focus on California laws); determine key business issues and develop appropriate plans from multidisciplinary perspectives; advise on HIPAA compliance programs, including incident management; understand internal auditing standards. The HIPAA PM evaluates organizations existing policies and procedures for HIPAA compliance by performing and evaluating HIPAA risk assessments and privacy risk assessments. They will work with and maintain confidential information; be organized to analyze and synthesize information quickly; and be able to work independently in a fast-paced environment.
Skills Required: The HIPAA PM will possess knowledge and experience in customer service; decision making; flexibility; interpersonal skills; organizational awareness; written and oral communication; planning and evaluating; analysis and risk management; independence; and be proficient in Microsoft Office and Adobe Acrobat software.
Additional Skills Required: Ability to operationalize HIPAA requirements into workflows, SOPs, and procedures. Technical knowledge of security controls, audit logging, system risk, and cloud environments (e.g., Azure/M365). Skills in data governance, retention strategy, and developing archiving/ "hot vs. cold” storage plans. Experience supporting governance structures, charters, and escalation processes. Expertise in PHI workflow mapping across systems and divisions. Strong incident response and root-cause analysis capabilities. Advanced HIPAA training development and presentation skills.
Experience Required: This classification requires at least a minimum of four (4) years of experience on privacy requirements in healthcare settings and healthcare industry operations, including: HIPAA policy development and governance, HIPAA compliance monitoring, privacy impact assessments (PIAs) and HIPAA risk assessments, third party vendor risk assessments, HIPAA compliance audits, and training. At least three (3) years of that experience must be with HIPAA requirements, incident response investigations, and breach notification laws/regulations.
Additional Experience Required: 3 years of experience leading or managing HIPAA compliance implementation projects or transitioning an organization into HIPAA-covered entity status. 3 years of experience working directly with IT teams on HIPAA Security Rule safeguards, including access control models, audit logging, encryption, retention models, and cloud-based data governance. 2 years of experience developing or enforcing data retention schedules, PHI lifecycle governance, or data archiving strategies (e.g., "hot” vs. "cold” storage models). 3 years of experience coordinating HIPAA or data privacy work across multiple divisions (e.g., Legal, IT, Fiscal, Contracts, Program Operations) and preparing executive-level briefings. 3 years of experience operationalizing HIPAA policies into SOPs, workflows, staff procedures, and implementation guides. 3 years of experience conducting HIPAA risk assessments, Privacy Impact Assessments (PIAs), threat modeling, or HIPAA audit readiness assessments. 3 years of experience managing HIPAA incident response investigations, performing root-cause analysis, and applying federal and breach laws . 2 years of experience reviewing, negotiating, or operationalizing HIPAA-related Business Associate Agreements (BAAs), Data Exchange Agreements (DEPAs), or third-party HIPAA vendor risk assessments. 2 years of experience developing or delivering HIPAA or privacy-focused training to staff, managers, contractors, or providers. 2 years of experience managing multi-phase compliance or regulatory projects using GANTT charts or other structured project-management tools
Education Required: This classification requires the possession of (a) a bachelor''s degree or higher, and (b) a certification in one or more of the following: Certified in Healthcare Compliance (CHC), Certified in Healthcare Privacy Compliance (CHPC), Certified Information Privacy Professional/United States (CIPP/US) or Certified Information Privacy Manager (CIPM) certification. The certification is required and may not be substituted with additional experience. An advanced degree, including a Master''s in Business or Healthcare Administration, Master of Laws (LL.M), or Juris Doctor, may be substituted for two (2) years towards the minimum years of experience.
Never miss an opportunity! Create an alert based on the job you applied for.
