Horizon Blue Cross Blue Shield of New Jersey - Newark, NJ
posted 2 months ago
The Privacy Associate is responsible for performing a variety of privacy compliance activities to ensure the proper use, collection, and storage of data throughout the organization. This role involves applying privacy by design principles to mitigate privacy risks and maintaining the organization's compliance with relevant laws, regulations, industry standards, and company policies. The incumbent will facilitate privacy center of excellence services and initiatives, in addition to developing, reviewing, and revising new and existing privacy policies and procedures to incorporate new regulatory requirements. This position will also investigate reports of potential non-compliance, lead risk assessments, and conduct other activities to support Horizon BCBSNJ's Office of Information Governance and Privacy. Key responsibilities include validating the adequacy, reliability, and effectiveness of organizational controls related to privacy compliance, performing assessments of the organization's compliance with privacy policies, and identifying information and privacy compliance issues and gaps. The Privacy Associate will independently investigate privacy-related complaints and reports of potential non-compliance with privacy policies, develop relationships with business areas, and partner with them on implementing remediation plans and appropriate Corrective Action Plans (CAPs). Additionally, the role involves preparing and maintaining reports on the status of the Privacy Compliance Program, serving as a contact person for privacy complaints and inquiries, and performing breach analysis for all privacy incidents. The Privacy Associate will also handle complex assignments in unclear situations, especially in the context of privacy incident investigations and member complaints. They will develop and deliver privacy compliance training to both internal and external audiences and interact with OCR or other regulatory agencies regarding privacy and security of Protected Health Information. The role may also support information governance activities, including monitoring compliance with information governance policies and delivering training programs and awareness campaigns. Special projects and ad-hoc tasks from management may also be part of the responsibilities.