1. Choose your Affinity Group

* Equal Opportunity / Affirmative Action

We serve Equal Opportunity Employers and are an Equal Opportunity Employer. The Professional Diversity Network has separate professional networking sites for different affinities, and in selecting the groups you identify with, you will be joined with those networks.

Note: Providing this information is strictly voluntary - you will not be penalized or subjected to adverse treatment. If you choose not to provide this information, simply select "Choose not to identify."

2. Choose Method
X
Sign in with LinkedIn
Sign in with Facebook
OR

Tell us about yourself

Privacy Analyst Job at Blue Cross and Blue Shield of Minnesota in Eagan, MN

Save or bookmark jobs as you go and access them anytime later with your account.

Contacts

Description

About Blue Cross



For more than 80 years, Blue Cross and Blue Shield of Minnesota has worked to improve the health of all Minnesotans. As a nonprofit organization, we have a long history of making a healthy difference in people’s lives and of giving back to the communities we serve. In particular, our industry-leading commitment to veterans, service members and their families helped us to be named the first and only Beyond the Yellow Ribbon health plan company in Minnesota.



We make it easy for you to support veterans groups and other community organizations by providing 20 hours of volunteer paid time off each year — in addition to regular paid time off. The dedication of Blue Cross volunteers has earned us recognition for running one of the most successful corporate food drives in the state; donating nearly 1,500 volunteer hours at Habitat for Humanity worksites; and growing more than 750 pounds of fresh produce at our onsite Community Giving Gardens. Find your place at a company that cares about veterans, our employees, our members and our communities.


Description Summary

This role is responsible for investigating all actual and potential data privacy issues spanning all BCBSMN business units, affiliates and business associates. The Analyst will assess initial allegations; interview witnesses; review all applicable documents, including all applicable policies and regulatory/legal requirements; assess the facts pursuant to HIPAA, HITECH, and State law; conduct a risk assessment; determine breach status; complete a written summary at the conclusion of the investigation, notify individuals and/or regulators and log the incident into BCBSMN Privacy Incident Management database.



 



In addition to the responsibilities listed below, the Privacy Analyst will participate in and assist with Privacy Department projects and activities and related Program Office projects and activities.


Accountabilities

Incident Management:




  • Manage the Privacy Email, Hotline and system generated incident reporting sources (Service Now, INSINQ, etc.)

  • Address the high volume of inquiries and incidents from multiple sources – email; hotline; phone, etc.

  • Thoroughly investigate, document, remediate, report, notify, close and log all reported privacy incidents.

  • Handle matters requiring notification to Health and Human Services, customers / clients, and individually impacted membership.

  • Lead, assist and/ or brief leadership on higher profile issues and investigations when required.



Related Functions:




  • Track and manage the list of employee groups with unique incident notification, reporting and other privacy related requirements.

  • Provide guidance to business leads on the permissible use and disclosure of member and customer information.

  • Lead the Privacy aspect of the annual HIPAA Audit Readiness review conducted with Information Security.

  • Maintain the Audit Readiness Contact List and other such lists as identified.

  • Provide ‘Accounting for Disclosures’ upon request.

  • Provide back-up for Compliance Email and Hotline.



Reporting:




  • Prepare of monthly, quarterly and annual reporting related to incident management and key privacy activities.

  • Work collaboratively with internal teams for timely reporting of privacy incidents to regulators and/ or clients based on contractual requirements.

  • Assist with ad hoc or scheduled reporting for Sr. Management, departments, etc.



Training:




  • Assist in identifying areas wherein Privacy training may be appropriate.

  • Assist in and/or lead the creation of privacy training materials in conjunction with Communications and Information Security.

  • Track, document and follow-up on the completion of the enterprise wide privacy training.



Policy & Procedure Maintenance:




  • Manage the annual review of the Privacy policies and procedures. (Propose updates, conduct reviews, navigate the approval process and post final documents.)

  • Manage the process for unscheduled policy and procedure updates and creation of new policies and procedures.

  • Work collaboratively with Business Units e.g. Customer Service Leads to maintain, create and implement accurate Privacy procedures and guidance for the Business Unit Teams.



Other:




  • Maintain subject matter expertise of applicable laws and regulations for data privacy, HIPAA, HITECH, and State Law.

  • Perform other privacy related duties and/ or projects as assigned.

  • Adhere to the Notice of Privacy Practices and maintain compliance with applicable HIPAA and State laws associated with this role.


Requirements


  • Bachelor’s degree or equivalent experience and 3 years of experience in at least one of the following categories: Legal / Compliance / Regulatory / Investigations / Privacy / Operations.

  • HIPAA and healthcare privacy knowledge

  • Ability to communicate with, educate and learn from co-workers and peers

  • Ability to communicate with members, including discretion to maintain confidentiality of internal and sensitive information

  • Attention to detail and ability to ask the right questions and make connections

  • Strong written and verbal communication skills.

  • Comfortable using judgment/ability to function confidently in gray areas and work independently

  • Strong research, problem solving, analytical and decision making skills to effectively solve complex issues


Preferred Requirements


  • Certified Information Privacy Professional or other designation

  • Familiarity with laws and regulations in the healthcare / insurance space

  • Compliance 360


FLSA Status

Exempt


Blue Cross Blue Shield of Minnesota is an Equal Opportunity and Affirmative Action employer that values diversity. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on race, color, creed, religion, sex, national origin, genetic information, marital status, status with regard to public assistance, disability, age, veteran status, sexual orientation, gender identity, or any other legally protected characteristic.



 



Make a difference



Thank you for your interest in Blue Cross. Be part of a company that lets you be you — and make a healthy difference in people’s lives every day



Blue Cross is an Equal Opportunity and Affirmative Action employer that values diversity. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on race, color, creed, religion, sex, national origin, genetic information, marital status, status with regard to public assistance, disability, age, veteran status, sexual orientation, gender identity, or any other legally protected characteristic.



Blue Cross® and Blue Shield® of Minnesota and Blue Plus® are nonprofit independent licensees of the Blue Cross and Blue Shield Association

Similar Jobs

See All »

Other Jobs at Blue Cross and Blue Sh...

See All »