Privacy Compliance Officer

The Oregon Health Authority (OHA) has a fantastic opportunity for an experienced Privacy Compliance Officer (PCO) OPA 4 to join an excellent team and work to support agency access needs.

The Office of Information Service’s (OIS) mission is to deliver technology solutions and services that support Oregon Health Authority and Oregon Department of Health Services in helping Oregonians achieve health, well-being, and independence.

The Oregon Health Authority is committed to:

• Eliminating health inequities in Oregon by 2030
• Becoming an anti-racist organization
• Developing and promoting culturally and linguistically appropriate programs,
• Developing and retaining a diverse, inclusive, and equitable workforce that represents the diversity, cultures, strengths, and values of the people of Oregon.
• Click here to learn more about OHA’s mission, vision, and core values.

What you will do!

As a Privacy Compliance Officer (PCO), you will support Information Security and Privacy Office (ISPO) through delivery of agency compliance and effectiveness of the privacy program that follows the agency mission and all relevant regulations.

The PCO is a shared service position servicing Oregon Department of Health of Human Services (ODHS) and Oregon Health Authority (OHA) (Hybrid entity) as the HIPAA Privacy Officer as required by law. 

In this role, you will be responsible for working with all levels of management in OHA and ODHS, other state agencies, and external community partners etc. The PCO’s main role and function developing and managing the privacy compliance program, perform audits of compliance including audit plans, risk assessments and remediation plans, investigations and resolutions, and compliance and privacy related policies, procedures, education, and training in collaboration with our Awareness and Education Coordinator. PCO reviews contracts related to third party access including contractual agreements to support data protections.

Additionally, will support all reports of compliance issues and prepares reports and corrective action plans as directed by the Privacy Manager.  The PCO works with agency partners to ensure access control, secure data sharing, disaster recovery, business continuity, incident response, and risk management for both HIPAA covered and non-covered entities.

What we are looking for!

SPECIAL QUALIFICATIONS:

Two (2) plus years’ experience in security and privacy investigations, drafting, negotiating, and managing a variety of contracts.  

MINIMUM REQUIREMENTS: (Please clearly outline how you meet the minimum requirements and special qualifications in your application/resume/cover letter. Failure to do so might disqualify you from consideration)

(a) A bachelor’s degree in business or public Administration, Behavioral or Social Sciences, Finance, Political Science, or any degree demonstrating the capacity for the knowledge and skills; and four years professional-level evaluative, analytical, and planning work.

OR

(b) Any combination of experience and education equivalent to eight years of experience that typically supports the knowledge and skills for the classification.

Desired Attributes

• Direction, expertise, and support on all aspects of information data privacy, data security and agency technical, administrative and physical safeguards, compliance with federal, state and local laws including but not limited to best practices.
• Support confidentiality within both agencies, serving as the agencies' subject matter expert in these areas.
• Oversees the compliance efforts of the agency’s compliance program.
• Collaborates in agency performed audits by outside agencies, regulators, and audit functions. Support oversight and completion of appropriate responses to requests and findings.
• Collaborates with ISPO in the performance and reporting of planned risk assessments (privacy impact assessments (PIA), plan of action milestones (POAM) etc.
• Acts as policy coordinator with oversight responsibilities for the agency's privacy policies and procedures including providing consult on security policies when appropriate.
• Recommend changes to Oregon Administrative Rules on privacy.
• Response to public comment pursuant to administrative Notice of Proposed Rulemaking process.
• Ability to support multiple projects and competing agency priorities.
• Strong PC skills (Microsoft Suite, Excel, Outlook, PowerPoint).
• Excellent written and verbal communication and presentation skills.
• Experience in creating and maintaining a work environment that is respectful and accepting of diversity among team members and the people we serve.

What's in it for you?

• Medical, vision, and dental benefits
• 11 paid holidays
• 8 hours of vacation per month, eligible to be used after 6 months of service.
• 8 hours of sick leave per month, eligible to be used as accrued.
• 24 hours of personal business leave per fiscal year, eligible to be used after 6 months of service.
• Pension and retirement programs 
• Opportunity to potentially receive loan forgiveness under the Public Service Loan Forgiveness Program (PSLF)
• Continuous growth and development opportunities
• Opportunities to serve your community and make an impact through meaningful work.
• A healthy work/life balance, including fulltime remote options as well

How to Apply

• Complete the online application at oregonjobs.org using job number REQ-153736
• Complete questionnaire.
• Attach a resume.
• Attach a cover letter of no more than two pages addressing the “What we are looking for?” section including required and preferred skills.

The Oregon Health Authority is an equal opportunity, affirmative action employer committed to workforce diversity.

https://oregon.wd5.myworkdayjobs.com/SOR_External_Career_Site/job/Salem--OHA--Fairview-Industrial-Drive-3990/Privacy-Compliance-Officer--PCO---Operations-and-Policy-Analyst-4--Hybrid-work-options_REQ-153736