Compliance Business Analyst II

Support HMSA in complying with in scope regulations by interpreting state and federal legislation and industry publications, assessing HMSA’s compliance risk and improving HMSA’s ability to comply. Compliance areas include all aspects of state, federal and industry data protection and data exchange mandates (with an emphasis on HIPAA Administrative Simplification, Privacy and Electronic Data Interchange). Emphasis areas may change over time.

Duties and Responsibilities:

  • Independently conduct analysis or direct others in the performance of analysis of new and existing rules, regulations, mandates, and industry guidelines regarding information protection, maintenance of privacy, confidentiality, and compliance including electronic data interchange standards, standards for the appropriate use and disclosure of protected health information, execution of patient privacy rights, and rules regarding breach response and notification. Research and respond to internal and external compliance inquiries, surveys, and questions regarding IPP’s compliance program. Receive, log, triage, investigate, perform risk analysis and perform internal and external incident notification for incidents that affect compliance. Coordinate with internal business, technical, and compliance areas, and with external business partners and business associates as necessary to achieve resolution. Formulate options for mitigation. Work with internal and external stakeholders to implement process improvement and preventative measures. Develop methods to objectively assess the effectiveness of process change and preventative measures.

  • Act as a liaison between IPP and the business and technical areas on matters involving information protection compliance. Act as a subject matter expert for the business and technical areas on matters involving compliance with the various state, federal, and industry rules that govern appropriate use, disclosure, receipt, and transmission of health information:

    • Facilitate and coordinate with internal and external stakeholders. Represent the IPP department on corporate efforts and provide input and clarity on data confidentiality and data exchange regulations and regulatory implementation/notification deadlines

    • Act as lead and work independently on department level and corporate level projects and governance activities including:

      • concept development and planning

      • requirements creation and review

      • project testing efforts and reviewing test results

      • performing risk assessments and risk management functions

      • assessing external vendor and business partner risk

      • policy/process development and improvement

      • organization change management

      • Implementation oversight

      • production acceptance/approval and promotion process oversight

      • post-production monitoring and post-mortem analysis.
  • Assist with IPP program outreach, education, and training; including but not limited to planning, coordination, content development, and presentation of training materials. Coordinate with internal and external stakeholders to disseminate communications corporate-wide and to external stakeholders and business partners. Independently conduct on-site and off-site presentations of education and training materials to varying audiences including workforce members, vendors, business associates, management, leadership and executive management.

  • Create, edit, update and maintain compliance documentation related to IPPs data compliance program, including but not limited to policies, procedures, guidelines, workflows, FAQs, and reference materials. Coordinate periodic document reviews. Track internal and external compliance events and determine their impact on current policies and compliance documentation. Collaborate with internal departments to ensure internal department level documentation aligns with corporate level policies and procedures. Formulate remediation plans to close any identified gaps.

  • Act as analytics and reporting lead responsible for IPP program insight and status reports including

    • issue tracking reports

    • incident tracking reports

    • incident pattern analysis reports

    • trend analysis reports

    • program maturity reports

    • executive and leadership summary reports

    • data dashboards and data visualization reports
  • Assist business and technical areas, and direct others to assist business and technical areas to support vendors, providers, pharmacies, and other data trading partners, including EDI trading partners, with their HIPAA compliance efforts. Engage external stakeholders as necessary to assure mutual understanding and maintenance of continued compliance.

  • Assist with other duties necessary to assure HMSA’s continued Privacy and Data exchange program compliance, as assigned by the Privacy and HIPAA Office manager.
  • Minimum Qualifications:

  • Bachelor’s degree and four years of policy, or compliance related experience; or an equivalent combination of education and experience.

  • Good working knowledge of standard office applications: including email, messaging, word processing, spreadsheet, chart, and presentation software.

  • Knowledge of common business and functional procedures.

  • Effective verbal and written communication skills.

  • Effective meeting facilitation skills.

  • Effective presentation skills for small and large audiences.

  • Must possess strong organizational skills.

  • Must possess strong writing skills

  • Ability to create technical documents that include visual aids such as graphs, charts and matrixes.

  • Ability to create governance documents, including policies, procedures, guidelines and FAQs.

  • Ability to create business letters and written correspondence in response to inquiries from HMSA’s external customers.

  • Ability to effectively present information and respond to questions from executives, managers, employees, and trading partners, and other stakeholders.

  • Ability to interpret a variety of technical instructions and governance mandates furnished in written, oral, graphical, or schedule form. Requires meticulous attention to detail and the ability to work on multiple assignments simultaneously.

  • Ability to plan and implement projects.

  • Ability to maintain the security and confidentiality of proprietary and protected health information.

  • Ability to work independently and in teams, developing strong working relationships with other compliance subject matter experts, solution vendors, and industry colleagues.

  • Occasional travel for training and continuous education may be required.
  • EEO/AA/Disability/Vets Employer

    Share this job


    Email Me Jobs Like These
    Showing 1–0 of 0 jobs

    Contact Us

    Eltas EnterPrises Inc.
    3978 Windgrove Crossing
    Suite 200A
    Suwanee, Georgia
    30024, USA

    Subscribe to our Newsletter