Director, Privacy

Location: Burlington, MA
Job ID: 157668-1A
Date Posted: Oct 2, 2019
Category: Professional

Save Job Job Saved

Job Description

Welcome To

Welcome to Shared Services, our team uses a coordinated approach to delivering administrative and operational services across Lahey. Our Shared Services colleagues leverage resources across the organization to ensure we provide high-quality, high-value care to the communities we proudly serve.  The Shared Services team includes colleagues who focus on business and network development, legal services, facilities and real estate, human resources, information technology, finance, philanthropy and marketing and communications. 

About the Job

The Director of Privacy will provide oversight and expert leadership for the privacy program and related initiatives throughout the legacy Lahey Health System and to the other member organizations that comprise Beth Israel Lahey Health consistent with system integration. The Director of Privacy will serve as a System resource, providing guidance and leadership on privacy matters to staff, affiliates and other colleagues. Duties include ensuring the proper management and oversight of privacy related matters, development, maintenance of and adherence to privacy-related policies and procedures, HIPAA, privacy monitoring, training, and other essential components of an effective Privacy Program at the legacy Lahey Health System and the Beth Israel Lahey Health system.

In this role, the Director is responsible for the development, implementation, and ongoing refinement of strategies for an effective privacy program for the system as well as member entities.


Essential Duties & Responsibilities including but not limited to:

  • In coordination with organization management and administration, the Chief Compliance Officer and his or her designees, and legal counsel:
  • Provides development guidance and assists in the identification, implementation, and maintenance of organization privacy policies and procedures.
  • Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning privacy policies and practices; investigates and evaluates suspected breaches, sends notification letters to patients when required, and, working with legal counsel, submits required reports to OCR
  • Performs initial and periodic information audits and conducts related ongoing compliance monitoring activities related to access to PHI in coordination with the entity's other compliance and operational assessment functions
  • Together with legal counsel and operational management, works to ensure that the organization has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements
  • Together with legal counsel, is responsible for ensuring compliance with the Business Associate Agreement requirements and ensuring that all Business Associates execute and comply with updated BAAs
  • Oversees, directs and delivers, or ensures delivery of initial and ongoing privacy training and orientation to all employees, volunteers, and professional staff
  • Coordinates with regulatory agencies when requested and assists compliance program management and administration in compliance reviews, audits and investigations
  • Works with all organization personnel involved with any aspect of release of PHI to ensure full coordination and cooperation under the organization's policies and procedures and legal requirements
  • Initiates, facilitates, and promotes activities to foster information privacy awareness within the organization and related entities
  • Leads and serves as an effective member of applicable Compliance and Privacy related committees and BILH system-level initiatives.
  • Maintains current knowledge of applicable federal and state privacy laws and regulations
  • Performs other duties as assigned consistent with an experienced health care privacy professional
  • Provides assistance with oversight and monitoring activities of the compliance and privacy programs, and conducts regular program reviews in order to propose modifications, if necessary, to prevent illegal, unethical, or improper conduct.
  • Works closely with each of the BILH member entities compliance and privacy program leaders   toward the development of a robust privacy program, including setting establishing annual privacy goals and objectives, to be included in the annual Work Plan.
  • Collaborate and coordinate with HIM departments and other organization personnel throughout the System to assure that patient rights to inspect, amend, and restrict access to protected health information are in compliance with applicable  policies and privacy laws.
  • Works directly with the Chief Compliance Officer and his or her designees to provide leadership and subject matter expertise on privacy and related topics to the Beth Israel Lahey Health System and all member organization compliance and privacy programs; assures compliance with federal and state regulations, including privacy standards and regulations such as HIPAA, HITECH and other related state and federal laws, rules and regulations;
  • Provides guidance and assists in the development, identification, implementation, and maintenance of the organization’s corporate compliance and privacy policies and procedures in coordination with organization management and administration, the Chief Compliance and Privacy Officer and legal counsel.


  • Bachelor’s degree required.  Master’s degree or law degree preferred.


Licensure, Certification & Registration:

  • Health care compliance and privacy professional certification


  • Knowledge of healthcare operations with at least 5 years previous experience in healthcare compliance and privacy, and 3 years supervisory / management experience required.

Skills, Knowledge & Abilities:

  • Excellent communication, interpersonal, and organization skills; ability to prioritize and meet deadlines; strong analytical skills.  Must be able to prepare and present to diverse audiences.
  • Demonstrated ability to lead initiatives and manage teams in a matrix environment, including progressive program and project management and leadership roles in large and complex organizations.

Preferred Qualifications & Skills:

  • Decision Making: Ability to make decisions with significant, broad implications for the management and operations of the Compliance and Privacy Program.
  • Problem Solving: Ability to address problems that are broad, complex, abstract often involving system-wide issues and requiring substantial creativity, resourcefulness, staff engagement, negotiation, and diplomacy to develop solutions.
  • Independence of Action: Ability to set direction and vision.
  • Setting Priorities: Ability to establish priorities and assess allocation of resources.
  • Written Communication: Ability to communicate complex information to staff, management, and external customers.
  • Oral Communications: Ability to demonstrate broad and comprehensive knowledge of theories, concepts, practices and policies.
  • Knowledge: Ability to demonstrate broad and comprehensive knowledge or theories, concepts, practices and policies with the ability to use them in complex situations across multiple functional areas.
  • Team Work:  Ability to act as a team leader for projects or workgroups, creating a collaborative and respectful team environment.
  • Customer Service: Ability to understand operational initiatives to meet or exceed customer service standards and expectations in assigned unit(s) and/or across multiple areas in a timely and respectful manner.

About Us

Beth Israel Lahey Health is comprised of world-class academic medical centers and teaching hospitals, leading community hospitals, a renowned orthopedics hospital, and comprehensive ambulatory centers. Through our focus on population health, our clinically integrated network of affiliated providers, as well as vital services such as behavioral health and home care services, we are able to provide a new model of care that improves the health of all those we serve. With more than 9,000 nurses, 4,300 physicians and more than 35,000 employees, our model ensures care is highly coordinated and locally delivered, with lower costs and exceptional quality.                                                      

Beth Israel Lahey Health is committed to attracting, developing and retaining top talent in a market long recognized and revered as a global leader in health. With a team approach to care, we encourage learning and growth at all levels, and we offer competitive salaries and benefits. We adhere to the principles of a just and fair work environment for all colleagues, where respect is foundational. We strive to create a diverse and inclusive workplace that reflects the communities in which we work and serve.