Job Seekers, Please send resumes to resumes@hireitpeople.comComplete Description: *local candidates strongly preferred *ONLY in-person interviews will be conducted, NO Skype, NO exceptions
Client is looking for a contractor to assist client in performing a HIPAA compliance gap analysis, develop metrics and track progress toward meeting the following specific goals.
Create appropriate documentation pertaining to HIPAA compliance and analyzing risk, including recommendations for the frequency with which these documents should be reviewed and updated.General and Technological Compliance:• Determine and document HHS-OCR and HIPAA compliance requirements in preparation for a compliance gap analysis for VDH. (1 week.) • Work with the Office of Information Management and Internal Audit to collect compliance documentation pertaining to HIPAA information technology requirements. This includes documentation on physical safeguards, etc. Document administrative and business practices for HIPAA compliance at VDH Health Districts and Offices and determine any deficits. Develop a recommended corrective action plan. (3 months.)• Document facility access to confidential or protected health information along with any deficits. Recommend a corrective action plan as needed. (1 month.)• Document VDH’s policy and process for breach notifications along with any deficits. Develop a procedure/check-list and form documents for use in breaches. Determine a procedure for preparing reports of breaches to HHS-OCR. Recommend an appropriate corrective action plan. (2 weeks.) • Develop an assessment tool for use in evaluating physical risks in VDH clinical settings. • Visit the Districts or Accompany HIPAA Privacy Officer on Visits to the Districts to assess and determine physical vulnerabilities and employee awareness, and prepare a corrective action plan.• Assess viability of draft policies as demonstrating compliance with HIPAA administrative requirements. (Two key draft policies have been formulated, and the process is underway for their final issuance.) Review policies and recommend a corrective plan including additions, as needed.FINAL DELIVERABLE: A complete attestation or compliance package pertaining to HIPAA, along with a gap analysis document and recommended corrective action plans, and a plan for ensuring continued compliance with HIPAA.
Skill | Required / Desired | Amount | of Experience |
o Detailed knowledge of HIPAA Privacy and Security rules, regulations and requirements | Required | 3 | Years |
o Detailed knowledge of NIST 800-53, SEC 501-09, HIPAA HITECH | Required | 3 | Years |
o Experience with interpreting HHS-OCR and HIPAA requirements, both from a business and technical perspective, and determining what documentation is n | Required | 3 | Years |
o Familiarity with HHS-OCR and its EVOLVING Enforcement Approach | Required | 3 | Years |
o Prior Experience with HIPPA Compliance within a Hybrid Organization | Required | 3 | Years |
o Experience with organizing documentation and information into a compliance portfolio | Required | 3 | Years |
?Experience with HIPAA Privacy Rule, Security Rule, Enforcement Rule and Breach Notification Rule | Required | 3 | Years |
o Certified HIPAA Privacy Security Expert (CHPSE) | Highly desired | 1 | Years |
o Healthcare Information Security and Privacy Practitioner (HCISPP) training or equivalent certification in security, confidentiality or HIPAA awarene | Highly desired | 1 | Years |
