Share this Job

HIPAA Compliance Officer Job

Apply now »
Apply now

Apply for Job

Date: Jan 22, 2019

Location: Alpharetta, GA, US, 30009

Company: Boston Scientific

Additional Locations:



Purpose and Passion • Comprehensive Benefits • Life-Work Integration • Community • Career Growth

At Boston Scientific, you will find a collaborative culture driven by a passion for innovation that keeps us connected on the most essential level. With determination, imagination and a deep caring for human life, we’re solving some of the most important healthcare industry challenges. Together, we’re one global team committed to making a difference in people’s lives around the world. This is a place where you can find a career with meaningful purpose—improving lives through your life’s work.


About the role:

In line with our mission to transform lives through innovative solutions, Boston Scientific Pathology will become the GI pathology service provider of choice.  We will deliver the best diagnostic results possible to help our Customers provide the best Patient Care.


The Compliance Manager & HIPAA Officer provides leadership and direction to BSC Pathology on the administration and implementation of HIPAA compliance and other laboratory compliance matters (CAP, CLIA, OSHA, Medicare billing). The HIPAA compliance program shall include, and is not limited to, preparation and review of policies and procedures, collaboration with local and corporate business partners at varying leadership levels to facilitate HIPAA privacy, security and EDI compliance, seeking ways to improve processes and help the business function more efficiently and effectively, and managing HIPAA incident investigation and response, advising on appropriate use, disclosure, protection and transmission of protected health information (PHI) and coordinating responses for requests from patients and third parties.


Your responsibilities include:

  • Implement and sustain appropriate policy and operational execution of the requirements under HIPAA and other applicable privacy and information security laws.
  • Coordinate review and input from appropriate business unit employees as needed to implement HIPAA compliance documentation.
  • Serve as first point of contact for internal business unit employees in relation to laboratory compliance matters, including escalations of Business Associate Agreements, privacy, security and EDI impact assessments, individual rights requests, complaints and related compliance queries.
  • Receive, investigate and respond to HIPAA questions and concerns raised by patients, employees and others. Manages all required breach determination and notification processes under HIPAA and applicable State breach rules and requirements.
  • Correspond and communicate with patients and others raising concerns. Conduct proper reporting of violations or potential violations to duly authorized enforcement agencies as appropriate or required. 
  • Develop training and facilitate the on-boarding of business unit employees to ensure laboratory compliance (CAP, CLIA, etc.) and HIPAA obligations are communicated and understood; ensure compliance with such obligations.
  • Ensure enforcement of management and employee compliance with company policies and HIPAA requirements.
  • Manage and monitor Business Associate activities, to include Agreements, services, and contact information.
  • Conduct and support periodic risk assessments to identify, prioritize and evaluate privacy and information security risks, compliance risks, and oversee remediation activities.
  • Maintain current knowledge of applicable federal and state privacy laws and accreditation standards, and monitor advancements in information privacy/information security risks and risk mitigation strategies to ensure organizational adaptation and compliance.
  • Develop and maintain an understanding of applicable compliance laws and regulations in the additional areas of CLIA, CAP, OSHA, Medicare billing, and other related areas of laboratory compliance.
  • Working with Legal counsel, IT and EDI operations, monitor and update internal functions on privacy, EDI and information security legal regulatory requirements that may impact them.
  • Report on a regular basis and, as directed or requested, keep senior management informed of the operation and progress of compliance efforts. 
  • Coordinate with key stakeholders such as VP Operations & General Manager, Legal, Risk, Compliance, HR, Global Security, and IT in performing job responsibilities.
  • Identify opportunities to improve the efficiency and effectiveness of PHI protection, privacy, security and EDI and training policies and standard operating procedures (process improvement/reengineering projects).


What we're looking for in you:

Basic Qualifications

  • 3+ years of recent experience in a laboratory health care environment is strongly preferred; relevant background includes regulatory compliance, coding, billing, internal audit management
  • 5+ years of experience in HIPAA management/administration.
  • Excellent writing, proofreading, and editing skills
  • Strong verbal and written communication skills
  • Attention to detail
  • Ability to communicate via telecommunication and in person
  • Ability to interact professionally with all levels of management, multiple geographies, internal subject matter experts, legal staff, vendors, and clients
  • Ability to prioritize and complete daily workload and projects with minimal supervision and in accordance with deadlines and shifting priorities
  • Ability to communicate and manage personal project timelines and responsibilities
  • Strong organizational and administrative skills
  • Strong computer skills (including Microsoft O365 and Adobe software)
  • Ability to synthesize information from a variety of sources and present it in a meaningful and concise way
  • Ability to prioritize, adapt and work with cross-functional teams in a dynamic global work environment under limited supervision
  • Contribute to various internal operations projects (i.e., form templates, policies)

Preferred Qualifications

  • Comprehensive understanding of HIPAA and other applicable State privacy laws; familiarity with federal privacy regulations (e.g. TCPA) desirable
  • Understanding of laboratory operations, including laws and regulations by various federal, state and local agencies is desired


About us

As a global medical technology leader for more than 35 years, our mission at Boston Scientific (NYSE: BSX) is to transform lives through innovative medical solutions that improve the health of patients. If you’re looking to truly make a difference to people both around the world and around the corner, there’s no better place to make it happen.


Boston Scientific is an Equal Opportunity Employer – Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Disability, Veteran


Requisition ID: 442432


Nearest Major Market: Alpharetta
Nearest Secondary Market: Atlanta

Job Segment: Compliance, Telecom, Telecommunications, Medical, Pathology, Legal, Technology, Healthcare