← all jobs

GRC and Privacy Analyst

Work from home Full-time role Hiring

WE ARE HEALTHCARE SYSTEMS OF AMERICA. Our mission is to elevate healthcare standards, improve patient outcomes, and create value for communities across the United States. Healthcare Systems of America (HSA) is more than a healthcare provider-we're a community built on excellence, innovation, and compassion. If you're looking for a career that makes a difference, empowers you to grow, and gives you the opportunity to impact lives, HSA is where you belong. Healthcare Systems of America operates 8 community hospitals across 3 states. We service a multitude of patients and their families across our vast network, while remaining committed to the professional development of our staff, the functional improvement of our patients, and the cultivation of strong partnerships within our communities. WHAT WE OFFER

  • Career GrowthDevelopment - We are an essential, stable and growing company with many opportunities for training and advancement within the medical field that all employees and team members can benefit from.
  • SupportiveInclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
  • Meaningful Work - Every day, you'll contribute to patient care, cutting-edge medical solutions, and life-changing treatment and technologies. POSITION SUMMARY The GRC and Privacy Analyst supports the organization's Governance, Risk, and Compliance (GRC) initiatives, as well as privacy and data protection functions. The role is responsible for assisting with policy management, risk assessments, audit readiness, and privacy compliance programs including HIPAA, HITECH, and other applicable federal and state regulations within the healthcare industry. PRIMARY RESPONSIBILITIES Governance, RiskCompliance (GRC)
  • Support implementation and maintenance of GRC frameworks and processes.
  • Assist in developing and updating internal policies, standards, and controls.
  • Track compliance metrics and prepare GRC reports for leadership.
  • Support regulatory and third-party audits by coordinating documentation and responses. PrivacyData Protection
  • Assist with managing privacy policies and procedures in alignment with HIPAA and HITECH.
  • Conduct Privacy Impact Assessments (PIAs) and assist with Data Protection Impact Assessments (DPIAs).
  • Help monitor privacy risks and maintain logs of incidents, investigations, and breach reports.
  • Contribute to staff training initiatives on data privacy and protection policies. Risk AssessmentsVendor Management
  • Assist in conducting third-party risk assessments and maintaining a vendor compliance tracker.
  • Document risk mitigation strategies and coordinate with internal stakeholders on remediation efforts.
  • Maintain inventory of data flows and systems storing protected health information (PHI). Audit ReadinessMonitoring
  • Maintain audit documentation and evidence in support of GRC and privacy compliance efforts.
  • Track audit findings and support follow-up activities and closure of remediation items.
  • Help monitor emerging privacy laws and changes in regulatory requirements. EXPERIENCE/EDUCATION REQUIREMENTS
  • Bachelor's degree in information security, Health Information Management, or a related field.
  • 2+ years of experience in GRC, compliance, or privacy roles within a healthcare environment.
  • Familiarity with HIPAA, HITECH, and data privacy laws and regulations.
  • Excellent analytical, documentation, and communication skills.
  • Proficiency in Hirevector Excel, Word, and compliance management platforms.

Preferred Qualifications

  • Professional certifications such as CIPP/US, CHPC, or GRCP.
  • Experience with GRC tools such as FortifyData, OneTrust, Archer, or ServiceNow.
  • Understanding of hospital workflows and protected health information (PHI) lifecycle.

More open positions

Director, Cybersecurity Governance, Risk, and Compliance (GRC)

Work from home Full-time role

The GRC Process Architect

Work from home Full-time role

GOVERNANCE, RISK, AND COMPLIANCE ANALYST (GRC)

Work from home Full-time role

GRC Analyst (AuditBoard REQUIRED) (468968)

Work from home Full-time role

Project Manager/ w GRC (REMOTE)

Work from home Full-time role

Associate Clinical Staff | NV Active Consulting

Work from home Full-time role

Manager - Supplier Relations (Broadband)

Work from home Full-time role

PMO Lead

Work from home Full-time role

Remote Customer Service Representative – Consumer Support Specialist for careerzynith

Work from home Full-time role

Data Science & Business Analytics, praxisnah lernen, 100 % Remote (Weiterbildung)

Work from home Full-time role

Jr to mid level Help Desk Support - 100% remote but live in the Northeast US

Work from home Full-time role

Remote Travel Advisor (Flexible Hours | No ExperienceRequired)

Work from home Full-time role

Online | Event & Travel Coordinator | Entry Level

Work from home Full-time role

Experienced Remote Data Entry Clerk for Wholesale – Data Management and Coordination Specialist

Work from home Full-time role

Experienced Customer Associate – Remote Customer Support Representative

Work from home Full-time role

[Remote] Data / Systems Analyst II

Work from home Full-time role

Medical Records Associate - AHN Home Infusion - Meadville

Work from home Full-time role

Data Entry (FedEx Jobs) -Remote without Experience – Part-Time

Work from home Full-time role

Desenvolvedor(a) Backend Sênior

Work from home Full-time role

BENEFITS AND ELIGIBILITY SPECIALIST (ELIGIBILTY INTERVIEWER)

Work from home Full-time role

[VCK] Senior QA Automation Engineer (AI Systems)

Work from home Full-time role