Privacy Manager at EmpiRx Health, LLC – Remote

Who We Are:

EmpiRx Health is the leading clinically-driven pharmacy benefits management company. As the pioneer in value-based pharmacy care, EmpiRx Health puts its customers and members first by enabling them to take control of their pharmacy benefits, healthcare outcomes, and financial results.

What We Do:

We place more emphasis on member care than any other PBM by focusing on health outcomes first. Our pharmacists and clinicians are at the center of everything we do―and our population health solution delivers tailored strategies for our clients.

Leveraging our newly launched, AI-powered pharmacy care platform, Clinically™, EmpiRx Health’s pharmacists and client management teams provide the highest quality pharmacy care to our clients and their members. This enables benefits plan sponsors to keep their members healthy, happy, and productive, while substantially reducing prescription drug spending, which has been on an explosive growth trajectory in recent years.

Who We're Looking For:

EmpiRx Health is experiencing unprecedented growth, and we are seeking a highly skilled and experienced Privacy Manager. The Privacy Manager will play a key role in overseeing the company’s privacy program, which includes but is not limited to reviewing, interpreting, and providing clear direction on the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and related privacy laws and regulations. This individual will work cross-functionally with various stakeholders to develop a comprehensive incident reporting framework, establish controls, provide training, and drive the execution of strategic compliance initiatives. Additionally, the Privacy Manager will be responsible for privacy monitoring and auditing activities to identify and remediate risk. The Privacy Manager role requires a strong understanding of the privacy laws, regulations, and ethical standards applicable to EmpiRx Health, robust analytical and problem-solving skills, as well as the ability to effectively communicate and collaborate with internal and external parties to satisfy legal and regulatory requirements before their effective date.

If you are a highly motivated compliance professional with a strong background in privacy practices and you are passionate about making a meaningful impact in the healthcare industry, we encourage you to apply.

What You'll Do:

As the Privacy Manager, your role will encompass a wide range of responsibilities. Here are a few:

PRIVACY OVERSIGHT:

• Establish an enterprise-wide HIPAA Privacy compliance program, including thorough awareness and training related to protected health information (PHI), personally identifiable information (PII), incident reporting, and breach response.
• Develop, implement, and maintain a documented system for reporting all known or suspected HIPAA incidents.
• Directly responsible for investigating and responding to incidents and breaches where PHI or PII may have been accessed, used, or disclosed improperly.
• Serves as the primary point of contact for privacy-related inquiries and complaints, both internally and externally (for example, HIPAA incident reports, privacy audits, inspections).
• Monitor and interpret federal, state, and local privacy laws and regulations impacting EmpiRx Health, its clients, pharmacy benefits managers (PBM), and the health care industry to assess applicability, maintain organizational readiness, and oversee implementation of new requirements.
• Review external-facing company materials to ensure that federal and state privacy requirements are met.
• Provide training on an as-needed basis on topics related to privacy, monitoring, and auditing (for example, HIPAA Privacy, authorized data usage, reporting requirements).
• Draft privacy policies and procedures, and partner with other departments to ensure company processes are documented and contain up-to-date legal and regulatory requirements.
• Coordinate the preparation and submission of privacy responses, filings, and applications as needed.
• Lead strategic, multi-department teams (ex: Clinical, Client Management, IT, Analytics, Legal) to satisfy privacy initiatives before required deadlines.
• Communicate clearly and effectively to multiple departments and verify that the guidance is interpreted correctly.
• Assist with the enhancement of the company’s compliance change management process.

MONITORING AND AUDITING:

• Oversee the development and implementation of a privacy monitoring and auditing program to proactively identify, resolve, and prevent PHI breaches and unauthorized access and use of sensitive information.
• Perform continuous monitoring to identify new and updated privacy laws, and ensure that applicable changes are documented and incorporated into operational processes.
• Perform routine and periodic audits to identify potential privacy gaps. Work with internal teams to address findings and mitigate future issues.
• Contribute to the completion of compliance risk assessments and work plans pertaining to areas of identifiable risk.
• Participate in mock and actual regulatory audits, coordinate with internal stakeholders to respond to agency inquiries, and maintain a consistent state of audit readiness.
• Create sustainable HIPAA compliant infrastructure for ongoing compliance reporting maintenance.
• Prepare privacy reports for senior leadership and regulatory bodies.
• Collaborate with IT, Finance, and other departments to automate data collection and reporting processes.

ADMINISTRATION:

• Assist with and execute assigned projects.
• Foster positive interdepartmental relationships and contribute to a collaborative team atmosphere.
• Maintain and update databases and tracking systems.
• Identify opportunities for process and quality improvement to mitigate organizational risks.
• Perform other job-related duties as assigned.

What You Need:

EDUCATION:

• Bachelor’s degree in Business Administration, Legal Studies, or another relevant field of study.
• Master’s degree, Juris Doctor, or other advanced degree in a relevant field of study (preferred).

EXPERIENCE:

• 4+ years of experience in privacy compliance required, preferably in the PBM, pharmacy, health care, or similarly regulated industries.
• 2 years of experience monitoring and auditing required, preferably in the PBM or health care industries.
• Proficiency in Microsoft Office Suite and Adobe Acrobat.
• Privacy Certification (preferred): Certified in Healthcare Privacy Compliance (CHPC), or Certified Information Privacy Professional (CIPP).

KNOWLEDGE, SKILLS, & ABILITIES:

• Expert knowledge of health care privacy frameworks that include a strategic vision to transform privacy requirements into actionable safeguards.
• Familiarity with laws and regulations impacting privacy, such as HIPAA, the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), state laws such as the California consumer Privacy Act (CCPA), etc. (preferred).
• Strong attention to detail, excellent time management skills, and the ability to meet tight deadlines.
• Excellent organizational, analytical, and problem-solving skills.
• Effective written and verbal communication skills for diverse audiences.
• Ability to research and adapt to state and federal regulatory changes.
• Skilled in building relationships across all organizational levels, both internally and externally.
• Ability to develop and edit technical and administrative documentation with clarity and precision.

Why Join Us:

• EmpiRx Health is on an extraordinary journey where excellence meets innovation.
• We are a collaborative team that encourages groundbreaking ideas, values open dialogue, and prioritizes continuous improvement.
• You will be part of a dynamic team where success is a shared celebration, collaboration fuels progress, and we redefine healthcare together.
• We offer a generous and competitive benefits package.

EmpiRx Health is an Equal Opportunity Employer

EmpiRx Health is an equal opportunity employer. We are committed to creating a diverse and inclusive environment for all employees. We prohibit discrimination and harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

All employment decisions are based on business needs, job requirements, and individual qualifications. We are an inclusive organization and actively promote equality of opportunity for all with the right mix of talent, skills and potential. EmpiRx Health celebrates diversity and is committed to creating an inclusive environment for all employees.

Your career at EmpiRx Health awaits – join us in shaping the future of excellence in healthcare.