USACares Jobs

Job Information

SimplePractice Privacy and Security Compliance Analyst in CA, United States

Title: Privacy and Security Compliance AnalystLocation: Remote Job Description:

SimplePractice is the future of practice management. We?re at the forefront of making it simple for clinicians to run and grow their practices and growing quickly. We?ve built the highest-rated practice management software and we?re on track to become the market leader.

We are looking for a privacy and security compliance analyst who is a self-starter with strong problem-solving capabilities and willingness to learn.

Under the supervision of the Chief Information Officer, you will be responsible for all items privacy and security compliance related to HIPAA, CCPA and other regulations.

What you'll do day-to-day

  • Serve as the subject matter expert for HIPAA Privacy and Security rules, especially HIPAA privacy and security for business associates

  • Resolve compliance and privacy requests from external customers that are regulated under CCPA and other privacy regulations

  • Perform regular privacy and security compliance audits to better understand potential operational gaps within the organization that result in creation of remediation and corrective action plans

  • Generate executive reports of audit findings and recommendations

  • Assist with HITRUST and PCI certification and audit processes

  • Work directly with SimplePractice customers to address their privacy and security concerns

  • Work with various functions to understand and address compliance needs

  • Collaboration with legal on compliance needs that involve legal reviews and recommendations

  • Day-to-day ownership of vendor-management process

  • Regular reviews of vendors and implemented software

The ideal candidate

  • 3-7 or more years of experience in a privacy and security compliance role

  • Understanding of the HIPAA Privacy and Security rules as they apply to business associates

  • Understanding of CCPA and other privacy laws across the US

  • Knowledge of the HITRUST CSF framework and experience with the HITRUST certification process

  • Knowledge of the PCI Level 1 requirements for merchant and experience with the PCI certification process

  • Strong verbal and written communication skills

  • Ability to work both independently and as part of a team

  • Accountability, responsibility and ownership for assigned projects

Bonus Points

  • Experience with Governance, Risk and Compliance audit process and tools (AuditBoard preferred)

  • Understanding of GDPR and other global privacy regulations

  • Experience with ONC compliance

Tools you will be working with

  • GRC (AuditBoard)

  • SIEM

  • Project and Task Management (Asana)

  • Google Business Suite

  • Antivirus and anti-malware tools

  • Configuration security

California Job Applicant Privacy Notice

Thank you for your interest in opportunities at SimplePractice LLC (?SimplePractice? or ?us? or ?we? or ?our?).

Please note that when you submit your resume or application materials to us for employment purposes, we may collect the following categories of personal information about you:

  • Identifiers (e.g., name, address, email address, and phone number); protected characteristics (e.g., sex, gender, age, citizenship, disability status, and veteran status); professional or employment-related information (e.g., employment history, educational background, certificates and licenses, work eligibility information and other information obtained from your resume, cover letter, your responses to our application questions, background check forms, and your references); other personal records (e.g., signature, photograph, and criminal background information); and inferences drawn from personal information collected (e.g., creating a profile that reflects your abilities and aptitudes).

We collect the above categories of personal information for the following business purposes:

  • To perform recruitment and hiring services; to manage the workforce; to comply with federal and state laws, and to maintain security (e.g., to detect and prevent against security risks and incidents, to prevent against fraudulent or illegal activity, and to ensure compliance with our company policies and procedures).

For more information about our privacy practices, please visit our Privacy Policy (https://www.simplepractice.com/privacy) or contact us at privacy@simplepractice.com.

California Job Applicant Privacy Notice

Thank you for your interest in opportunities at SimplePractice LLC (?SimplePractice? or ?us? or ?we? or ?our?). Please note that when you submit your resume or application materials to us for employment purposes, we may collect the following categories of personal information about you:

  • Identifiers (e.g., name, address, email address, and phone number); protected characteristics (e.g., sex, gender, age, citizenship, disability status, and veteran status); professional or employment-related information (e.g., employment history, educational background, certificates and licenses, work eligibility information and other information obtained from your resume, cover letter, your responses to our application questions, background check forms, and your references); other personal records (e.g., signature, photograph, and criminal background information); and inferences drawn from personal information collected (e.g., creating a profile that reflects your abilities and aptitudes).

We collect the above categories of personal information for the following business purposes:

  • To perform recruitment and hiring services; to manage the workforce; to comply with federal and state laws, and to maintain security (e.g., to detect and prevent against security risks and incidents, to prevent against fraudulent or illegal activity, and to ensure compliance with our company policies and procedures).

For more information about our privacy practices, please visit our Privacy Policy or contact us at privacy@simplepractice.com

DirectEmployers