Overview:

The Compliance Analyst – Privacy serves as a subject matter expert in healthcare privacy compliance, supporting the organization and its clients in meeting federal and state privacy regulatory requirements and contractual obligations. This role partners closely with internal stakeholders and customer health plans to provide privacy guidance, monitoring, analysis, and risk mitigation support. The position plays a key role in maintaining an effective privacy compliance program through incident management, auditing, reporting, and advisory activities.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Serve as a privacy subject matter expert, providing guidance on federal and state healthcare privacy regulations to internal stakeholders and external clients.
• Analyze privacy incidents and breaches; prepare reports and root‑cause analyses, including recommendations for corrective and preventive actions.
• Maintain privacy incident tracking logs and follow up on corrective action plans to ensure timely and effective resolution.
• Support the implementation and ongoing enhancement of processes and procedures to mitigate identified and potential privacy risks.
• Partner with customer health plans across multiple lines of business, including Commercial, Medicare Advantage, and Medicaid.
• Conduct internal privacy monitoring activities and audits to assess compliance with policies, procedures, and regulatory requirements.
• Track audit findings, validate corrective actions, and support coordination of internal and external remediation efforts.
• Assist with maintaining and executing privacy compliance controls, including monitoring activities and validation of departmental audits.
• Respond to internal inquiries related to regulatory interpretation and application of federal and state healthcare privacy requirements.
• Collaborate with internal departments and external vendors to promote consistent privacy practices, proactive risk identification, and an organization‑wide culture of compliance.
• Support the development, maintenance, and execution of privacy compliance tools and processes, including incident management workflows, reporting mechanisms, and training support.
• Contribute to compliance reporting and documentation used for leadership, clients, auditors, and regulators.

REQUIRED QUALIFICATIONS:

• Bachelor’s degree required
• Minimum of five (5) years of healthcare privacy or health plan compliance experience
• Advanced proficiency in Microsoft Word, PowerPoint, and Excel
• Prior experience interpreting and applying regulatory and/or contractual compliance requirements

PREFERRED QUALIFICATIONS:

• Professional certification in healthcare compliance (e.g., CHC, CCEP, or privacy‑focused certifications such as CHPC), or completion of a graduate certificate program in healthcare compliance
• Working knowledge of HIPAA, state privacy laws, and other applicable federal and state healthcare privacy standards

SKILLS/KNOWLEDGE/ABILITIES:

• Strong understanding of health plan operations and how privacy compliance integrates across business functions
• Demonstrated ability to interpret regulations and translate requirements into practical, operational guidance
• Experience supporting privacy compliance programs, including policy development, monitoring, auditing, and corrective action management
• Ability to identify operational risks, analyze gaps, and recommend actionable compliance solutions
• Strong organizational skills; ability to manage multiple priorities and projects concurrently
• Excellent written and verbal communication skills, including the ability to prepare clear analyses and reports for leadership and business partners
• Advanced proficiency in Excel and PowerPoint for tracking, reporting, and presenting compliance data
• Proven ability to collaborate cross‑functionally and advise leaders and business partners on privacy‑related risks and obligations
• Ability to facilitate risk assessments and contribute to continuous improvement of compliance processes

Geographic Responsibility:  Remote, US

Type of Employment: Full-time, permanent 

FLSA Classification (USA Only): Exempt 

Work Environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job:  

• The employee is occasionally required to move around the office. Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception, and ability to adjust focus.  

• Work across multiple time zones in a hybrid or remote work environment. 

• Long periods of time sitting and/or standing in front of a computer using video technology. 

• May require travel dependent on company needs. 

The above statements are intended to describe the general nature and level of the job being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. HealthEdge reserves the right to modify, add, or remove duties and to assign other duties as necessary. In addition, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position in compliance with the Americans with Disabilities Act of 1990.  Candidates may be required to go through a pre-employment criminal background check. 

HealthEdge is an equal opportunity employer. We are committed to workforce diversity and actively encourage all qualified persons to seek employment with us, including, but not limited to, racial and ethnic minorities, women, veterans and persons with disabilities. 

#LI-Remote 

**The annual US base salary range for this position is $78,000 to $82,000. This salary range may cover multiple career levels at HealthEdge. Final compensation will be determined during the interview process and is based on a combination of factors including, but not limited to, your skills, experience, qualifications and education.