Job Details

Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format.

Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care.

By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare.

Role Summary:

The Senior Manager, HIPAA Privacy will serve as a trusted subject matter expert in HIPAA and state laws within the Provider Privacy team in Datavant's Legal department. Reporting to the Vice President, Provider Privacy, this role will support compliance with HIPAA and state privacy laws, provide strategic advice, and drive privacy risk mitigation across Datavant's Provider division business, product, and operations functions. The Senior Manager will also own the integration of privacy considerations into training, quality, and product development in the Provider division. For candidates with legal credentials, this role will also include responsibilities such as responding to regulatory inquiries and serving as HIPAA privacy counsel to issue legal advice and opinions.

Key Responsibilities:

• Incident & Risk Management: Lead a team of privacy analysts to ensure timely and thorough investigation, documentation, and escalation of potential Unauthorized Disclosures (UADs). Provide guidance on evaluating potential incidents, assist in risk assessments and in developing mitigation strategies. Ensure consistency and high quality in incident reporting and remediation plans, and support compliance with incident notification deadlines.
• Governance & Policy: Develop, maintain, and present key privacy performance indicators and metrics to senior leadership, highlighting trends, risk exposure, opportunities. Contribute to the drafting, updating, and communication of internal privacy policies, training, and presentations regarding privacy and compliance topics.
• HIPAA Training Support: Provide HIPAA expertise to aid in the creation and development of training materials for the Datavant Health Information Specialist Certification Program, ensuring that course content reflects current regulatory requirements and best practices.
• State Law Compliance: Support the evaluation and documentation of state-specific health information privacy and release of information laws.
• Stakeholder Engagement: Act as a privacy resource for internal teams and Provider division customers, providing clear, business-oriented guidance on complex privacy issues.
• Quality Partnership: Collaborate with the Provider division Quality team to drive forward quality roadmap initiatives, embedding privacy-by-design principles and ensuring that quality activities support privacy and regulatory compliance.
• Provider Product Advisory Support: Partner with the Provider Product team to advise on product roadmap enhancements and new features, ensuring that all development aligns with applicable federal and state law, as well as customer contractual requirements. Support Privacy Impact Assessments for new projects or product features, evaluate risks, and recommend mitigation strategies.

Basic Qualifications:

• A bachelor's degree and at least ten years of experience implementing regulations governing health information privacy
• Extensive experience interpreting and navigating health information privacy and related regulatory regimes, including HIPAA and state laws related to the release of health information
• Working familiarity with other aspects of the healthcare regulatory environment, such as the information blocking regulations
• Strong communication, interpersonal and project management skills
• Impeccable judgment, including understanding how to properly evaluate and communicate risks
• Excellent communication and organizational skills
• A great teammate who is willing to join supportive and collaborative colleagues
• Proactive attitude and approach towards continuous improvement
• Commitment to the highest standards of quality, integrity, ethics and professionalism

Desired Qualifications:

• J.D. from an accredited university with admission to practice law in at least one state
• Certification in privacy or healthcare privacy (e.g., CHPC or CIPP/US)
• Energized by working in a high throughput, collaborative environment where you are continually multi-tasking and re-prioritizing your work to respond quickly and meet deadlines
• Ability to work independently with minimal supervision
• Demonstrated intellectual curiosity to explore new concepts and accept new challenges