Description

Maximus is currently hiring for a Lead Privacy and Compliance Specialist to support our Arkansas No Wrong Door project. This is an onsite position in Little Rock, AR. The Lead Privacy and Compliance Specialist will provide advice on compliance matters, guiding management and staff in maintaining a compliant and confidential operational environment. This position will integrate compliance measures and ensure seamless adherence to privacy protocols. This position is responsible for assessing and enforcing all state and federal mandated privacy policies.

*This position is contingent upon contract award.*

Why Maximus?

• Work/Life Balance Support - Flexibility tailored to your needs
• Competitive Compensation - Bonuses based on performance included
• Comprehensive Insurance Coverage - Choose from various plans, including Medical, Dental, Vision, Prescription, and partially funded HSA Additionally, enjoy Life insurance benefits and discounts on Auto, Home, Renter's, and Pet insurance
• Future Planning - Prepare for retirement with our 401K Retirement Savings plan and Company Matching
• Paid Time Off Package - Enjoy PTO, Holidays, and extended sick leave, along with Short and Long Term Disability coverage
• Holistic Wellness Support - Access resources for physical, emotional, and financial wellness through our Employee Assistance Program (EAP)
• Recognition Platform - Acknowledge and appreciate outstanding employee contributions
• Tuition Reimbursement - Invest in your ongoing education and development
• Employee Perks and Discounts - Additional benefits and discounts exclusively for employees
• Maximus Wellness Program and Resources - Access a range of wellness programs and resources tailored to your needs
• Professional Development Opportunities: Participate in training programs, workshops, and conferences

Essential Duties and Responsibilities:

• Review reported incidents related to potential or actual privacy, security, or data breaches
• Coordinate the incident or breach management process (as appropriate) with project management, DOH and the corporate Privacy and Data Protection Office
• Work with project management, DOH and the corporate Privacy and Data Protection Office to develop and disseminate all required notifications of suspected or actual breach of protection of protected health information or personally identifiable information
• Mentor Privacy Specialists with incident investigations and review privacy reports and deliverables
• Conduct project related privacy risk assessments and internal audits
• Review privacy practices and supports periodic compliance audits of sub-contractors and vendors for the project site to assure compliance with contract requirements, quality principles and Business Associate Agreements
• Manage the collection, analysis and reporting of privacy program data and metrics
• Develop departmental work instructions and reference materials
• Develop project privacy and security training and awareness materials
• Conduct training regarding compliance, privacy, and quality awareness
• Prepare data in support of regularly scheduled meetings, facilitating as required
• Support the effectiveness of the quality management system and complies with ISO 9001
• Support the Compliance Manager with assigned duties and acts as the department’s subject matter expert
• Responsible for maintaining confidentiality in daily tasks
• Maintain current knowledge of the federal and state rules, regulations, and guidance related to security and privacy including but not limited to HIPAA, HITECH, Federal Exchange regulations (ACA regulations)
• Maintain awareness of corporate and project privacy and security policies and procedures
• Develop, maintain, document and report on the Contractor's privacy measures
• Ensure the system complies with all current and future federal and state privacy regulations and standards
• Conduct audits and implement safeguards to maintain data integrity and confidentiality, specifically in regard to Protected Health Information (PHI) and Personally Identifiable Information (PII)
• Lead initiatives to train contractor and DHS employees, as requested, on compliance requirements and privacy best practices
• Provides support for external privacy audits. The Privacy & Compliance Specialist position is not required to be onsite; however, the client will require travel to our site in Little Rock, AR for the purpose of training, audits, and/or compliance review

Minimum Requirements:

• Bachelor's degree in relevant field of study and 5+ years of relevant professional experience required, or equivalent combination of education and experience
• Must possess a minimum of five (5) years of experience managing or in a key management position for a large-scale government human services project, including a minimum of three (3) years of that experience in a Privacy Officer role (or a role of similar scope and responsibility)
• Must have excellent communication skills, writing skills, facilitation skills, and formal presentation skills
• Must be willing and able to travel to Little Rock, AR as business and/or client needs dictate
• State and local government programs and public sector experience required
• Experience working within Medicaid programs required
• Must posses at least one of the following certifications: Certified Health Care Privacy and Security (CHPS), Certified in Cybersecurity (CC), OffSec Certified Professional (OSCP), OffSec Certified Professional Plus (OSCP+), Junior Penetration Tester (PT1), Practical SOC Analyst Associate (PSAA), Practical Web Pentest Associate (PWPA), Practical Web Pentest Professional (PWPP), Practical Junior Penetration Tester (PJPT), Practical Network Penetration Tester (PNPT), Certified Information Privacy Professional (CIPP), or Certified Ethical Hacker (CEH)