To maintain and enhance the stability and effectiveness of the Health Care District of Palm Beach County (“HCDPBC”, “HCD”, or the “District”) by providing services to support the Health Care District Compliance, Privacy, & Ethics Program. Assists the Vice President / Chief Compliance and Privacy Officer in carrying out the functions and duties for the Program and serves as a key resource and point of contact for compliance, privacy, or ethics related matters.
Data Privacy & Security Analyst contributes to safeguarding the confidentiality, integrity, and availability of sensitive and confidential data across the organization and its subsidiaries.
This role drives the implementation, monitoring, and continuous improvement of enterprise privacy and security programs. The Analyst ensures compliance with federal and state regulations—including HIPAA, HITECH, FERPA, FIPA, Florida Sunshine Laws, and the State Cybersecurity Act—as well as industry standards and best practices such as NIST. The position supports compliance, information security, risk reduction, regulatory adherence, and the safeguarding of public and patient trust. Engages in Compliance, Privacy & Ethics activities to help advance all components of the organization’s compliance framework .
Essential Functions:
- Actively contributes to Compliance, Privacy & Ethics program activities and supports implementation of all elements of an effective compliance program.
- Provides ongoing support to the Vice President & Chief Compliance and Privacy Officer and department staff in carrying out assigned functions, work plans, and departmental goals.
- Conducts and/or assists with internal audits, continuous monitoring, and annual and routine risk assessments to evaluate compliance with laws, regulations, and organizational policies and for process improvement.
- Supports external audits and assessments (e.g., HIPAA, NIST CSF, PCI-DSS), including evidence collection, stakeholder coordination, and follow-up on remediation activities.
- Reviews and analyzes data trends, systems, tools, applications, and controls to assess compliance and identify areas for improvement. Assists in identifying and refining methodologies to enhance departmental processes, tools, and work products.
- Supports the development, revision, and promotion of privacy, security, and compliance training and awareness initiatives across the District (e.g., cybersecurity, phishing, privacy education).
- Develops, revises, and implements privacy and security policies, procedures, and standards, including lifecycle oversight.
- Participates in or leads investigations related to reported concerns, inquiries, or potential compliance or privacy issues.
- Coordinates incident response activities and provides support for breach investigations.
- Serves as a resource to District staff and management by providing guidance on privacy, information security, and compliance requirements.
- Works to reduce risk and ensure compliance with all applicable privacy and security requirements, industry best practices, and organizational policies. Provides timely guidance and recommendations on appropriate courses of action to mitigate risk and ensure adherence to such pertaining to privacy, information security, and compliance.
Maintains open lines of communication to support a culture of compliance and ethical conduct.
-
Attributes/Knowledge:
Familiarity with healthcare systems and applications (Electronic Health Records).