Regulatory Analyst - HIPAA Specialist

Medxcel Facilities Management understands that your facilities serve a higher purpose –providing safety and comfort to your patients.

The Regulatory Analyst – HIPAA Specialist is responsible for providing regulatory compliance support to the Medxcel business units. This individual serves as the primary interface for researching, documenting and educating regulations and standards to ensure that the Medxcel companies comply with local, state, federal, and applicable accreditation requirements pertaining to HIPAA Privacy and Security to include Medical Device Interoperability and Networking. The Regulatory Analyst will be expected to provide situation specific compliance guidance, organization and planning of ongoing customer interactions, response to customer concerns and situations as they arise. This position will be the primary regulatory support for eProtex, a Medxcel business unit that governs medical device privacy and security for TriMedx customers. Additionally, this role will be challenged to continuously improve upon solutions to meet the ever changing compliance.

Regulation Research and Education (70%) * Monitor and evaluate regulation agencies for changes in regulations and standards pertaining to healthcare management in the areas of HIPAA Privacy and Security * Create and continually update Regulatory Readiness documentation; ensuring sites have the resources necessary to remain in compliance with regulatory standards * Conduct research and prepare educational materials pertaining to all applicable regulations and standards. Conduct regulation research and prepare educational materials pertaining to: * Federal (FDA, CMS, HIPAA, HITECH,OCR, IEC 80001) * State(s) (Department of Health and Human Services) * Accreditations * Hospitals (TJC, HFAP, DNV) * Modality (Laboratory, CAP, AABB; Imaging, ACR) * International (JCI; India, AERB and NABH; Ireland, HSE) * All other regulations and standards as applicable * Provide regulation and standard guidance to Operations pertaining to equipment security and interoperability * Monitor and evaluate operational documents and provide feedback on regulatory compliance and/or compliance risk * Prepare regulatory articles for the Regulatory Monthly Review Newsletter and other external agencies upon request * Review and assist with Alert and Recall generation when alerts pertain to privacy and /or device security issues * Coordinate, review and approve risk mitigation measures for medical device privacy and security issues to ensure compliance * Lead and align compliance priorities with the organization’s privacy and security management program; liaison with eProtex Policy and Procedure Support (20%) * Gatekeeper for the Medxcel Policy and Procedure Repository and revision process * Provide policy and procedure clarification and education as it applies to the medical device privacy and security * Coordinate with eProtex to review and revise policies and procedures when regulations/standards change Regulatory Audits (10%) * Research, compile and preliminarily review regulatory audits * Review audit dashboards and additional reports as applicable

Education and Experience * Bachelor’s degree required; clinical engineering, facilities management, business, technology, healthcare management, information technology or related field * Experience managing numerous concurrent project deadlines, 3 years strongly preferred * Experience in developing policies, procedures, and processes , 3 years strongly preferred * Experience in managing customer needs and expectations required, 3 years strongly preferred * Experience with a Computerized Maintenance Management System (CMMS) database applications strongly preferred or related computer database system Knowledge * Advanced ability to set priorities and manage time while working on multiple tasks required, minimum 3 years required * Strong written, verbal and presentational communication skills preferably within a compliance driven environment in healthcare and patient treatment environment; minimum 3 years required * Excellent analytical skills to comprehend and interpret complex regulations and perform data analysis, required , minimum 3 years required * Proficiency with Microsoft Office Suite of applications (to include Word, Excel, Visio) required * Have fluent knowledge of HIPAA Privacy and Security regulations to include Medical Device Interoperability and Networking and related Regulations and Standards * Strong interpersonal and conflict management skills