| Assignment View |
|---|
| Sector | Los Angeles County | ||||
| Contractor's Work Location | JCOD-Justice Care and Opportunity Dept | Position Title | JCOD HIPAA Program Manager | ||
| Labor Category | Information Technology | ||||
| Job Category | HIPAA Program Manager | Number of Positions | 1 | ||
| Job Level | 1 | Submittal allowed per staffing agency | 2 | ||
| Priority | Submittals allowed for this Requisition | 50 | |||
| Assignment Type | Temporary | ||||
| |||||
| |||||
| Work Location Address | 500 W. Temple St., Room 100, Los Angeles, CA, 90012 | ||||
| Assignment Details |
|---|
| Target Start Date | 08/03/2026 | Target End Date | 08/02/2027 | ||||
| Shift | Standard | Work Schedule | Standard | ||||
| Tentative Shift Start Time | 8:00 AM | Tentative Shift End Time | 5:00 PM | ||||
| Staffing Agency NTE (Not-to-Exceed) Bill Rate | $ 201.65 | Rate Unit | Hour | ||||
| Estimated Regular Hours/Week | 40.00 | ||||||
| Travel Required | No | Estimated OT Hours/Week | |||||
| Travel % | Travel Description(Domestic/International) | ||||||
| Security Clearance | None | ||||||
| |||||||
| Background Checks | Yes | ||||||
| Position Description | The HIPAA Program Manager (PM) works under the direction of the Chief Privacy Officer or user agency personnel and manages or oversees all aspects of one or more HIPAA compliance projects while interacting with mid-level officials of similar capacity at the user agency and private sector. The HIPAA PM will perform HIPAA compliance activities and data protection initiatives, with a particular focus on the County s access to and the use of protected health information (PHI), in support of the Countywide Privacy Program. They will be responsible for performing HIPAA compliance auditing and monitoring functions, assisting with the development and enhancement of policies and procedures as required by the HIPAA Privacy Rule, provide guidance to County departments about privacy impact assessments and HIPAA risk assessments, provide guidance about the assessment of HIPAA and Privacy policy violations and/or incident response investigations, perform and evaluate HIPAA risk assessments and privacy risk assessments, participate in the review and update of the HIPAA and Privacy Awareness trainings and educational activities, and conduct HIPAA-focused presentations at events. The HIPAA PM is responsible for having in-depth knowledge of federal and state health privacy laws and regulations (strong focus on California laws), including those governing access, release of information and security technologies such as, but not limited to HIPAA, HITECH Act, CA Civ Code § 1798.29, CMIA, Health & Safety Code, section 1208.15; will evaluate situations against federal and state health privacy laws and regulations (strong focus on California laws); determine key business issues and develop appropriate plans from multidisciplinary perspectives; advise on HIPAA compliance programs, including incident management; understand internal auditing standards. The HIPAA PM evaluates organizations existing policies and procedures for HIPAA compliance by performing and evaluating HIPAA risk assessments and privacy risk assessments. They will work with and maintain confidential information; be organized to analyze and synthesize information quickly; and be able to work independently in a fast-paced environment. | |
| Skills Required | The HIPAA PM will possess knowledge and experience in customer service; decision making; flexibility; interpersonal skills; organizational awareness; written and oral communication; planning and evaluating; analysis and risk management; independence; and be proficient in Microsoft Office and Adobe Acrobat software. | |
| Additional Skills Required | Ability to operationalize HIPAA requirements into workflows, SOPs, and procedures. Technical knowledge of security controls, audit logging, system risk, and cloud environments (e.g., Azure/M365). Skills in data governance, retention strategy, and developing archiving/ hot vs. cold storage plans. Experience supporting governance structures, charters, and escalation processes. Expertise in PHI workflow mapping across systems and divisions. Strong incident response and root-cause analysis capabilities. Advanced HIPAA training development and presentation skills. | |
| Experience Required | This classification requires at least a minimum of four (4) years of experience on privacy requirements in healthcare settings and healthcare industry operations, including: HIPAA policy development and governance, HIPAA compliance monitoring, privacy impact assessments (PIAs) and HIPAA risk assessments, third party vendor risk assessments, HIPAA compliance audits, and training. At least three (3) years of that experience must be with HIPAA requirements, incident response investigations, and breach notification laws/regulations. | |
| Additional Experience Required | 3 years of experience leading or managing HIPAA compliance implementation projects or transitioning an organization into HIPAA-covered entity status. 3 years of experience working directly with IT teams on HIPAA Security Rule safeguards, including access control models, audit logging, encryption, retention models, and cloud-based data governance. 2 years of experience developing or enforcing data retention schedules, PHI lifecycle governance, or data archiving strategies (e.g., hot vs. cold storage models). 3 years of experience coordinating HIPAA or data privacy work across multiple divisions (e.g., Legal, IT, Fiscal, Contracts, Program Operations) and preparing executive-level briefings. 3 years of experience operationalizing HIPAA policies into SOPs, workflows, staff procedures, and implementation guides. 3 years of experience conducting HIPAA risk assessments, Privacy Impact Assessments (PIAs), threat modeling, or HIPAA audit readiness assessments. 3 years of experience managing HIPAA incident response investigations, performing root-cause analysis, and applying federal and breach laws . 2 years of experience reviewing, negotiating, or operationalizing HIPAA-related Business Associate Agreements (BAAs), Data Exchange Agreements (DEPAs), or third-party HIPAA vendor risk assessments. 2 years of experience developing or delivering HIPAA or privacy-focused training to staff, managers, contractors, or providers. 2 years of experience managing multi-phase compliance or regulatory projects using GANTT charts or other structured project-management tools | |
| Education Required | This classification requires the possession of (a) a bachelor s degree or higher, and (b) a certification in one or more of the following: Certified in Healthcare Compliance (CHC), Certified in Healthcare Privacy Compliance (CHPC), Certified Information Privacy Professional/United States (CIPP/US) or Certified Information Privacy Manager (CIPM) certification. The certification is required and may not be substituted with additional experience. An advanced degree, including a Master s in Business or Healthcare Administration, Master of Laws (LL.M), or Juris Doctor, may be substituted for two (2) years towards the minimum years of experience. | |
| Additional Education Required | ||
| Additional Information |
SH Global Solutions is a certified Service Disabled Veteran Owned Small Business (SDVOSB) headquartered in Maryland. Established in 2016 to modernize commercial and government technology to mitigate cybersecurity threats and to secure data centers from increasingly more frequent cyber attacks, we specialize in providing Information Technology (IT) solutions and services to government and commercial organizations. Our core areas of core expertise are focused in:
● Datacenter consolidation/optimization - this includes designing, procuring, and installing turnkey secure, modern infrastructure solutions including scalable and modular systems
● Professional program and project management services for large and complex projects
● In-building wireless solutions to enable 5G technology and connect to the growing Internet of Things (IoT)
Our team is comprised of highly skilled and dedicated professionals, uniquely qualified in cutting-edge technology, and engineering, and in the rapid deployment and implementation of new technologies. Our CEO is a retired United States Air Force Colonel and entrepreneur with over 25 years supporting the DOD, US Government agencies, and NATO worldwide.