Privacy Program Manager
- Summary
Are you passionate about the complex world of data privacy and security issues? Do you thrive on the challenges of large complex organizations and fast paced technology environments? King County is committed to providing quality services to over 2 million people and protecting the data it collects in the process. King County is seeking a qualified data privacy professional to help strengthen the County's data privacy policies and program. This position will be focused on the privacy and security of personally identifiable information (PII) and protected health information (PHI). The successful candidate will be an expert in data privacy regulations at the local, state, and federal levels and an experienced privacy professional who is familiar with frameworks, industry trends, and emerging issues.
King County Department of Information Technology (KCIT)
KCIT is providing the building blocks for many of the region's most critical services. As a business solutions partner, we collaborate with the 18 County departments to develop products and services that better serve the needs of our customers and our community. To learn more about KCIT, please visit our website: http://kingcounty.gov/depts/it.aspx
As the first place recipient of the 15th annual National Association of Counties (NACo) Digital Counties Survey, KCIT was recognized for its vision, strategy, innovation, and collaboration. Previously earning top 10 digital county honors in the last eleven years from the Center for Digital Government, KCIT has a focus of delivering smart technology solutions that support customers, building stronger communities through innovative information technology.
Benefits
We offer a robust benefits package to support you and your family in a variety of ways. To learn more, please click on the benefits tab or visit our website: http://www.kingcounty.gov/employees/
Work Schedule
The normal workweek for this position is Monday through Friday, 8:00 a.m. to 5:00 p.m. Alternative work schedules may be considered. This position is not eligible for overtime pay.
Questions
If you have any questions regarding this recruitment, please contact Brian Roberts, broberts@kingcounty.gov or (206) 263-1508- Job Duties
- Privacy Program Management (50%)
- Advise and support the Chief Information Security and Privacy Officer on privacy related strategy, policy, and initiatives
- Develop, implement, and maintain the Privacy Program including policies and procedures
- Coordinate the governance and stakeholders of the King County Privacy Program
- Continuously monitor changes in privacy related statutes, regulations, codes, and policies
- Audit, monitor, and coordinate the County's ability to inventory where Personal Identifiable Information (PII) is collected, processed, stored, or transmitted
- Develop, implement, and maintain a privacy impact assessment workflow for technology systems
- Collaborate and partner with data governance committees and teams within King County to evaluate compliance with policy, code, and regulatory requirements
- Develop and lead a work plan that identifies and addresses gaps in compliance with privacy regulations and policies
- Develop, implement, and maintain a County wide privacy training program that integrates with existing King County training activities
- Participate in associations, partnerships, committees, or other local, regional, state, and applicable privacy professional activities that support, improve, or build upon King County's Privacy Program
- Coordinate and facilitate external and internal privacy related audits, questionnaires, and/or reviews of King County privacy policies, standards, and procedures
- Analyze, track, and report on the Privacy Program to KCIT and King County leadership
- Security and Privacy Assessments / Audits (40%)
- Perform and support the work of ensuring compliance with the HIPAA Security Rule
- Perform security and privacy risk assessments, evaluations, and compliance reviews in coordination with King County departments that qualify as a covered entity under HIPAA
- Assist and guide the development and continual improvement of PHI and PII impact assessments and associated workflows
- Coordinate, inventory, and help complete data sharing and business associate agreements related to sensitive information assets, primarily regarding protected health information
- Support compliance officers and teams by participating in associated committees, meetings, and activities
- Participate in incident response, breach analysis, and associated activities
- Experience, Qualifications, Knowledge, Skills
- Seven or more years of combined security, privacy, compliance, or other relevant experience
- Experience with developing, implementing and/or maintaining a Privacy Program.
- Demonstrated experience in privacy and/or security auditing, assessments and risk management
- Experience with privacy and PII regulations and standards
- Knowledge of data privacy issues and trends in the local, state, and federal government communities
- Experience working for organizations covered by HIPAA and protected health information regulations
- Experience with managing or supporting technology, networks, software solutions, and records systems
- Familiarity with PCI DSS and CJIS Policy
- Experience working with RCW 40.14 and 42.56
- Excellent interpersonal, communication, presentation, and written skills
- Bachelor's or master's degree in relevant field of study
- CIPP, CIPM, CIPT, CHP, CHA, CHPSE or other equivalent or relevant privacy and protected health information certifications.
- Ability to obtain CIPM within 1 year of start date.
- CISSP or other equivalent or relevant security certifications
- Relevant combinations of education, certifications, and work experience will be considered
- Supplemental Information
The ideal candidate will possess experience with privacy issues including statutes, regulations, public perception, and the affects of technology continue to evolve. King County is a complex organization with diverse privacy requirements and is looking for a leader who understands these issues and can help strengthen the privacy controls around data to address the needs of the organization as it responds and works with these evolving issues. Additionally, the ideal/successful candidate will be able to demonstrate how their skills and work experience will contribute to the success of the County's privacy program.
King County offers a highly-competitive compensation and benefits package designed to meet the diverse needs of our employees and support our employees' health and well-being. Eligible positions receive the following benefits and have access to the following programs:
- Medical, dental, and vision coverage: King County pays 100% of the premiums for eligible employees and family members
- Life and disability insurance: employees are provided basic coverage and given the opportunity to purchase additional insurance for both the employee and eligible dependents
- Retirement: King County employees are eligible to participate in a pension plan through the Washington State Department of Retirement Systems and a 457(b) deferred-compensation plan
- Transportation program and ORCA transit pass
- 10 paid holidays each year (plus 2 personal holidays)
- Generous vacation and paid sick leave
- Paid parental leave, family and medical leaves, and volunteer leave
- Flexible Spending Account
- Wellness programs
- Onsite gyms and activity centers
- Employee giving program
- Employee assistance programs
- Flexible schedules and telecommuting options, depending on position
- Training and career development programs
This is a general description of the benefits offered to eligible King County employees, and every effort has been made to ensure its accuracy. If any information on this document conflicts with the provisions of a collective bargaining agreement (CBA), the CBA prevails. Also, in the event of any incorrect information in this document, applicable laws, policies, rules, CBAs, or official plan documents will prevail.
NOTE: Benefits for Term Limited Temporary (TLT) or Short Term Temporary (STT) positions, including leave eligibility and/or participation in the pension plan through the Washington State Department of Retirement Systems, will vary based upon the terms and details of the position. Short Term Temporary positions are not eligible for an ORCA transit pass.
For inquiries about the specifics of this position, please contact the recruiter identified on this job posting.