DPH Privacy Officer

Seeking a self-motivated and strategic professional to oversee the ongoing re-engineering of the agency’s business processes

The Massachusetts Department of Public Health (DPH) is seeking a self-motivated and strategic professional to oversee the ongoing re-engineering of the agency’s business processes to encourage an emphasis on data protection/security, and to factor data privacy into its long-term planning efforts including the day-to-day business practices. The incumbent will be responsible for regularly assessing the agency’s compliance with state and federal privacy law, including HIPAA and the Massachusetts Fair Information Practices Act, and with the agency’s Confidentiality Policy and Procedures. Additionally, the Privacy Officer will develop and implements appropriate remediation steps if those assessments determine that such steps are necessary.

This position works closely with the Information Security Officer, the Director and attorneys in the Privacy and Data Compliance Office, and the Executive Office of Health and Human Services (EOHHS). This role is one of a data strategist, adviser, and risk manager as well as a steward for protection of confidential information. The ideal candidate should possess a combination of business knowledge, technical skills, people skills, and the ability to guide data strategy and control standards. The Privacy Officer will report directly to the First Deputy General Counsel/Director of the Privacy and Compliance Office.

Duties and Responsibilities (these duties are a general summary and not all-inclusive)

  • Develop and maintain a compliance program with state and federal privacy law as well as the agency’s Confidentiality Policy and Procedures.
  • Participate in risk management activities, including conducting analyses of current practices (program audits), and reporting level of compliance to senior agency management.
  • Draft and maintain agency-wide policies and procedures to ensure the workforce uses and accesses only the minimum necessary data and discloses the data within legal authority.
  • Maintain data privacy, enforcing specific privacy requirements as it relates to agency mandates, HIPAA and other legal requirements.
  • Collaborate with agency staff including IT, Legal, Institutional Review Board (IRB), Human Resources, and other EOHHS agencies in fostering information privacy awareness relevant to all programs and services.
  • Develop and oversee the implementation of corrective action plans that result from auditing and monitoring activities.
  • Design and implement training of agency staff on privacy issues.
  • Provide ongoing assessment of programs and services to ensure that the agency discloses to contractors only the minimum amount of data necessary to perform the contracted functions.
  • Serve as an external relations point of contact for other state and federal entities, as well as individuals who wish to exercise their administrative rights under state and federal law.

Preferred Qualifications

  • Knowledge of the principles and practices of management including business writing, strategy, organizing, collaboration, and decision making.
  • General understanding of HIPAA, state and federal guidelines regarding privacy, and concepts of healthcare privacy laws/standards.
  • Excellent written and oral communication skills, with demonstrated ability to distill and translate complex concepts into actionable information for a variety of audiences.
  • Experience working in the healthcare field or other highly regulated environment.
  • Experience implementing compliance requirements in a matrixed environment utilizing complex information systems.
  • Comfortable in effectively presenting information one-on-one and in large groups.
  • Leadership skills and ability to coordinate and influence cross-functional teams.
  • Proven record of success in project management, with a particular focus on strategic planning.
  • Competence in resolving problems/conflicts in a diplomatic and tactful manner; exercising discretion in handling confidential information.
  • Proficient usage of Microsoft Office products including Word, Excel, PowerPoint and Outlook.
  • Technically savvy utilizing a variety of electronic data platforms.

Please Note:

DPH is a hybrid covered entity. Different areas of DPH are subject to various state and federal privacy requirements, including HIPAA, FERPA and 42 C.F.R. Part 2. The HIPAA covered components of the Department include the public health hospitals, the state laboratory and several direct service programs.

About the Department of Public Health

The mission of the Massachusetts Department of Public Health (DPH) is to prevent illness, injury, and premature death, to assure access to high quality public health and health care services, and to promote wellness and health equity for all people in the Commonwealth. We envision a Commonwealth in which all people enjoy optimal health. Massachusetts ranks among the healthiest of states according to comparative analyses, but we face numerous challenges, including chronic and infectious disease, substance abuse, violence, preventable hospitalizations, and health disparities.

DPH coordinates programs and policies to address specific diseases and conditions and offer services to address the needs of vulnerable populations. We also develop, implement, promote, and enforce regulations and policies to assure that the conditions under which people live are most conducive to health and enable people to make healthy choices for themselves and their families. We license health professionals, healthcare facilities and a variety of businesses that impact public health. We operate the state laboratory and four public health hospitals. We monitor health status and manage vital records including births, marriages and deaths. We educate people about public health issues and work closely with local boards of health and community partners to identify and solve public health problems.

More information can be found at: www.mass.gov/dph

Total Compensation

As an employee of the Commonwealth of Massachusetts you are offered a great career opportunity influencing a wide-spectrum of services to the diverse populations we serve — but it's more than a paycheck. The State's total compensation package features an outstanding set of employee benefits which you should consider towards your overall compensation, including:

  • 75% state paid medical insurance premium
  • Reasonable Dental and Vision Plans
  • Flexible Spending Account and Dependent Care Assistance programs
  • Low cost basic and optional life insurance
  • Retirement Savings: State Employees' Pension and a Deferred Compensation 457(b) plan
  • 11 paid holidays per year and competitive Sick, Vacation and Personal Time
  • Tuition Benefit for employee and spouse at state colleges and universities
  • Short-Term Disability and Extended Illness program participation options
  • Incentive-based Wellness Programs
  • Professional Development and Continuing Education opportunities
  • Qualified Employer for Public Service Student Loan Forgiveness Program

Pre-Hire Process

A background check will be completed on the recommended candidate as required by the regulations set forth by the Human Resources Division prior to the candidate being hired.

Education, licensure and certifications will be verified in accordance with the Human Resources Division’s Hiring Guidelines.

Education and license/certification information provided by the selected candidate(s) is subject to the Massachusetts Public Records Law and may be published on the Commonwealth’s website.

For questions, please contact Health Human Resources at 1-800-850-6968.

How to Apply

See the complete job description and apply online.

This position was posted on: September 18, 2017. PLEASE NOTE: Applications received within the first 14 days will be given priority for review. This position will stay posted until filled.

The Department of Public Health is an Equal Opportunity / Affirmative Action Employer. Females, minorities, veterans, and persons with disabilities are strongly encouraged to apply.

For a full description of this job requisition and to apply:


Tell us what you think