Work In Tech

Find your next role at Canada's fastest-growing tech companies

(US) Compliance Analyst

PointClickCare

PointClickCare

IT, Legal
United States · Remote
Posted on May 30, 2024
For more than 20 years, PointClickCare has been the backbone of senior care. We’ve amassed the richest senior care dataset making our market density untouchable and our connections to the healthcare ecosystem exponentially more powerful than those of any other platform.
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
*This role is open to both US and Canadian applicants, but requires US legal experience*
Position Summary:
As a member of PointClickCare’s Legal and Compliance team, In the role of Compliance Analyst, you will be instrumental in driving key initiatives and projects that have a substantial impact on PointClickCare, its customers, and other stakeholders. Under the direction of the PointClickCare Privacy Officer, your responsibilities will include identifying, analyzing, and simplifying the ever-evolving compliance requirements relevant to PointClickCare operations across the United States and Canada. Your insights will be crucial in evaluating, adjusting, and implementing PointClickCare compliance and privacy policies, procedures, and training programs. Your ability to provide accurate, timely, and pertinent information will be essential in facilitating informed decisions by the leadership.
Your primary focus will be on the privacy of Protected Health Information (PHI) that PointClickCare manages as a HIPAA business associate on behalf of HIPAA-covered entities, in compliance with other relevant federal and state patient privacy laws (e.g., 42 CFR Part 2, etc.). However, a significant part of your role will also involve navigating the complex landscape of emerging privacy laws related to consumers and employees that impact specific aspects of PointClickCare operations.
Beyond proactive policy development, your expertise will be sought in addressing daily compliance issues arising within and outside the company. This includes responding to inquiries about specific information security incidents and customer queries about PointClickCare data usage practices.
In this capacity, you will work closely with colleagues from various departments, including Security and Trust, Data Intelligence, Product Management, Clinical Solutions, Customer Success, and Government Affairs.
Key Responsibilities:
- Assist in the development of, and ongoing updates to, PointClickCare’s compliance policies, controls, and training materials
- Identify, communicate, and document privacy risks, privacy policy gaps, and privacy policy exceptions
- Stay informed of relevant regulatory and industry changes, trends, and best practices and assess the potential impact of these changes on PointClickCare
- Meet regularly with the Product Management and Clinical Solutions teams to ensure “privacy-by-design” consistency in all PointClickCare services
- Assist in responding to internal and external privacy impact assessments, privacy questionnaires, and other privacy compliance questions
- Assist the Security and Trust team on all privacy-related matters encompassed within security assessments/audits (e.g., for HITRUST CSF, SOC 2 Type II, etc.)
- Assist the Security and Trust team in analyzing the privacy implications and reporting obligations associated with information security incidents/events
- Work with Cloud Operations and other data storage teams to ensure alignment with privacy policies and data retention policies
- Perform privacy risk/impact/compliance assessments of certain sub-business associates and other third-party service providers
- Assist with responses to data/records requests
- Successfully set priorities, perform tasks in an orderly fashion, and meet deadlines
Required Experience and Skills:
· BA/BS degree
· 2-4 years of relevant work experience
· Extensive knowledge and experience in United States health and general privacy compliance requirements
· Demonstrated capacity to understand, compare, analyze, and communicate complex regulatory and business challenges
· Experience defining, drafting, and implementing policies and training materials
· Experience conducting ongoing privacy compliance and monitoring activities
· Demonstrated organization, facilitation, communication, and presentation skills
· Strong project management skills, including ability to think end-to-end and manage multiple priorities/projects simultaneously for multiple stakeholders
· Excellent interpersonal skills; a team player with ability to collaborate at all levels of the organization
· Strong analytical capability and problem-solving skills, with attention to detail
· Keen judgement, integrity, and tact
· Strong written and verbal communication
· Self-starter with the ability to work independently
Preferred Experience:
· Privacy-related certifications desired (e.g., CIPP, CIPM, etc.)
· Familiarity with Canadian health and general privacy laws (e.g., PIPEDA, PHIPA, etc.)
· SaaS business experience
· Health information exchange experience
#LI-SG1 #LI-Remote
At PointClickCare, base salary is one of the many components that make up our total rewards package. The US base salary range for this position is $74,000 - $80,000 (Exempt)+ bonus + benefits. Our salary ranges are determined by job and level. The range displayed on each job posting reflects the target for new hire salaries for the position across all US locations. Within the range, individual compensation is determined by job-related skills and knowledge, relevant experience including professional and lived experience, and/or work location. Your recruiter can share more information about our total rewards package during the hiring process.
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.