← all jobs

GRC and Privacy Analyst

Work from home Full-time role Hiring

WE ARE HEALTHCARE SYSTEMS OF AMERICA. Our mission is to elevate healthcare standards, improve patient outcomes, and create value for communities across the United States. Healthcare Systems of America (HSA) is more than a healthcare provider-we're a community built on excellence, innovation, and compassion. If you're looking for a career that makes a difference, empowers you to grow, and gives you the opportunity to impact lives, HSA is where you belong. Healthcare Systems of America operates 8 community hospitals across 3 states. We service a multitude of patients and their families across our vast network, while remaining committed to the professional development of our staff, the functional improvement of our patients, and the cultivation of strong partnerships within our communities. WHAT WE OFFER

  • Career GrowthDevelopment - We are an essential, stable and growing company with many opportunities for training and advancement within the medical field that all employees and team members can benefit from.
  • SupportiveInclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
  • Meaningful Work - Every day, you'll contribute to patient care, cutting-edge medical solutions, and life-changing treatment and technologies. POSITION SUMMARY The GRC and Privacy Analyst supports the organization's Governance, Risk, and Compliance (GRC) initiatives, as well as privacy and data protection functions. The role is responsible for assisting with policy management, risk assessments, audit readiness, and privacy compliance programs including HIPAA, HITECH, and other applicable federal and state regulations within the healthcare industry. PRIMARY RESPONSIBILITIES Governance, RiskCompliance (GRC)
  • Support implementation and maintenance of GRC frameworks and processes.
  • Assist in developing and updating internal policies, standards, and controls.
  • Track compliance metrics and prepare GRC reports for leadership.
  • Support regulatory and third-party audits by coordinating documentation and responses. PrivacyData Protection
  • Assist with managing privacy policies and procedures in alignment with HIPAA and HITECH.
  • Conduct Privacy Impact Assessments (PIAs) and assist with Data Protection Impact Assessments (DPIAs).
  • Help monitor privacy risks and maintain logs of incidents, investigations, and breach reports.
  • Contribute to staff training initiatives on data privacy and protection policies. Risk AssessmentsVendor Management
  • Assist in conducting third-party risk assessments and maintaining a vendor compliance tracker.
  • Document risk mitigation strategies and coordinate with internal stakeholders on remediation efforts.
  • Maintain inventory of data flows and systems storing protected health information (PHI). Audit ReadinessMonitoring
  • Maintain audit documentation and evidence in support of GRC and privacy compliance efforts.
  • Track audit findings and support follow-up activities and closure of remediation items.
  • Help monitor emerging privacy laws and changes in regulatory requirements. EXPERIENCE/EDUCATION REQUIREMENTS
  • Bachelor's degree in information security, Health Information Management, or a related field.
  • 2+ years of experience in GRC, compliance, or privacy roles within a healthcare environment.
  • Familiarity with HIPAA, HITECH, and data privacy laws and regulations.
  • Excellent analytical, documentation, and communication skills.
  • Proficiency in Hirevector Excel, Word, and compliance management platforms.

Preferred Qualifications

  • Professional certifications such as CIPP/US, CHPC, or GRCP.
  • Experience with GRC tools such as FortifyData, OneTrust, Archer, or ServiceNow.
  • Understanding of hospital workflows and protected health information (PHI) lifecycle.

More open positions

Director, Cybersecurity Governance, Risk, and Compliance (GRC)

Work from home Full-time role

The GRC Process Architect

Work from home Full-time role

GOVERNANCE, RISK, AND COMPLIANCE ANALYST (GRC)

Work from home Full-time role

GRC Analyst (AuditBoard REQUIRED) (468968)

Work from home Full-time role

Project Manager/ w GRC (REMOTE)

Work from home Full-time role

Patient Safety Associate I (Drug Safety Associate I)

Work from home Full-time role

Marketing Coordinator

Work from home Full-time role

Lead, CyberSecurity Advocacy

Work from home Full-time role

Enrollment Support Specialist

Work from home Full-time role

Freelance Attorney: Ask a Lawyer

Work from home Full-time role

[Remote] Commercial Account Executive

Work from home Full-time role

Senior Solutions Architect

Work from home Full-time role

Director, Partner Marketing Manager, Capital One Software (Remote)

Work from home Full-time role

Sr. Application Architect Analyst

Work from home Full-time role

[Remote] Principal Computer Vision Engineer

Work from home Full-time role

Information Systems Manager

Work from home Full-time role

[Remote] District Human Resources Manager

Work from home Full-time role

Overnight Remote Digital Support Jobs – Night Shift Chat-Based Roles (No Experience Required)

Work from home Full-time role

Patient Intake Coordinator (Part time, Remote)

Work from home Full-time role

Principal Application Security Engineer – AI & Agentic Systems

Work from home Full-time role

Remote iOS Developer

Work from home Full-time role