Analyst, Privacy Investigations
Analyst, Privacy Investigations
Acts as an integral member of the Privacy Office by mitigating risk and responding to regulatory agencies, team members, customers etc. on Privacy questions and/or issues presented. Responsible for investigating and responding to privacy complaints. The Privacy Analyst is responsible for completing Risk Assessments and notifying customers as appropriate. The Privacy Analyst collaborates with other team members to ensure that appropriate corrective measures are implemented in response to a complaint. Performs daily operational activities within the Privacy Office to ensure Walgreens maintains privacy standards without breach.
- Plans, coordinates and assists in the performance of Privacy Investigations based on the receipt of internal or external reports, the results of risk assessment, or concerns in accordance with regulatory guidance.
- Fulfills responsibilities independently (and some team collaboration) while maintaining effective communications with management. Conducts breach investigations. Evaluates most effective solution to mitigate and determine the source of potential breaches.
- Responds to and resolves questions and concerns from field and customers related to privacy.
- Assists in the areas of breach investigations, educating the workforce, communication of audit findings, policy development, risk analysis, and report preparation.
- Conducts risk based reviews/audits, which are in compliance with privacy and audit standards, guidelines and best practices.
- Identifies, researches privacy laws and regulations and investigates and evaluates known and potential privacy risks and compliance risks across the Company and its operating units; conduct and/or coordinate privacy vulnerability and risk assessments, present conclusions and recommendations, and develop and implement corrective action strategies and plans.
- Maintains a thorough and detailed tracking system for purposes of reporting and analysis.
- May participate in periodic compliance and privacy program planning and effectiveness evaluations.
- Contributes to the achievement of the Privacy Office and Legal Department goals and objectives and adheres to departmental policies, procedures and standards; complies with organizational policies and procedures, governmental laws and regulations and accreditation standards.
- Effectively maintains collaborative working relationships to achieve increased satisfaction with, and participation in, the compliance and privacy program
- May accompany Compliance and Legal Department leadership or represent the Privacy Office and Legal Department at organizational meetings as assigned. Participates in other projects as assigned and completes tasks within requested time frames.
- Ensures team members are trained on the topic of Privacy. Maintains a thorough and detailed tracking system for purposes of reporting and analysis. Coordinates and ensures communication and training program to heighten awareness of applicable policies and the understanding of new and existing issues related to privacy protection requirements.
- Conducts privacy reviews in accordance with the departmental guidelines. May assist in the development of the annual privacy plan.
- Effectively evaluates overall audit results, weighing the relevancy, accuracy, and perspective of conclusions against the accumulated audit evidence. Interprets regulatory and legal changes and reviews all applicable documentation to determine applicable modifications to institutional policies and practices. Ensures compliance with company policies and procedures and applicable laws and regulations.
- Collaborates with key stakeholders on privacy protection issues including the implementation of Privacy standards and requirements.
- Performs periodic reviews to ensure that a project is progressing in accordance with project plans. Is adequately supported by documentation and continues to meet the organization's objectives.
- Exhibits creativity and innovation in recommending improvements to department practices and processes
- Develops a working technical knowledge of the business units supported and the overall Walgreens organization.
- Maintain current knowledge of applicable federal, state, and local laws, accreditation standards, professional standards, ethical principles, and other privacy requirements. Regularly monitor advancements in information privacy technologies and legislative and regulatory developments to ensure appropriate adoption and compliance with applicable laws. Maintains up to date privacy expertise, skills and competency regarding evolving laws, regulations, guidance and directives impacting Walgreens product offerings.
Walgreens, one of the nation's largest drugstore chains, is included in the Retail Pharmacy USA Division of Walgreens Boots Alliance, Inc., the first global pharmacy-led, health and wellbeing enterprise. More than 10 million customers interact with Walgreens each day in communities across America, using the most convenient, multichannel access to consumer goods and services and trusted, cost-effective pharmacy, health and wellness services and advice. Walgreens operates 8,175 drugstores with a presence in all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands. Walgreens omnichannel business includes Walgreens.com. Approximately 400 Walgreens stores offer healthcare Clinic or other provider retail clinic services.
As the neighborhood drugstore and retailer, our goal is to make health and happiness simpler, easier and within reach. And we remain a trusted wellness provider offering convenient access to important health services, such as immunizations and an array of pharmacy services that can help patients improve their health. To our team members, Walgreens represents a unique opportunity to excel in their careers in a welcoming and inclusive environment. We offer the chance to work in a truly supportive environment, and be a part of a progressive organization dedicated to the well-being of our customers, team members and the communities we all call home.
- Bachelor's Degree and at least 3 years of experience in a legal, consulting, regulatory, research or compliance role OR a High School Diploma/GED and at least 6 years of experience in a legal, consulting, regulatory, research or compliance role.
- Experience conducting research.
- Experience with privacy laws, regulations, frameworks and industry practices.
- Experience establishing and maintaining relationships with individuals at all levels of the organization, in the business community, and with vendors.
- Knowledge of privacy principles.
- Experience working both independently and within a team environment.
- Experience evaluating information to determine compliance with standards, laws, and regulations.
- Experience with project management (for example: planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives).
- Experience analyzing and reporting data in order to identify issues, trends, or exceptions to drive improvement of results and find solutions.
- Experience with MS Office Suite.
- Willing to travel up to 10% of the time for business purposes (within state and out of state).
- Master’s Degree.
- One or more of the following certifications: CIPP, CIPM, CIA, CPA, CFE or another Healthcare Compliance, Research, or other nationally recognized certification such as those listed.
- Knowledge of the principles of health information management.
- Experience in a hospital, healthcare, and/or compliance setting.
- Experience applying privacy principles to the healthcare environment.