HIPAA Privacy and Security Analyst

Compliance, Risk & Regulatory Affairs
Remote
June 29, 2026
$58,000 - $80,000 / year
Full Time Remote
Application ends: July 31, 2026
Apply Now

Apply for this job

Upload CV (doc, docx, pdf)

Job Description

Location: Remote (US-based)

We are hiring for a HIPAA Privacy and Security Analyst with a healthcare compliance organization supporting hospitals, physician groups, and digital health companies in building and maintaining HIPAA-compliant privacy and security programs. This position is a full-time, direct hire opportunity.

As digital health tools, remote care infrastructure, and third-party data relationships have multiplied, HIPAA compliance has shifted from a documentation exercise into an active risk management discipline. Organizations that take this function seriously are investing in analysts who can think across legal, technical, and operational dimensions simultaneously. The ideal candidate is drawn to the gray areas in regulatory guidance rather than frustrated by them, and ready to serve as a credible privacy resource for clinical and business teams alike.

Responsibilities

  • Conduct annual and event-driven HIPAA risk assessments across covered entity and business associate operations
  • Investigate potential privacy incidents and breaches from initial report through root cause and notification determination
  • Maintain the breach log, incident tracking system, and required regulatory documentation
  • Develop and deliver HIPAA privacy and security workforce training programs
  • Review and update Notice of Privacy Practices, policies, and business associate agreements
  • Respond to patient rights requests including access, amendment, restriction, and accounting of disclosures
  • Monitor changes to OCR guidance, state privacy laws, and emerging regulatory developments
  • Support OCR complaint response and audit readiness activities
  • Advise clinical and operational teams on privacy-by-design for new workflows and technology implementations

Qualifications

  • Minimum three years of HIPAA privacy and security compliance experience in a healthcare setting
  • Working knowledge of the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule
  • Experience conducting risk analyses under the NIST or equivalent framework
  • Familiarity with state privacy laws including applicable data breach notification statutes
  • CHPC, CHPS, or CIPP/H certification preferred or in progress
  • Strong written communication for policies, training content, and incident documentation
  • Bachelor degree in health administration, information management, or related field preferred

Schedule

Fully remote within the US. Standard business hours, Monday through Friday.

Salary Range: The salary range for this position is approximately $58,000 – $80,000 annually ($27.88 – $38.46 per hour), based on experience and qualifications.

Interview Process:

  • Selected candidates will participate in a multi-step interview process, including an initial screening with TalentLNX followed by interviews with department leadership.

Equal Opportunity Employer: TalentLNX is committed to equal employment opportunity and a diverse, inclusive workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.