The Senior Privacy Regulatory Compliance Analyst leads complex privacy program initiatives to ensure regulatory and legislative compliance, consistency, and timeliness across the enterprise. This role provides expert insights, competitive analysis, and in-depth evaluation of enterprise initiatives with a focus on privacy, collaborating cross-functionally to address compliance, regulatory, and political challenges. The Senior Privacy Regulatory Compliance Analyst plays a vital role in advancing the enterprise's position with internal business stakeholders and external regulatory agencies.

Qualifications

• Education: Bachelor’s degree in law, healthcare, Information Technology, or a related field (Master’s or JD preferred).
• Experience: 5+ years in privacy compliance, with in-depth knowledge of HIPAA and U.S. state privacy laws. Health insurance regulatory experience preferred.
• Certifications: Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified in Healthcare Privacy Compliance (CHPC), or similar certifications preferred.

Knowledge, Skills, and Abilities

• Strong understanding of the healthcare industry, privacy compliance, audit, and risk management functions.
• Working knowledge of privacy and insurance terminology.
• Advanced analytical and problem-solving skills, with a strategic approach to complex, ambiguous situations.
• Proven organizational and prioritization skills for outcome-driven work.
• Demonstrated agility, growth mindset, and ability to influence without authority.
• Innovative and strategic thinking with the ability to question the derivation of facts, challenge conclusions, identify assumptions and biases, and make informed decisions with incomplete data.
• Proficient in Microsoft Office Suite (Word, Excel, Outlook, Teams).
• Working knowledge of legal research databases (e.g., Westlaw) and SharePoint.
• Expert knowledge of the intersection between technology, IT security, privacy laws, and data protection.
• Experience in data mapping and managing relationships with third parties.

Base Pay Information

The national base pay range at the end is a good faith estimate of what Delta Dental may pay for new hires. Actual pay may vary based on Delta Dental’s assessment of the candidate’s knowledge, skills, abilities (KSAs), related experience, education, certifications, and ability to meet required minimum job qualifications. Other factors impacting pay include prevailing wages in the work location and internal equity.
Pay Grade 20. $71,400 - $149,500

Responsibilities

• Conduct detailed research and analysis of state and federal privacy regulations, legislation, and guidance.
• Develop and maintain privacy program processes, including compliance, incident investigation, contract, and client/vendor agreement reviews.
• Engage cross-functionally to ensure deliverable transparency and timely execution across affected teams.
• Communicate changes in privacy laws, regulation changes resulting from regulator reviews or legislative/regulatory changes including cybersecurity regulations, and AI-related legislation to relevant business units.
• Report on compliance and regulatory performance metrics, including work status, Key Performance Indicators (KPIs), and risk assessments for key stakeholders.
• Collaborate with various business teams to implement compliant procedures and develop new products aligned with privacy law and standards.
• Remain current with industry trends, proactively addressing changes in privacy and security regulations and their potential impacts to the organization.
• Mentor regulatory compliance analysts on privacy program processes and regulatory requirements, including enterprise policies and procedures, audits, surveys, legislation, and complex multi-state product, network, rate, and/or entity-related filings.
• Develop and maintain privacy-related policies and procedures.
• Serve as a privacy subject matter expert, responding to Request for Proposal(RFPs), due diligence questionnaires, Non-Disclosure Agreements (NDAs), Business Associate Agreements (BAAs), Information Security Agreements (ISAs), Data Processing Agreements (DPAs), and other privacy and record retention related contract provisions and terms.