HIPAA Analyst

Job Number: 190000NQ
Category: Professional & Executive
Location: Dallas, TX, US
Department: 106000 – Office of Compliance
Full/Part Time/PRN: Day Job
Regular/Temporary: Regular
Schedule: Full-time


Works under minimal supervision to manage and perform compliance assurance/effectiveness reviews of various functions and activities of UT Southwestern.  Conducts complex assurance activities to determine departmental/clinical unit/program adherence to internal controls, in compliance with established policies and procedures, Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH) and state privacy legislation.  Assist, at the direction of the Privacy Officer, with all activities related to the implementation and operation of the Privacy Program.  Assist with the ongoing development and review of Privacy Program policies and procedures.  Collaborate with other departments to help identify gaps or deficiencies and develop corrective action to mitigate identified privacy-related gaps.  Investigate privacy complaints and make recommendations for appropriate solutions or action.  Develop and maintain privacy education material, and conduct educational training.  Maintain documentation of Privacy Office files.  



  • Conducts complex assurance/effectiveness reviews of Privacy Office compliance activities in accordance with appropriate standards, metrics, established compliance plan(s) and prescribed University and departmental/unit/program policies.
  • Monitors and evaluates effectiveness of compliance controls used by reviewed department/unit/program, as well as compliance with all applicable university policies and procedures.
  • Evaluates effectiveness of compliance controls used by reviewed department/unit/program, as well as compliance with all applicable university policies and procedures.
  • Provides input to, and assists in, drafting compliance reports, including development of review findings and recommendations for specific remedial/corrective actions.
  • Prepares work papers to support work performed, as well as findings and recommendations included in compliance reports.  Maintains documentation of Privacy Office files.
  • Assists in and/or independently performs investigations of alleged violations of policy, misconduct or other acts of non-compliance to determine the cause, extent of risk and mechanisms for prevention.
  • Maintains effective working relationships with compliance personnel to achieve objectives of assurance-related assignments.
  • Remains abreast of current developments and revised laws and regulations pertaining to HIPAA Privacy compliance.
  • Develops and maintains Privacy Office compliance-related education and training materials and conducts training sessions on compliance-related topics.  Monitors effectiveness of training. 
  • Provides guidance to development of policies and procedures relating to privacy and security of patient medical information.
  • Monitors and evaluates electronic medical data transmission process and/or electronic data surveillance to assure compliance with HIPAA Privacy Rule and related state privacy requirements (or University policy).
  • Performs other duties, as assigned.



  • Bachelor’s degree in business or healthcare administration, nursing, regulatory compliance, consulting, project management, or related area.
  • 2-3 years of professional experience in a healthcare-related field.
  • Preferred: Have, or obtain within 12 months of hire, the CHPC (Certification in Healthcare Privacy Compliance) from the Compliance Certification Board, or other similar credential.  


  • Work requires knowledge of privacy laws, regulations and current interpretations, particularly HIPAA Privacy Rule.

  • Work requires skill in using spreadsheet applications, word processing, database applications, and ability to analyze data monitoring reports.

  • Work requires ability to evaluate data and determine compliance with rules and regulations.

  • Work requires excellent written and verbal communication skills.

UT Southwestern Medical Center is committed to an educational and working environment that provides equal opportunity to all members of the University community. In accordance with federal and state law, the University prohibits unlawful discrimination, including harassment, on the basis of: race; color; religion; national origin; sex; including sexual harassment; age; disability; genetic information; citizenship status; and protected veteran status. In addition, it is UT Southwestern policy to prohibit discrimination on the basis of sexual orientation, gender identity, or gender expression.

Contact Us

UT Southwestern Medical Center
Office of Human Resources, 5323 Harry Hines Blvd., Dallas, TX 75390-9023 | Phone: 214-648-9810