JOB DETAIL

Job Summary

BDO RISE is the round-the-clock international services team and is dedicated to providing exceptional client service in the global economy. Our professionals operate seamlessly as part of BDO USA engagement teams, leveraging consistent best practices while accessing our global resources to deliver outstanding service and solutions for our clients. BDO’s Core Purpose is Helping People Thrive Every Day. Our Core Values reflect how we manage our work, our relationships and ourselves. As an employee of the firm, you will live true to our Core Values of people first, being exceptional every day in every way, embracing change, feeling empowered through knowledge, and choosing accountability. Our Core Values are the standards by which we conduct ourselves day in and day out, both internally and externally.

BDO is seeking an Experienced Associate in HIPAA and Healthcare Compliance to join its Governance, Risk & Compliance (GRC) Practice. The GRC Practice helps companies to build, manage, and monitor privacy and data protection programs while embedding privacy into Apps, websites, systems, and processes. We offer a variety of services, such as privacy managed services, assessments, Data Protection Officer services, Data Protection by Design and by Default program development, and website compliance. Candidates that are hired will be integral in providing these services for our clients.

Job Duties

Job Responsibilities

• Supports the execution of HIPAA risk assessments, completes engagement documentation, conducts analysis of control weaknesses, and reports results
• Contributes to engagements in consultation with engagement manager
• Contributes to initial project plans for client, helps in identifying key issues, and makes recommendations to address issues as directed by engagement manager
• Applies knowledge of information security control frameworks and risk management
• Applies knowledge of security regulatory requirements and leading practices
• Participates in the review of internal controls based on frameworks such as HIPAA, NIST, and ISO
• Identifies and prioritizes initial key risks and assesses their impact and likeliness of occurrence
• Interviews and documents client interviews
• Participates in and contributes to preparing reports for client highlighting work performed, issues identified, and recommendations
• Coordinates with other BDO practices in relation to technical topics and other due diligence in conjunction with the engagement manager
• Other duties as required

Qualifications, Knowledge, Skills and Abilities

Education:

• Bachelor's degree, required
• Healthcare Information Management or Information Technology certifications, preferred
• Privacy or healthcare compliance certifications (CHC, HCCP), concentrations, or educational minor, preferred

Experience and Skills:

• 1 year of professional services and privacy experience through an internship or professional services, required
• Basic technical skills: Microsoft Suite proficiency (Microsoft Excel, Word, PowerPoint, Visio, SharePoint, Teams, OneDrive, PDF)
• Experience with workflow technologies/privacy platforms and governance risk and compliance tools (Archer, One Trust, ServiceNow)
• Ability to thrive in a fast-paced environment to meet client and regulatory deadlines
• Organized and proficient at managing multiple sources of data and information
• Familiarity with US based Healthcare entities
  • Ability to work in a team environment
  • Basic privacy and/or security knowledge from prior work or internship experience, preferred
  • Prior experience working within a national consulting organization, preferred
  • Prior education/experience with HIPAA, HITRUST, ISO 27001/27701, NIST Privacy Framework, or NIST CSF Framework, preferred