[Hiring] Privacy Officer @General Dynamics Information Technology

Role Description

Advance your career as a Privacy Officer at GDIT. Here, you will have many paths to grow a meaningful career supporting cyber missions and operations across the federal government.

As a Privacy Officer the work you’ll do at GDIT will be impactful to the mission of securing Medicaid Information Systems. You will:

• Lead and manage all aspects of privacy compliance, safeguarding PHI, educating staff, handling incidents, ensuring individual rights, and maintaining up-to-date policies and procedures.
• Ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and Security Rule.
• Develop, implement, and maintain privacy policies and procedures.
• Stay current with Federal and State privacy laws and regulations affecting Medicaid programs.
• Provide ongoing training and education to staff and contractors about privacy policies, procedures, and best practices.
• Foster a culture of privacy and security for our customers.
• Investigate and respond to potential privacy breaches, including risk assessments and breach notification to affected individuals, regulators, and other required parties.
• Maintain thorough documentation of privacy incidents and agency response actions.
• Conduct regular risk assessments and audits to identify vulnerabilities and ensure the effectiveness of privacy controls.
• Recommend and implement corrective actions as needed.
• Oversee and respond to requests from Medicaid Agency regarding individual’s rights under HIPAA (e.g., access to records, amendments, accounting of disclosures).
• Ensure proper mechanisms are in place to address complaints and concerns from individuals about their PHI.
• Serve as the primary point of contact for privacy matters with internal staff, Medicaid members, contractors, and regulators.
• Work closely with IT, legal, compliance, and other departments to align privacy efforts across the Agency.
• Ensure all privacy-related documentation is accurate, up to date, and retained according to policy.
• Provide regular reports to Agency leadership on privacy compliance status, incidents, and improvements.
• Ensure that contracts with Suppliers and business associates include appropriate privacy and security provisions.
• Monitor third-party compliance with privacy requirements.

Qualifications

• Five (5) years of professional experience in privacy compliance.
• Two (2) years of direct experience in HIPAA compliance.
• Knowledge and demonstrated experience with NIST, Federal Information Security policies/requirements, HIPAA, and other related State and Federal information privacy laws, security laws, and breach notification laws.
• A minimum of Bachelor’s degree in information technology, health information management; or equivalent work experience.
• Certified in Healthcare Privacy and Security (CHPS) or equivalent certification.

Requirements

• Work Arrangements: Remote. Travel 20-50%.
• Security: A background check will be required.
• Timeline: This is a contingent job posting. Work is not expected to begin until December 2026 or later.

Benefits

• Growth: AI-powered career tool that identifies career steps and learning opportunities.
• Support: An internal mobility team focused on helping you achieve your career goals.
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off.
• Community: Award-winning culture of innovation and a military-friendly workplace.
• Paid leave and paid holidays are prorated based on the employee’s date of hire.
• The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees.
• Other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.