Health Information Manager/HIPAA Officer FT Day shift

Company: Birmingham Green Health Center for Comm Cnts
Location: Manassas
Posted on: February 18, 2026

Job Description:

Job Description Job Description BIRMINGHAM GREEN Nursing Home and Assisted Living Facilities Health Information Manager/HIPPA Privacy-Security OfficerFull-time Day shift Birmingham Green is a person-centered care-focused community located in Manassas, Virginia. We have been providing high-quality and affordable care for over 90 years. For a view into our world, Please visit our website at www.birminghamgreen.org Responsibilities/Accountabilities We have an amazing opportunity for a Health Information Manager/HIPPA Privacy Security Officer: Health Information Manager: Must keep current on all guidelines and regulations related to the medical records function for both the Nursing Home and Assisted Living facilities. Analyzes requests for medical information, evaluates the legality of releases, extracts pertinent portions of medical records, copies, mails, and/or releases in accordance with departmental policies to safeguard patient confidentiality. Must maintain a log of all inquiries of released information. Assists in the development, documentation, and enforcement of policies and procedures in the handling of medical records. Creates patient folders and charts for new residents using unique identification numbers according to established protocols. Creates and distributes admissions packets to Unit Secretaries and ensures adequate supply. Retrieves patient charts and re-files charts in proper sequence; completes out-guides for pulled charts. Locates records that have been checked out or are missing, in accordance with departmental policies for safeguarding patient records. Recommends and implements changes in processes or practices within the medical records as deemed appropriate or necessary while maintaining compliance with nursing home and assisted living guidelines and regulations. Responsible for packing, labeling, and storing nursing documentation from Nursing Administration. Sorts and files loose paperwork in patient charts; maintains medical records in proper order. Thin charts as necessary, according to department policies. Files COC letters in residents’ folders located in the Health Information Department. Ensures compliance with campus-wide practices. Picks up, processes, and delivers reports, x-rays, or slides; obtains approval signatures from medical service providers. (Doctor’s signature on phone orders and P.O.S.) Follows departmental procedures for archiving and storing inactive records utilizing outside storage. Responsible for all storage protocols, including but not limited to boxing, labeling, calling for pick-up, maintaining appropriate logs, destruction, or retrieval of all records. Responsible for ensuring proper storage of records for the entire campus. Responsible for sending out Inventory letters listing the personal property of discharged or expired residents. Responsible for filing Medicare D in the neighborhoods and changing folders if the resident is transferred to another neighborhoods. Responsible for obtaining information on resident cards in the Health Information office. The file box must be kept up to date. Responsible for updating the Discharge Log. Responsible for chart audits for Quality Assurance review. (Nursing, case management, DNR, podiatrist, ophthalmologist, dental). Responsible for ensuring quality assurance audits for the entire campus. Follows established departmental policies, procedures, and objectives, continuous quality improvement objectives, and safety, environmental, and/or infection control standards. Participates in state surveys as needed to provide required medical records information and documentation for nursing home and assisted living facilities, and directs other medical records staff as needed. Privacy Officer: Assists in the identification, implementation, and maintenance of the organization’s information privacy policies and procedures in coordination with his/her immediate supervisor. Serves in a leadership role for the Privacy Oversight. Performs ongoing compliance monitoring activities. Has and maintains appropriate privacy and confidentiality consent & authorization forms, information notices, and materials reflecting current organization and legal practices and requirements. Oversees, directs, delivers, or ensures delivery of privacy training and orientation to all employees, volunteers, medical and professional staff, and applicable business associates. Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements to ensure that all privacy concerns, requirements, and responsibilities are addressed. Establishes and maintains a mechanism to track access to protected health information, within the purview of the organization and as required by law, to allow qualified individuals to review or receive a report on such activity. Oversees and ensures the right of the organization’s patients to inspect, amend, and restrict access to protected health information, when appropriate. Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the practice/organization ’s privacy policies and procedures in coordination and collaboration with other similar functions and, when necessary, legal counsel. Ensures compliance with privacy practices and consistent application of sanctions for failure to comply with privacy policies for all individuals in the organization’s workforce, extended workforce, and for all business associates, in cooperation with his/her immediate supervisor, Human Resources, the information security officer and legal counsel, as applicable. Initiates, facilitates, and promotes activities to foster information privacy awareness within the organization and related entities. Serves as the information privacy liaison for users of clinical and administrative systems. Reviews all system-related information security plans throughout the organization’s network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department, if applicable. Works with all organization personnel involved with any aspect of release of protected health information, to ensure full coordination and cooperation under the practice/organization ’s policies and procedures and legal requirements Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information privacy technologies to ensure organizational adaptation and compliance. Cooperates with the U.S. Department of Health and Human Services’ Office of Civil Rights, other legal entities, and organizations of officers in any compliance reviews or investigations. Security Officer: Maintains current and appropriate body of knowledge necessary to perform the information security management function. Effectively applies information security management knowledge to enhance the security of the open network and associated systems and services. Maintains working knowledge of legislative and regulatory initiatives. Interprets and translates requirements for implementation. Develops appropriate information security policies, standards, guidelines, and procedures. Works effectively with the Information Privacy Officer, other information security personnel, and the committee process. Provides meaningful input, prepares effective presentations, and communicates information security objectives. Participates in short- and long-term planning. Monitors Information Security Program compliance and effectiveness in coordination with the entity’s other compliance and operational assessment functions. Oversees, directs, delivers, or ensures delivery of initial security training and orientation to all employees, volunteers, medical and professional staff, contractors, alliances, business associates, and other appropriate third parties. Establishes with management and operations a mechanism to track access to protected health information, within the purview of the organization, and as required by law, and to allow qualified individuals to review or receive a report on such activity. Ensures compliance with security practices and consistent application of sanctions for failure to comply with security policies for all individuals in the organization’s workforce, extended workforce, and for all business associates, in cooperation with Human Resources, the information privacy officer, administration, and legal counsel as applicable. Initiates, facilitates, and promotes activities to foster information security awareness within the organization and related entities. Serves as the information security liaison for users of clinical and administrative systems. Reviews all system-related information security plans throughout the organization’s network to ensure alignment between security and privacy practices and acts as a liaison to the information systems department. Conducts investigations of information security violations and computer crime. Works effectively with management and external law enforcement to resolve these instances. Reviews instances of noncompliance and works effectively and tactfully to correct deficiencies. Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information security technologies to ensure organizational adaptation and compliance. Serves as an information security consultant to the organization for all departments and appropriate entities. Cooperates with the Office of Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations. Works with organization administration, legal counsel, and other related parties to represent the organization’s information security interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard. Verifies that IT systems meet predetermined security requirements. Experience/Skills/Education Required: Bachelor's degree in health information management or a related healthcare field. Knowledge and experience in state and federal information privacy laws, including but not limited to HIPAA. Demonstrated organization, facilitation, written and oral communication, and presentation skills. Recommended privacy certification such as Certified in Healthcare Privacy and Security (CHPS) and/or other healthcare industry-related credential, e.g., RHIA, RHIT. Three years of experience that is directly related to the duties and responsibilities. Benefits We offer a competitive package of benefits and perks, which includes: Medical, dental, vision, long-term disability, life insurance, legal guard plan, and pet insurance 23 days paid time off (employees can accrue up to 240 hours of paid time off) 10 Paid Holidays Retirement plans through the Virginia Retirement System (VRS) - www.varetire.org Tuition Reimbursement Employee Assistance Program (EAP) Employee Discounts - LifeMart Employee Discounts - Cafeteria How to Apply If you have been thinking about making a change and you want to make the right change in 2025, then this opportunity is for you. Join an extraordinary community and an exceptional team. Birmingham Green 8605 Centreville Rd. Manassas, VA 20110 Attn: Alice Decker, HR Director 703-257-6210 703-257-0811 - Fax We sincerely thank all applicants for their interest in Birmingham Green.

Keywords: Birmingham Green Health Center for Comm Cnts, Potomac , Health Information Manager/HIPAA Officer FT Day shift, Healthcare , Manassas, Maryland