At UPMC, we are committed to keeping our communities safe and healthy as the COVID-19 pandemic unfolds.

Our recruiters will continue to fill positions throughout this time, but interviews and other processes may be modified to protect the safety of our candidates and employees. Thank you for your patience.

For more information about UPMC's response to COVID-19, please visit

Search Our Jobs

   Current UPMC employees must apply in HR Direct

Manager, Physician Services Division Privacy

  • Job ID: 935139497
  • Status: Full-Time
  • Regular/Temporary: Regular
  • Hours:
  • Shift: Day Job
  • Facility: Corporate Information Services
  • Department: System Security IT
  • Location: 203 Lothrop Street, Pittsburgh PA 15213
  • Union Position: No
  • Salary Range: $30.17 to $50.94 / hour


Under the direction of the Senior Manager, Office of Patient and Consumer Privacy, the Manager, Physician Services Division Privacy coordinates and supports the development and management of a robust privacy compliance program for PSD. This position ensures compliance with all relevant and applicable privacy laws, regulations, standards, and requirements in a manner that continually supports the business and operational areas.


  • Ensures compliance with applicable privacy laws, regulations, standards, and practices.
  • Manages the PSD privacy staff consistent with UPMC's management expectations, policies, and directives.
  • Delegates the responsibilities set forth herein as appropriate to PSD privacy staff and entity privacy officers.
  • Develops and maintains clear and effective privacy policies and procedures that follow applicable privacy laws, regulations, standards, and practices.
  • To ensure PSD applicability, assists in maintaining the UPMC HIPAA Notice of Privacy Practices, and any other legal or regulatory documents.
  • To ensure PSD applicability assists in developing communications and awareness materials and performs outreach to ensure compliance with UPMC's privacy policies and directives.
  • To ensure PSD applicability assists in developing and implementing annual and ongoing privacy training.
  • Manages clear and effective privacy monitoring processes to ensure the proper and timely detection of potential privacy issues.
  • Manages effective privacy remediation and corrective action processes to ensure privacy issues are effectively addressed in a timely manner.
  • Conducts and/or coordinates the review of potential privacy violations and security breach investigations.
  • Responds to, coordinates responses to and/or assists in responding to governmental privacy inquiries and complaints (including the HHS Office of Civil Rights).
  • Assists in communications with patients regarding privacy matters (questions, complaints, etc.).
  • Performs mandatory reporting within the mandated timeframes.
  • Assesses the impact of privacy laws applicable to newly acquired and affiliated organization, ensuring that plans are established and executed to address any required changes.
  • Integrates newly acquired and affiliated practices into UPMC's privacy program.
  • Keeps up-to-date on any new and changing privacy regulations, including all relevant laws, rules, industry standards, organization practices and technology initiatives.
  • Provides clear and effective reports to management, the business, operational areas and other internal/external parties regarding new or prospective privacy laws, regulations, industry standards and best practices.
  • Monitors advancements in privacy practices, standards and technologies.
  • Oversees and conducts periodic risk assessments and gap analyses for HIPAA and other applicable privacy regulations.
  • Collaborates with other departments, such as Corporate Compliance.
  • Develops and delivers clear, effective and timely reports and updates for senior management and/or the Board of Directors regarding privacy program effectiveness, initiatives and issues, including all relevant privacy metrics, dashboards and information.
  • Performs in accordance with system-wide competencies/behaviors.
  • Performs other duties as assigned.


  • Bachelor’s degree required 5 years of relevant healthcare privacy experience and 2 years of progressive leadership experience in healthcare privacy or a related field required
  • CIPP and/or Healthcare Privacy Compliance certification preferred.
  • Strong subject matter expertise and knowledge of all relevant privacy laws, regulations, industry standards, and best practices.
  • Excellent oral, listening, and written communication skills.
  • Strong computer and IT skills preferred. Relevant knowledge about information security and the inherent interplay between privacy and cybersecurity preferred.
  • Must have strong analytical and organizational skills as well as problem-solving capabilities to ensure that business plans and strategies do not subject the organization to any legal or regulatory violations and/or undue risk or exposure.
  • Strong partnership, relationship, consensus, and coalition-building skills required.
  • Strong emotional intelligence and self-awareness required.
  • The role requires a manager who strikes the optimal balance between strategically navigating the compliance requirements and business needs in a manner that's nuanced and mutually reinforcing.
  • Strong strategic, business, operational and leadership mindset and skills required.
  • Highly consultative and partnership-oriented in approach.
  • Strong and reliable judgment and discretion required.
  • Ability to independently and self-sufficiently identify and navigate various privacy-related issues.
  • Strong ethical compass and integrity capital required.
This is a remote opportunity but candidate must have the ability to travel into the office when needed

Licensure, Certifications, and Clearances:
CIPP, Healthcare Privacy Compliance, or equivalent certification preferred

UPMC is an Equal Opportunity Employer/Disability/Veteran

UPMC’s Center for Engagement and Inclusion executes leading-edge and next-generation strategies to advance its diversity management capabilities and national presence as a diversity leader. These strategies include Employee Resource Groups (ERGs), including the Diversity Leadership Network, Female Leadership Innovation and Growth in Health Care & Technology, and PRIDE Health, which offer networking and development opportunities and promote volunteerism in diverse communities.

Total Rewards

More than just competitive pay and benefits, UPMC’s Total Rewards package cares for you in all areas of life — because we believe that you’re at your best when receiving the support you need: professional, personal, financial, and more.

Our Values

At UPMC, we’re driven by shared values that guide our work and keep us accountable to one another. Our Values of Quality & Safety, Dignity & Respect, Caring & Listening, Responsibility & Integrity, Excellence & Innovation play a vital role in creating a cohesive, positive experience for our employees, patients, health plan members, and community. Ready to join us? Apply today.

   Current UPMC employees must apply in HR Direct