Job Description

About Us:

NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. We’re independent and vendor-neutral, so we have our clients’ best interests at heart. At NYSTEC, we know that we succeed when individuals and teams flourish personally and professionally, so our benefits and perks support that mindset.

About the Role:

As a privacy analyst in the Cybersecurity and Data Privacy practice, you will collaborate closely with other team members to support our clients in today’s rapidly evolving privacy landscape. Our clients consider NYSTEC to be a trusted privacy program advisor, as we provide subject matter expertise and program operations support for our clients. Your day-to-day role as a NYSTEC consultant involve supporting the privacy program for the New York State Medicaid Program.

The Medicaid privacy program manages a great deal of complexity associated with regulatory compliance and data sharing agreements. Individual team members have responsibility for different elements of the program, dealing with diverse organizations with unique data sharing needs and approaches. Our team helps ensure that these efforts are conducted within the limits of New York State and federal law and adequately support the needs of Medicaid recipients.

The ideal candidate will have a passion for data privacy and regulatory compliance and experience with the Health Insurance Portability and Accountability Act (HIPAA), as well as with New York State and federal privacy laws and regulations. In this role, you will work independently and with teams to develop solutions to complex problems.

This is a fully on-site position in Albany, NY. Qualified candidates should reside within a commutable distance to Albany, NY.

Key Responsibilities

• Overseeing privacy program work product.
• Managing data use and business associate agreements for diverse and complex internal and external stakeholder organizations.
• Disseminating official privacy program correspondence pertaining to Medicaid privacy and data sharing activities.
• Analyzing system requirements and documentation for privacy implications.
• Facilitating meetings with internal and external stakeholders.
• Assisting clients with balancing business needs with privacy best practices and requirements.
• Managing relationships and communications with executives, clients, third-party vendors, and stakeholders.
• Creating, reviewing, and editing documentation.
• Giving presentations.
• Providing project and programmatic management of a large and complex privacy program.

About you:

Required Qualifications

• Excellent work ethic, critical thinking, analytic, and problem-solving skills.
• Clear and concise written and verbal communication skills.
• Effective diplomacy and stakeholder relationship development and management skills.
• Well-developed and demonstrable emotional intelligence (EQ).
• High degree of conflict resolution skills.
• Extensive knowledge of and experience privacy standards.
• Mature knowledge of information security domains, including risk management, policies, procedures, and security controls.
• Foundational understanding of key internet-based technologies, such as cloud computing and artificial intelligence and the associated privacy implications.
• Excellent written and verbal communication and interpersonal skills.
• Proficiency with the Microsoft Office suite of applications.

Preferred/Desired Qualifications

• New York State and federal health policy experience.
• Security and/or privacy certifications from accredited organizations, such as the International Association of Privacy Professionals (IAPP) and the International Information System Security Certification Consortium (ISC2).
• Knowledge of the New York State Medicaid program, its systems, data, and uses.
• Expertise in public health, health information, or security and privacy policies and standards, such as National Institute of Standards and Technology (NIST) 800-53 and the Centers for Medicare & Medicaid Services (CMS) Information Security and Privacy Acceptable Risk Safeguards (ARS).
• Master’s Degree or Juris Doctor (JD) is preferred.

Education and Experience

• A minimum of a Bachelor of Arts degree with at least seven years of experience in privacy, law, regulatory compliance, or health care policy.

The target base salary for this position is $109,639.00 to $145,271.00 per year. When determining compensation, we analyze and carefully consider several factors, including skill set, experience, location, and job-related qualifications.

It is NYSTEC's policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex, or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances. NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact recruitment@nystec.com if you require a reasonable accommodation to apply for or to perform this job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.

Learn more about NYSTEC by visiting

Job Tags

Similar Jobs