Current TFHS employees click here to apply.

Quality & Regulations

Risk Management/Privacy Officer - Full Time - 1/09/19

Bargaining Unit:  Non Represented                      

SUMMARY:  Responsible for enterprise-wide risk management plan. Responsible to eliminate or reduce the incidence and severity of harm/loss to patients, families, staff, and the organization.  Assists in the identification, management and reduction of risk involving both clinical scenarios, general and specific liability exposures.  

Is the Health System Privacy Officer and oversees all ongoing activities related to the development, implementation, maintenance of, and adherence to the organization’s policies and procedures covering the privacy of, and access to, patient health information in compliance with federal and state laws and the healthcare organization’s information privacy practices.


Serves as risk management subject matter expert and provides consultation and education to clinical practitioners, administration, and staff; functions as process improvement team leader/member to reduce hospital-acquired conditions, injuries, errors, and unintended outcomes.  This expertise is provided in various venues as appropriate or assigned.

Collaborates with Patient Safety Specialist on patient safety initiatives as identified through the analysis of event reporting data.  Assists with patient safety improvement efforts.

Analyzes event reporting data, identifies trends, and develops plans for improvement with key stakeholders.

Responsible all-lines of insurance programs for the District (except the employee health benefits and Workers’ Compensation); to include claims management with insurers, renewal applications, certificates of coverage, risk analysis and coverage determinations.  Responsible to preserve District’s insurance coverage through timely and proper notice of claims to any insurer for any covered event.

In conjunction with TFH Legal department and outside counsel, participates in all litigation related to health care liability, personal injury, premises/property, crime, Director and Officers, Errors and Omissions, cyber liability and other claims matter within the areas of responsibility.  Monitors legal performance and costs in areas of responsibility, and serves as liaison to insurers and retained legal counsel.  Attends any legal proceeding as District (corporate) representative, as appropriate.

Provides litigation and claims briefings to the Board of Directors in closed session on a quarterly basis, or at other intervals as directed.

Provides Risk Management summary reports to the Board of Directors and Medical Staff Quality Committee in closed session on a biannual basis, or at other intervals as directed.

Conducts or facilitates Failure Mode and Effects Analysis (FMEA) when indicated on prospective operations and performs or facilitates Event Analysis/Root Cause Analysis (RCA) according to policy.  Reports event summaries and action plans to appropriate venues; monitor corrective actions implemented from same.

Administers Quantros incident reporting database.  Orients Director/Managers to the system and assist them with managing events.

Maintains knowledge of state and federal regulations, proposed changes or revised interpretations related to healthcare law.

Cooperates with the medical peer review and committees on issues related to standards of care, patient safety, risk management and other areas of expertise.

As assigned, works under the direction of the Director of Quality & Regulations to investigate events, conduct research, or other relevant activities associated with the department.

Upon request, assists the Director of Quality & Regulations in administrative duties and assigned projects.

Develops appropriate operational linkages to correct actual and potential problems that have been identified in the areas of responsibility.

Provides development guidance and assists in the implementation and maintenance of organization information privacy policies and procedures.

Performs initial and periodic information privacy risk assessments.

Works with legal counsel and management, key departments, and committees to ensure the organization has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements.

Oversees, directs, delivers, or ensures delivery of initial and privacy training and orientation to all employees, volunteers, medical and professional staff.

Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements.

Establishes, with management and operations, a mechanism to track access to protected health information.

Works cooperatively with the Health Information Management (HIM) Director and other applicable organization units in overseeing patient rights to inspect, amend, and restrict access to protected health information when appropriate.

Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization’s privacy policies and procedures.

Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.

Works with all organization personnel involved with any aspect of release of protected health information.

Cooperates with the Office of Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations.

Works with organization administration, legal counsel, and other related parties to represent the organization’s information privacy interests with external parties (state or local government bodies).

Represents the department on appropriate committees as assigned.

Prepares and submits reports as required.

Recommends appropriate revisions to new or existing policies related to areas of expertise.

Interacts with clinical staff regarding ongoing investigations and corrective action plans.

Implements educational information and programs as appropriate.

Demonstrate System Values in performance and behavior.

Comply with System policies and procedures.

Other duties as may be assigned.

EDUCATION AND EXPERIENCE:  Juris Doctorate required.  A minimum of four years of related experience in risk management, patient relations, patient safety and/or quality management in a hospital or health care setting is required.  Recent experience in a related position with a history of receiving direction from a risk/quality/patient safety manager.  Three to five years of experience in managing insurance programs in complex medical organizations.

LICENSES, CERTIFICATIONS:  Preferred: Current California RN License or commensurate clinical license and Risk Manager Certification (Certified Professional in Healthcare Risk Management); Certified investigator/examiner.

OTHER EXPERIENCE/QUALIFICATIONS:  Ability to problem-solve patient care issues, perform interpretation of policies and procedures and collaborate with various staff members at all levels of the organization.  Strong written and oral presentation skills are necessary.