The Health Services Department is requesting exemption from the Merit System the classification of County Compliance and HIPAA Privacy Officer-Exempt. The County Compliance and HIPAA Privacy Officer-Exempt is given a high-level of authority and policy-setting role not just for Health Services but for other county departments such as County Counsel, Auditor-Controller, Human Resources, Public Works, and Risk Management, which are affected by the Health Information Portability and Accountability Act. Per the Board Order approved by the Board of Supervisors in 2003, the HIPAA Privacy Officer is responsible for overseeing a HIPAA compliance program to ensure processes are implemented in adherence to Federal and State laws related to the privacy, security, confidentiality, and protection of personally identifiable health care information. This single-position classification is charged with developing and administering a county-wide HIPAA training program and serves as an independent body to review and evaluate all compliance issues. It also serves as the internal resource to receive and direct concerns to appropriate stakeholders for investigation and resolution of privacy matters.
There would be no specific classification dedicated to ensuring the County's HIPAA standards and practices are in compliance with Federal and State laws.