Privacy and Compliance Officer (Repost)
Print (https://www.governmentjobs.com/careers/colorado/jobs/newprint/5170906)
Apply
?
Privacy and Compliance Officer (Repost)
Salary
$71,544.00 - $93,012.00 Annually
Location
Denver, CO
Job Type
Full Time
Job Number
ILA 02939 12/15/2025
Department
Colorado Department of Human Services
Division
BHA -
Opening Date
12/15/2025
Closing Date
1/5/2026 11:59 PM Mountain
FLSA
Determined by Position
Type of Announcement
This position is open only to Colorado state residents.
Primary Physical Work Address
710 S. Ash Street, Unit C140, Denver, CO 80246 - Hybrid working arrangements
FLSA Status
Exempt; position is not eligible for overtime compensation.
Department Contact Information
Stacy.chinea@state.co.us
How To Apply
Please submit an online application for this position at https://www.governmentjobs.com/careers/colorado. Reach out to the Department Contact to apply using a paper application, including any supplemental questions. Failure to submit a complete and timely application may result in the rejection of your application. Applicants are responsible for ensuring that application materials are received by the appropriate Human Resources office before the closing date and time listed.
Description
Benefits
Questions
Department Information
This position is open to current Colorado residents only.
Please note: This recruitment may be used to fill multiple vacancies.
Opt in below to receive text message updates on CDHS recruiting events!
CDHSCareers
Most State of Colorado employees are eligible for a great benefit package! Please see the Supplemental Information section below for details!
Description of Job
Hybrid 1 - 4 days in office and at least one in-person meeting per month. This is subject to change due to the BHA's needs.
8-5 Monday through Friday
Please note: These working arrangements are subject to change.
This position is responsible for overseeing the BHA's Privacy and Compliance areas. The purpose of the position is to enhance and protect the BHA's vision, mission, and values by providing risk-based and objective assurance, advice, and insight to individual Offices within the BHA in regard to compliance with state and federal laws and regulations, as well as BHA policies and procedures, that govern privacy and other compliance areas. This position administers a BHA-wide Privacy program that targets BHA divisions/office staff, business associates and trading partners (Example: OIT, HCPF, COAG, outside vendors stakeholders), and is designed so that staff are knowledgeable of BHA and legal requirements for protecting the privacy of confidential information and for instituting policies, procedures, forms and other materials that support this effort via training and enforcement.
In accordance with the Health Insurance Portability and Accountability Act (45 CFR Section 164.530) and other state and federal privacy and security regulations, this position serves as the BHA's BHA Privacy & Compliance Officer. The BHA Privacy & Compliance Officer is a high-level resource in the area of privacy for the BHA. The BHA Privacy & Compliance Officer oversees, monitors, and advises on all ongoing activities related to the development, implementation, maintenance of, and adherence to the BHA's policies and procedures covering the privacy and access to protected information in compliance with federal and State laws and the BHA's information privacy practices. The BHA Privacy & Compliance Officer highlights any concerns related to these areas and their associated risks to the BHA. This position serves as the point position for BHA's compliance with privacy requirements for protected and confidential information. This position works with directors and program managers in managing the implementation of statutory changes affecting the BHA. This position facilitates business associate agreements, security agreements. research requests and projects, and data protection agreements, as well as overseeing investigations of potential privacy breaches and violations, and representing the agency and its policies and practices related to privacy. This position provides technical assistance in relation to the areas described above.
The BHA Privacy & Compliance Officer is the authority for the implementation and ongoing privacy compliance for the Behavioral Health Administration. This requires a high level of knowledge and expertise in the privacy field needed by the agency to support its overall mission. As the privacy senior authority, the position is authorized to take action and issue expert opinions that provide direction for further action by others; design strategy, systems, processes, guidelines, rules, and standards that are mission critical and directly impact the agency's ongoing operation and broad program or policy; and maintain the leadership role in the administration of a privacy program that ensures the protection of confidential information maintained by other divisions and offices.
Such responsibilities include administering a program that assures compliance with federal, State and local laws related to privacy and confidentiality; chairing and/or providing leadership to appropriate boards and committees as relates to privacy; serving as the BHA liaison to regulatory and accrediting bodies for matters relating to privacy; developing and administering enterprise privacy policies; collaborating with BHA and division staff for developing, implementing and administering division/office procedures; devising a monitoring system for all divisions and offices that provides timely privacy status information with corrective actions; receiving and addressing complaints from clients and staff relative to possible violations of privacy practices. To administer such a program, the Data BHA Privacy & Compliance Officer works closely with the BHA's Division Directors.
Duties of the position:
Risk Management
This position has a high-level responsibility for advising the BHA on privacy compliance and other privacy issues derived from privacy laws. The BHA Privacy & Compliance Officer provides guidance to the organization that minimizes data privacy risks, ensures compliance with arising data protection issues, and ensures the confidentiality and protection of data.
Provides technical assistance in establishing data protection policies and behaviors of staff and management throughout the organization, including interactions with other local, State, and federal agencies.
Provides technical expertise regarding the BHA's implementation of HIPAA and other privacy/data protection/information legislation within the State and on a local level.
Develops and maintains BHA privacy policies, procedures, and tools consistent with state and federal privacy statutes.
Reviews and monitors (sometimes in conjunction with the Attorney General's Office, OSC, Contracting Division, etc.) BHA business associate, data protection, security agreements for completeness and compliance with State and federal statutes and internal policy.
Coordinates and works closely with BHA staff to improve compliance throughout the BHA.
Reports to the U.S. Department of Health and Human Services Secretary concerning agency's level of compliance with standards and legislation mandates.
Maintains logs and documentation of findings within the BHA as well as with division/office business associates, including compliance and non-compliance issues, along with recommendations for remediation and/or mitigation of non-compliance issues.
Serves as point person in responding to breaches, specifically proper response, overseeing notifications, when appropriate, and communicating with the Attorney General's office and the U.S. Department of Health and Human Services, as appropriate.
Education and Awareness
Creates and conducts educational and ongoing awareness programs for the BHA workforce, including Divisional HIPAA liaisons as identified by Division Directors. Provides initial and ongoing training for all staff on privacy requirements based on State and federal laws that protect health information. Provides updated training as necessary based on changes in laws and/or BHA policies.
Monitors to assure that employees complete required training. Answers employee questions. Evaluates current business practices to determine level of staff understanding and adjust training efforts to meet the needs of staff. Updates training modules as new requirements are disseminated.
Attends BHA and outside training offerings in order to keep current with the latest requirements and to share agency experiences that have enhanced the privacy program with other agencies.
Regularly communicates with programs, BHA employees, and other agencies to ensure awareness and compliance with the latest information on BHA policies and procedures and state and federal law; potential vulnerabilities and risks; best practices in safeguarding protected information; and continually reinforcing the importance of maintaining the privacy and security of client and other data.
Other duties:
Perform additional duties related to data privacy. Examples include, but are not limited to:
Assists in developing standard operating procedures and guidelines and provides technical assistance to internal and external staff on privacy issues affecting the BHA.
Provides analysis, training, and technical assistance to staff while assisting key managers with rules, changing processes, and working with other external entities, behavioral health providers, to ensure initial and ongoing compliance.
Represents the BHA on state and federal legislation issues related to compliance with privacy regulations.
Prepares materials as required by the BHA and the legislature when requesting funds, justifying current funding, and for ensuring compliance with state and federal privacy laws.
Minimum Qualifications, Substitutions, Conditions of Employment & Appeal Rights
Experience Only:
Seven (7) years of relevant experience in all of the following areas:
HIPAA compliance and data standards, including data privacy
Federal and state statutory/legislative requirements
Developing and maintaining privacy and compliance program documentation and processes
Strong collaboration skills
OR
Education and Experience:
A combination of related education (associates or bachelor's degree) and/or relevant experience in an occupation related to the work assigned, equal to seven (7) years in all of the following areas:
HIPAA compliance and data standards, including data privacy
Federal and state statutory/legislative requirements
Developing and maintaining privacy and compliance program documentation and processes
Strong collaboration skills
Preferred Qualifications:
Managing data sharing/use agreements
Assessing third-party vendor privacy risks
Experience training on HIPAA compliance for various staff at all levels
Conditions of Employment:
CDHS Selection Process Explanation
Employment history is calculated on a full-time basis (40/hrs per week). Part-time employment is calculated on a prorated basis to determine qualifications. Be sure your application specifically addresses your qualifications, experience, work products, and accomplishments as they relate to the position and minimum requirements.
Preferred Qualifications & Competencies:
Relevant years of state service experience.
Minimum Qualification Screening Process
A Human Resources Analyst will review the work experience/job duties sections of the online job application to determine whether your experience meets the minimum qualifications for the position. You must complete the official State of Colorado online application. Cover letters and resumes WILL NOT be reviewed during the minimum qualifications screening process. You must specifically document your work experience and qualifications. Do not use "see resume" or "see attached."
You must meet the minimum qualifications to continue in the selection process. Part-time work experience will be prorated.
Comparative Analysis Process - Structured Application Review
After minimum qualification screening, the comparative analysis process will involve a review and rating of all the information you submit.
Your Work Experience/Job Duties
Document your work experience/job duties to the extent to which you possess the skills, education, experience, minimum qualifications, and preferred qualifications.
If listed, answer all supplemental questions as your answers to these questions will be evaluated during this phase. Provide at least 4-8 sentences for each supplemental question.
Supplemental Questions
Answer the supplemental questions completely and thoughtfully. We will rate your answers based on the content of your response and your writing skills (spelling, grammar, and clarity of your writing).
Appeal Rights
You may file an appeal with the State Personnel Board or request a review by the State Personnel Director if your application is eliminated. You will find the appeals process, the official appeal form, and how to deliver it on the State Personnel Board (https://spb.colorado.gov/) website.
You or your representative must sign and submit the official appeal form for review.
You can find the official appeal form here (https://spb.colorado.gov/sites/spb/files/documents/Consolidated%20Appeal%20-%20Form%20-%202025.pdf) .
You must be deliver the official appeal form to the State Personnel Board:
By email (dpa_state.personnelboard@state.co.us), or
Postmarked in US Mail to(1525 Sherman Street, 4th Floor, Denver CO 80203, or
Hand delivered (1525 Sherman Street, 4th Floor, Denver CO 80203), or
Faxed (303.866.5038) within ten (10) calendar days from your receipt of notice or acknowledgement of the department's action.
Contact the State Personnel Board for assistance:
At (303) 866-3300, or
Refer to the Colorado Code of Regulations (CCR) 801-1, State Personnel Board Rules and Personnel Director's Administrative Procedures, Chapter 8, Resolution of Appeals and Disputes, within the Rules (https://spb.colorado.gov/board-rules) webpage.
Supplemental Information
How to apply to the State of Colorado (https://www.youtube.com/watch?v=bKuwGdPpOW0) (YouTube Video, Runtime 3:59, Closed Captions Available)
The Assessment Process (https://cdhs.colorado.gov/information-for-job-applicants#assessment-process)
For additional recruiting questions, please contact Stacy.Chinea@state.co.us
About Us & Benefits
If your goal is to build a career that makes a difference, join the dedicated people of the Colorado Department of Human Services (https://www.colorado.gov/cdhs) (CDHS). Our professionals strive to design and deliver high quality human and health services that improve the safety, independence, and well-being of the people of Colorado. Each of us is committed to contributing to a safe and accessible CDHS . In addition to a great location and rewarding and meaningful work, we offer:
Strong, secure, yet flexible retirement benefits including a PERA Defined Benefit Plan or PERA Defined Contribution Plan plus 401(k) and 457 plans
Medical (https://dhr.colorado.gov/state-employees/state-employee-benefits/medical-benefits) and dental (https://dhr.colorado.gov/state-employees/state-employee-benefits/dental-insurance) health plans
Employer supplemented Health Savings Account
Paid life insurance
Short- and long-term disability coverage (https://dhr.colorado.gov/state-employees/state-employee-benefits/disability-insurance)
11 paid holidays per year plus vacation and sick leave
State of Colorado Employee BenefitHub Resource Center (https://stateofcolorado.benefithub.com/app/home)
Employee Wellness program
Excellent work-life programs, such as flexible schedules, training and more
Remote work arrangements for eligible positions
*Some positions may qualify for the Public Service Loan Forgiveness Program (https://dhr.colorado.gov/dhr-resources/student-loan-forgiveness-programs) .
Our Values
We believe in a people-first approach: We prioritize the needs, well-being, and dignity of the individuals, families and communities we serve. We commit to respect, fairness and access in every decision, policy and interaction. We engage client voices and experiences in the development and implementation of the services we provide.
Balance creates quality of life: We want our team to be resilient through a supportive workplace that values flexibility, health and wellness, and employee engagement.
We hold ourselves accountable: We take responsibility through our actions, programs, and results for the state of health and human services in Colorado.
Transparency matters: We are open and honest with employees, our partners, the Coloradans we serve, and the public.
We are ethical: We abide by what is best for those we serve by doing what is right, not what is easy.
Collaboration helps us rise together: We work together with all partners, employees, and clients to achieve the best outcomes for Coloradans.
ADA Accommodations
CDHS is committed to a Colorado for ALL qualified individuals. As part of this commitment, our agency will assist individuals who have a disability with any reasonable accommodation requests related to employment.
This includes completing the application process, interviewing, completing any pre-employment testing, participating in the employee selection process, and/or performing essential job functions where the requested accommodation does not impose an undue hardship. If you have a disability and require reasonable accommodation to ensure you have a positive experience applying or interviewing for this position, please direct your inquiries to cdhs_ada@state.co.us .
EEO Statement
The State of Colorado is an equal opportunity employer
We are committed to increasing a "Colorado for ALL" of our staff and providing culturally responsive programs and services. Therefore, we encourage responses from people of all backgrounds and abilities. The State of Colorado believes that a "Colorado for ALL" drives our success, and we encourage candidates from all identities, backgrounds, and abilities to apply. The State of Colorado is an equal opportunity employer committed to building inclusive, innovative work environments with employees who reflect our communities and enthusiastically serve them. Therefore, in all aspects of the employment process, we provide employment opportunities to all qualified applicants without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity or expression, pregnancy, medical condition related to pregnancy, creed, ancestry, national origin, marital status, genetic information, or military status (with preference given to military veterans), or any other protected status in accordance with applicable law.
Additional Support For Your Application
Toll Free Applicant Technical Support
If you experience technical difficulty with the NEOGOV system (e.g. uploading or attaching documents to your online application) call NEOGOV technical support at 855-524-5627 Mon-Fri between 6 am and 6 pm (Pacific Time). Helpful hints: if you are having difficulty uploading or attaching documents to your application 1) ensure your documents are PDF or Microsoft Word files and 2) close the document before you attempt to upload (attach) it.
Required Supplemental Questions:
(Multiple Choice) The bottom of this job announcement provides links to additional information on how to apply, the assessment process, toll free applicant technical support, and about how the State of Colorado is an equal opportunity employer.
Please acknowledge below that you have read the information provided in these links.
This information is available to me and I have read this information.
I am unable to access the links with this information on the job posting. (If you select this option, please contact the recruiter, whose information is listed on this announcement, so that they can send this information directly to you.)
Your legal name is used in the hiring process for background checks. Did you use your full legal name in your application? If not, please update your information before submitting your application. Yes/No
If you are a current or former State of Colorado employee, please list your employee number (starts with 997...). Your application may be considered incomplete if you do not provide this information. An incomplete application may not move forward in the Selection process. If you are a former or current state employee, please identify what state agency you work(ed) with and how many years of relevant state service you have related to the position you are applying for. (Ensure this is listed on your application under work experience).
Former State employees who were disciplinarily terminated or resigned in lieu of termination must disclose the information on the application.
In the space below, please explain why the prior termination or resignation should not disqualify your application from the current position.
~THE STATE OF COLORADO IS AN EQUAL OPPORTUNITY EMPLOYER~
Toll Free Applicant Technical Support (https://cdhs.colorado.gov/information-for-job-applicants#technical-support)
The State of Colorado offers permanent employees a variety of benefits including medical, dental, life and disability insurance, as well as a comprehensive leave program. Please click the following link for detailed information: www.colorado.gov/pacific/dhr/benefits
Please note that each agency's contact information is different; therefore, we encourage all applicants to view the full, official job announcement which includes contact information and class title. Select the job you wish to view, then click on the "Print" icon.
01
The bottom of this job announcement provides links to additional information on how to apply, the assessment process, toll free applicant technical support, and about how the State of Colorado is an equal opportunity employer. Please acknowledge below that you have read the information provided in these links.
This information is available to me and I have read this information.
I am unable to access the links with this information on the job posting. (If you select this option, please contact the recruiter, whose information is listed on this announcement, so that they can send this information directly to you.)
02
Your legal name is used in the hiring process for background checks. Did you use your full legal name in your application? If not, please update your information before submitting your application.
Yes
No
03
If you are a current or former State of Colorado employee, please list your employee number (starts with 997...). Failure to provide this requested information may render your application incomplete, and you may no longer be considered for the position.
04
Former State employees who were disciplinarily terminated or resigned in lieu of termination must disclose the information on the application. In the space below, please provide an explanation as to why the prior termination or resignation should NOT disqualify your application from the current position.
05
This position requires a high level of expertise in privacy regulations, especially HIPAA. How would you approach assessing the BHA's current compliance status? Describe the process you would use to proactively identify potential risks and vulnerabilities and the key metrics or indicators you would use to gauge the organization's overall compliance.
06
A key function of this role is building and maintaining relationships with diverse stakeholders, including internal divisions, external partners, various state agencies and vendors. Describe your approach to building rapport and trust with stakeholders who may have different priorities or perspectives. Provide a specific example of a time you had to collaborate closely with a challenging stakeholder to achieve a shared objective for a critical project.
07
Describe a time you had to communicate a sensitive or complex compliance issue to leadership or a key stakeholder. What was the situation, how did you present the information, and what was the result of that communication?
08
The adoption of new technologies, including artificial intelligence (AI) and machine learning tools, presents unique challenges for privacy and compliance. How would you proactively identify, assess, and mitigate the privacy and security risks associated with the use of AI? Please provide a specific example of a process you would implement to vet and onboard a new AI vendor to ensure they meet HIPAA and other regulatory requirements.
09
Have you reviewed the salary range for this position? If offered, would you accept a salary within that range?
Required Question
Employer
State of Colorado
Address
See the full announcement by clicking
the "Printer" icon located above the job title
Location varies by announcement, Colorado, --
Website
https://careers.colorado.gov/
Apply
Please verify your email addressVerify Email
