Privacy Officer

This position is closed.



  • Implement, manage and evaluate the Privacy and Freedom of Information Act (FOIA) programs in the facility.
  • Provide privacy and FOIA training within the facility to staff and programs, as required.
  • Process complaints & investigate allegations of illegal or improper activities related to the handling or release of protected info.
  • Initiate and conduct internal compliance reviews, assessments and audits within the facility.
  • Ensure that Privacy Act systems of records maintained at the facility are retained in accordance with system of records notice.
  • Ensure the appropriate utilization of the Release of Information (ROI) Records Management software by the facility.
  • Coordinate records review and redaction by organizations responsible for the records being requested.
  • Advise management and staff on Privacy and Freedom of Information Act issues.
  • Ensure that facility managers & staff understand & fulfill their Privacy and Freedom of Information Act responsibilities.
  • Monitor compliance with privacy program requirements.
  • Conduct privacy assessments at facilities by going on Administrative rounds on a regular basis.
  • Participate on the facility Research and Development (R&D) Committee or Institutional Review Board (IRB).
  • Ensure those who require access to protected health information have appropriately executed Business Associate Agreement.
  • Participate as Privacy/FOIA representative on committees with information security & privacy related functions & responsibilities.
  • Functions as the Boise VAMC Contracting Officer's Technical Representative (COTR) for the VISN Tumor Registry contract.
  • Assesses facility privacy posture by evaluating collection, use, storage and maintenance of sensitive personal info.
  • Prepare required and requested Privacy and Freedom of Information Act reports and information.
  • Develop facility Privacy & FOIA policies and procedures in compliance with department and administration privacy policies.
  • Develop facility-specific privacy and FOIA training materials as needed.
  • Enter all privacy complaints, incidents and data breaches into the Privacy Violation Tracking System (PVTS).
  • Investigate Office of Civil Rights requests related to the HIPAA privacy complaints in conjunction with the VHA Privacy Office.
  • Ensure processes are in place for the accounting of all disclosures of privacy protected information made by the facility.
  • Review research protocols requiring the use of protected health information to ensure all privacy requirements have been met.
  • Investigate data breaches and recommend appropriate remediation.
  • Prepare responses to inquiries from HR, Congressional Offices, and Office for Civil Rights.
  • Identify and recommend Privacy corrections to specific & systemic problems identified.
  • Review and approve all documents that are required for sharing of VA privacy protected data with external agencies.
  • Respond to FOIA requests and maintain records.
  • Review and respond to appeals of denials of FOIA requests and compile the facility's Annual FOIA report.
  • Maintains the facilities cancer registry according to regulations set by laws for reporting.
  • Sends case-finding information to contractor for abstracting of cases.