IT Governance and Policy Writer, Consultant

Description Your Role The IT Policy Writing Subject Matter Expert will provide expertise in the development, analysis, and implementation of Information Technology policies to support Blue Shield of California’s mission. This role requires an in-depth understanding of health insurance, insurance and privacy laws and regulations, industry standards, and policy development processes to ensure that organizational policies are effective, compliant, and aligned with strategic objectives. In this role you will be instrumental in managing the the Information Technology Policy Life Cycle (ITPLC). The ITPLC provides the means to ensure that information technology policies and standards address current and changing organizational needs, technology advancements, risk appetite, and business goals. Responsibilities Your Work In this role, you will: Policy Development: Lead the development, writing, updating, editing, and review of policies related to organization’s initiatives Analyze effectiveness of policies and recommend improvement opportunities to management Work autonomously and as a member of a highly- collaborative team Independently research to collect information using diverse sources as the groundwork for developing legally and technically sound policies Stakeholder Engagement: Collaborate with internal stakeholders to gather input and feedback on policy development Facilitate discussions and consultations with subject matter experts, legal advisors, Human Resources, Blue Cross Blue Shield (BCBS) association and regulatory experts Authorization, Documentation and Reporting: Obtain authorization for new policies and revisions to policies from the policy Owner (e.g., Vice President) Track policy documents to ensure policies are regularly reviewed, revised, approved, and posted to the policy repository Publish policies, work with organizational management to ensure accessibility, and ensure changes to policies are promptly and formally communicated Prepare detailed reports on policy development activities, outcomes, and compliance status Regulatory Compliance: Monitor and analyze changes in federal and state healthcare and privacy regulations that may impact policies Ensure policies are aligned with Blue Shield’s strategic goals Provide guidance on regulatory, BCBS association, and industry standards requirements and best practices to internal teams Provide requested information and/or documentation for internal and external audits Training and Education: Educate staff and stakeholders on policy requirements and compliance obligations Provide ongoing support and clarification on policy-related questions and issues Qualifications Your Knowledge and Experience Requires a bachelor's degree or equivalent experience and a minimum of 7 years of prior relevant experience Requires 3 years of experience revising/writing IT Policies Certifications (preferred): CISM - Certified Information Systems Manager CRISC – Certified in Risk and Information Systems Control CISSP - Certified Information Systems Security Professional Experience with compliance and understanding of health insurance laws and regulations, information technology, information security, and privacy laws and regulations Strong writing, editing, proofreading, and communication skills In-depth knowledge of industry best practices, and policy development Excellent analytical and critical thinking abilities Facilitating/Presenting both in-person and virtual discussions on related policy topics Ability to work collaboratively with diverse stakeholders Detail-oriented with strong organizational and project management skills Proficiency in using research tools and software Laws and Regulatory knowledge: The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act) Code of Federal Regulations Title 45 - Parts 160 and 164 (Health Care Security and Privacy) Centers for Medicare & Medicaid Services (CMS) Sarbanes–Oxley Act of 2002 (Section 404 – Internal Controls) Gramm-Leach-Bliley Act (Privacy Policies and Practices) Association and Industry knowledge: Payment Card Industry (PCI) National Institute of Standards and Technology (NIST): Cybersecurity Framework and Security and Privacy Controls for Information Systems and Organizations (800-53 r5) Blue Cross Blue Shield (BCBS) Association Cloud Security Alliance (CSA) Pay Range: The pay range for this role is: $ 118800.00 to $ 178200.00 for California. Note: Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade. Blue Shield salaries are based on a variety of factors, including the candidate's experience, location (California, Bay area, or outside California), and current employee salaries for similar roles. #LI-CM1 Apply Job! Apply tot his job