Establishes and administers the overall strategies and procedures for information security. Develops and implements information security and disaster recovery programs in accordance with organizational information security standards.
Responsible for all ongoing activities related to the availability, integrity and confidentiality of patient, provider, employee, and business information in compliance with the organization's security policies and procedures, regulations and law
Identifies, investigates, resolves and develops processes, procedures and associated documentation relative to security of computer systems, networks and telecommunications along with confidentiality and standards administration.
Serves as a leader for teams investigating and addresses various health information security issues.
Ensure the integrity and protection of networks, systems, and applications by enforcement of organizational security policies, and effective operation of security solutions and/or controls.
Conduct security reviews and evaluates information risk on regular time schedule.
Maintain current knowledge of relevant information security threats and technologies.
Ensure compliance with changing cybersecurity laws and applicable regulations
Management of security support staff.
Participate in special projects as assigned.
Master’s Degree in Healthcare Administration or Business Administration or Information Technology is highly desirable.
5+ years progressive experience in health information security management, health information management, information systems and/or health risk management is required.
Knowledge and understanding of relevant legal and regulatory requirements, such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard (PCI).
Knowledge of healthcare industry and hospital operations preferred.
Experience in MEDITECH/EPIC or other Health Information System preferred.
Certification(s) in the information security areas such as the CISSP, CISM, CISA is desirable. Appropriate certification in risk management and/or health care compliance desirable