The Information Security & Privacy Officer is responsible for the direction and oversight of organizational matters governing appropriate access, security, privacy and confidentiality of patient, employee, student, provider and business information. Ensures organizational compliance with applicable statutory and regulatory requirements pertaining to the subjects of information security and privacy for the organization. Frequently interacts with departmental and administrative leaders, Medical staff, vendors, service providers, consultants and contractors. Serves as Bryan Medical Center’s designated “Privacy Officer” required under the Federal Health Insurance and Portability and Accountability Act (HIPAA) 164.530 (a).
Responsibilities include, but are not limited to:
1. Directs the compliance and oversight of information security, confidentiality and privacy-related policies and procedures; serves as an internal information security consultant to the organization.
2. . Establishes and chairs the appropriate governance and advisory teams to identify and maintain policies and procedures for information management, data security and privacy across the organization.
3. Develops structure and processes to maintain compliance with HIPAA regulations and requirements for security and privacy as they relate to the organization.
4. Communicates across the organization the need for proper security, confidentiality and privacy practices; guides the development of education and training processes to include assisting department leaders in establishing and maintaining local processes.
5. Develops a process for reporting and investigating potential information security, confidentiality and privacy violations and facilitates performance improvement initiatives regarding these subjects.
6. Leads the evaluation and recommendation of new technologies and counter measures against threats to information security, privacy and confidentiality and safe, reliable information management functions.
7. Leads the planning for all new systems with respect to security architecture, posture and secure operational practices.
Qualifications: Bachelor’s degree in Information Technology required. Minimum of six (6) years progressive experience in information technology required. Prior experience administering healthcare security systems preferred.
BryanLGH Medical Center - 22 months ago
copy to clipboard