HIPAA and Promoting Interoperability Lead at Dignity Health
HIPAA and Promoting Interoperability Lead
- Job ID: 2020-126394
- Employment Type: Full Time
- Department: IT Security
- Hours / Pay Period: 80
- Facility: Dignity Health System Office
- Shift: Day
- Standard Hours: Monday – Friday
- Work Schedule: 8 Hour
- Location -Remote Opportunity
Dignity Health, one of the nation’s largest health care systems, is a 22-state network of more than 9,000 physicians, 63,000 employees, and 400 care centers, including hospitals, urgent and occupational care, imaging and surgery centers, home health, and primary care clinics. Headquartered in San Francisco, Dignity Health is dedicated to providing compassionate, high-quality, and affordable patient-centered care with special attention to the poor and underserved. In FY17, Dignity Health provided $2.6 billion in charity care, community benefit, and unpaid cost of government programs. For more information, please visit our website at www.dignityhealth.org. You can also follow us on Twitter and Facebook.
The HIPAA and Promoting Interoperability Team Lead is responsible for leading and conducting enterprise and facility level security risk assessments. As a subject matter expert, you will run and improve a Cybersecurity compliance program that meets the requirements for HIPAA Security Rule and Promoting Interoperability. You will focus on assessing security controls, identifying risk, and providing insight to the organization on sustaining compliance with all relevant policies and regulations. You will also design corrective action plans for mitigating risk and monitor the remediation progress to completion.
Excellent technical and communications skills are a must, as well as proven security compliance experience.
- Lead and facilitate compliance with HIPAA Security Rule and Promoting Interoperability.
- Lead security and compliance activities including to: collect and review relevant compliance-related data, conduct analysis, and identify key risk indicators. In areas not in compliance, determine mitigation approaches and monitor for completion of corrective actions.
- Actively contribute to the administration, maintenance and improvements of CommonSpirit Health’s compliance program.
- Lead and manage projects in support of program improvement and maturity.
- Act as a subject matter expert and maintain up- to- date knowledge of healthcare compliance and regulatory requirements.
- Coordinate activities related to responses to external audits and inquiries from regulators such as Office for Civil Rights (OCR).
- Analyze and report on outcomes of compliance activities in support of Key Risk Indicators.
- Develop and provide security training and support to staff to ensure quality standards of program are followed.
- Partner with cross-functional departments in IT and organization to foster a culture of security and compliance.
- Perform other duties as required.
- Bachelor’s Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience required.
- 3-4 years’ experience in an information security compliance, audit, or risk management role with hands-on experience in HIPAA preferred
- Experience in Windows Office (Work, Excel, etc.) required.
- Proven ability to complete projects according to outlined scope, budget, and timeline
- Understanding of security metrics and creation of useful dashboards for management review and consumption Demonstrated experience in working in a high paced multi-tasking environment.
- Experience seeing projects through the full life cycle
- One or more relevant technical/professional security certifications (such as: COMP-TIA Network+ , Security+, SANS GIAC, CISSP, CRISC, CISA, or CISM) required.
- Strong analytical and problem-solving skills with the ability to function as a change agent
- Strong interpersonal skills and extremely resourceful
- Strong skills with intermediate to advanced level expertise with Excel and PowerPoint
- Master’s degree in a computer or information management field preferred
- Additional experience with other compliance initiatives preferred. Such as:
- NIST (CSF & RMF)
- COSO, CoBIT, ISO2700
- EU-GDPR, CCPA
- SAE-16 [SOC-1 and SOC-2]
- Two or more relevant technical/professional security certifications (specifically CISSP, CRISC, CISA, or CISM) are preferred.
- Strong knowledge of healthcare environments preferred.
- 1-2 years project management for projects experience preferred
- 3-5 years risk management GRC experience in the healthcare/medical environment preferred
Sign up for Daily Remote Job Alerts!