[COMMENT1] SPARROW HOSPITAL AND
HEALTH SYSTEM
JOB
DESCRIPTION
1. Job Title: Data
Security Administrator - Associate 2. Date: May 8,
2001
3. Corresponding Role Statement: Executive Director Manager Supervisor
4. Department #: 8357 Department
Name: Data Security
Administration
5. Class Code: Pay Grade: 6. Status: X Exempt Non-Exempt
7. Reports Directly To (Position): Data Security
Manager
8. Purpose of Job:
Under direct supervision, assists in the day to
day operations of Data Security.
Assists in the research, fact finding, evaluation, planning and
documentation for security system reviews and projects. Assists in the maintenance of security
procedures ensuring availability, integrity and confidentiality of systems and
information. Performs routine monitoring
and evaluation activities. Provides
management with status reports.
9. Principal Duties and Responsibilities (Consistent with the
Role Statement):
a) As a team member,
support information systems and technology projects by evaluating and
recommending security/privacy controls and mechanisms.
b) Participate in selection
and implementation of new applications and technology to ensure information
security requirements are considered and incorporated.
c) Maintain security
policies, procedures and guidelines that are in compliance with Sparrow Health
System policies and generally accepted information systems control
requirements.
d) Under direct
supervision, investigate and document improper information disclosures or
security incidents.
e) Assist in security
product research and evaluation.
f)
Assist
in the implementation and documentation of security software/hardware.
g) Keep abreast of current
and emerging technical information security developments including related
federal and state laws and accreditation requirements.
h) Work with technical and
analytical resources to develop reports and effectively monitor security.
i)
Respect
and maintain confidentiality of enterprise information including specified
security plans and controls.
j)
Perform
other information security functions as assigned by the Data Security
Administration Manager/Chief Security Officer.
10. Working Conditions:
a) Office and computer room
environment.
b) Some travel required.
c) Extensive keyboard usage
and exposure to CRT/monitor.
d) Minimal exposure to
latex, less than 10%.
11. Positions That Report Directly To This Position:
a) Must develop and
maintain effective relationships with technical and departmental staff.
12. Knowledge, Skills, Experience Required (Consistent With The
Role Statement):
a) Bachelor’s degree or
equivalent combination of education and work experience required.
b) Broad technical
knowledge and experience to include one or more of the following areas: network
engineering and/or administration (TCP/IP, NT, and Novell); telecommunications
analysis and design; application system administration; application system
development, implementation, and support; system operations management;
information systems audit; business continuity/disaster recovery planning; and
other electronic security mechanisms.
c) General knowledge of
security and privacy principles and the ability to apply them to the healthcare
environment.
d) Excellent oral and
written communication skills. Ability to plan, design, write, administer and
interpret information security policy.
e) Interpersonal skills at
a level to function well in a wide range of administrative and management
environments and a strong image of professional discipline.
13. Approvals:
Director: Date:
Executive: Date:
Human Resources: Date:
This description is
intended to indicate the kinds of activities and levels of work difficulty
required for positions with this title and should not be construed as declaring
the specific duties and responsibilities of any particular position. The duties described should not be held to
exclude other duties not mentioned that are of similar kind or level of
difficulty.