Summary of Major Duties
Reporting to the Chief Information Officer, the Information Security
Officer will direct the organization's activities in matters that govern appropriate
access and protection of patient, provider, employee, and business information in
compliance with the company's policies and procedures, applicable regulations, and laws.
Direct the compliance of all information security related policies and procedures,
and serve as an internal information security consultant to the organization. Leads
the Information Security Council in development and enforcement of information
security policies, guidelines, and procedures. Perform periodic information security
risk assessments and serve as an internal auditor for security issues to ensure that
appropriate access levels to confidential printed and electronic information are
maintained. Ensure that security standards are compliant with statutory and regulatory
requirements. Evaluate and recommend new information security technologies, and
new countermeasures against threats to information or privacy.
Qualifications and Requirements
Requires five (5) years experience in an Information Security role with 2-3 years in a
management capacity, including demonstrated ability to lead the development of an
Information Security program. Healthcare experience is preferred, including knowledge
of: hospital protocols and procedures; functional relationships between departments
within a healthcare or similar environment; and JCAHO, HIPAA, HCFA, Title 22,
security principles, guidelines, and standard practices.