CasperRecruiter Since 2001
the smart solution for Casper jobs

Director of Information Security

Company: Wyoming Medical Center
Location: Casper
Posted on: September 9, 2019

Job Description:

In compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and good security practice, Wyoming Medical Center is responsible for appointing a health information security director. The Director of Information Security is responsible for developing and monitoring practices to ensure that WMC's health information is secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion.

The Director, along with the Chief Compliance / Privacy Officer, is also responsible for the oversight and management of all activities related to the development, implementation, and maintenance of, and compliance with, WMC's policies, procedures, and standards governing the privacy, confidentiality, and security of all individually identifiable health information in compliance with HIPAA, the Department of Health and Human Services (DHHS) regulations implementing HIPAA, particularly the HIPAA privacy regulations, and other state and federal laws, professional ethics, and accreditation standards protecting the confidentiality and privacy of individuals and their health and other information, such as financial information. The Director of Information Security is responsible for the design, oversight, and ongoing management of the information security program including policies, procedures, technical systems, and workforce training in order to maintain the confidentiality, integrity, and availability of data within all of the company's information systems.

Duties and Responsibilities:

  • The employee shall comply with all safety and health standards, and all rules, regulations, and orders which are applicable to the individual's own position, actions, and conduct.
  • Function as the Company's Security Officer for regulatory and compliance purposes
  • Draft, implement, manage, and enforce security policies and procedures related to PHI.
  • Ensure the ongoing integration of information security with business strategies and privacy requirements.
  • Work with Chief Compliance Officer and Chief Information Officer for ongoing optimal application of technology functionality to protect regulated data.
  • In collaboration with the Chief Compliance Officer, lead information security awareness and training initiatives to educate workforce about policies, procedures, and information risks.
  • Manage internal and third party security risk assessment analysis processes and remediation including creation of the risk mediation plan.
  • Manage gap analyses and prioritization of gap closure. Respond to risk assessments of members and other participants:

    • Identify process improvements
    • Update standard answers to questions posed by participants
    • Review security surveys including SOC Reports from Vendors

    • Create an information security risk mitigation plan based on risk assessments with input from relevant staff.
    • Perform ongoing security audits to assess effectiveness of policies, procedures, and Information Systems security safeguards.
    • Make recommendations to the Chief Compliance Officer and Chief Information Officer regarding the ongoing integration of information security with business strategies and privacy requirements.
    • Work with vendors, outside consultants, business associates, and other third parties to improve information security practices.
    • Lead the security incident response team in prevention, investigation, mitigation, and reporting activities.
    • Work with Human Resources to ensure appropriate sanctions for violations of information security policies.
    • Recommend system enhancements via capital and operating budget planning to keep pace with privacy and security technology advances.
    • Ensure that vendors comply with contractual obligations related to information security.
    • Support continuity planning. Conduct business impact analysis and manage the remediation of issue identified. Conduct annual disaster recovery testing and adopt remediation plan.
    • Support plans for emergency mode of operations (including access to regulated information).
    • Support information and information system recovery and resumption of routine practice operation after an emergency. Coordinate the improvement and implementation of the Emergency Mode operation plan. Update Information Technology items in the Emergency Preparedness Plan.
    • Lead security response team in investigating and developing appropriate responses to complaints and incidents related to information security. Carry out periodic security risk assessments in conjunction with privacy requirements.
    • Manage and perform the security audit program and coordinating action plans for applicable Company departments when necessary to make improvements.
    • Document and maintain all risk analyses and remediation actions taken by to reduce information security risks.
    • Document the processes that lead to regulatory compliance.
    • Document the links between technical solutions and security policies.
    • Manage retention of performance improvement activity documentation for security functions and compliance responsibilities.
    • Coordinate security survey regulatory activities and participate in accreditation surveys with external survey bodies.
    • Maintain current knowledge of federal and state privacy and security laws and regulations and industry best practices (e.g., NIST, ISO).
    • Serve as a security resource to executive management, employees, business associates, and external bodies such as association members and government agencies.
    • Serves as a member of the Compliance committee to bring and maintain WMC into overall compliance with HIPAA.
    • Communicates and works with all disciplines and departments, such as management, medical staff, information systems specialists, financial managers, state and federal agency officials, as well as with patients, clients, and any other individuals for whom WMC maintains or transmits individually identifiable health information.
    • Accountable for successful achievement of organizational goals.
    • Successfully completes leadership training and demonstrates competency in leadership.
    • Performs other duties as assigned.


      • --- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Intrusion Analyst (CIA) certification is required within 12 months of hire.
      • --- An industry-recognized security certification, such as Certified Information Systems Auditor (CISA), is required.
      • --- Proven understanding of health care regulatory standards (HIPAA privacy and security rules) is required.
      • --- Demonstrated knowledge of general IT controls (e.g. access controls, risk management, change management) and related information security policies and procedures is required.
      • --- A minimum of three years' experience providing information security to a complex entity is preferred.

Keywords: Wyoming Medical Center, Casper , Director of Information Security, Executive , Casper, Wyoming

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Executive Jobs

Sales Management Trainee
Description: If youre looking to start your career with a company that grows their managers and leaders from within the organization, then the Enterprise Management Training Program is for you. Whether you see yourself (more...)
Company: Enterprise Rent-A-Car
Location: Casper
Posted on: 08/18/2019

Director of Retail Operations - Own a Franchise
Description: Directors of Retail Operations:
Location: Casper
Posted on: 08/24/2019

Hospitality Manager
Description: Description : br br Know what it s like to be in the stadium on game day Then you know what it s like to work at Buffalo Wild Wings. It s fun. It s fast-paced. We re at the top of our game and we (more...)
Company: Buffalo Wild Wings
Location: Casper
Posted on: 09/1/2019

Description: Job Description Facility: CASPER Compensation Base: Salaried Compensation Bonus if applicable : Equal Opportunity Employer. Summary - This position provides supervision and motivation to staff and residents (more...)
Company: GeO group
Location: Casper
Posted on: 08/23/2019

Acute Care Service Line Director(RN-MedSurg and Womens Health)
Description: TITLE: ACUTE CARE SERVICE LINE DIRECTOR MedSurg and Womens Health br LOCATION: Casper, WY br xA0 br Would you be interested in living in an area with a historic downtown district with numerous (more...)
Company: Job Juncture
Location: Casper
Posted on: 09/7/2019

Director of Business Development - Own a Franchise
Description: Director of Business Development:
Company: Franchise Career Advisors
Location: Casper
Posted on: 09/15/2019

Director of Information Security
Description: In compliance with the Health Insurance Portability and Accountability Act of 1996 HIPAA and good security practice, Wyoming Medical Center is responsible for appointing a health information security (more...)
Company: Wyoming Medical Center
Location: Casper
Posted on: 09/9/2019

Managing Director of Investment Banking - Own a Franchise
Description: Managing Directors of Investment
Location: Casper
Posted on: 09/11/2019

Regional Vice President of Operations - Own a Franchise
Description: Regional Vice Presidents of Operations:
Company: Franchise Career Advisors
Location: Casper
Posted on: 09/5/2019

Psychiatry Chief Medical Officer (CMO) - Outpatient Clinic - Wyoming-148772
Description: COMPENSATION AND BENEFITS PSYCHIATRY CHIEF MEDICAL OFFICER CMO 300,000 - 335,000 Guaranteed Salary Sign On Bonus and Relocation Full Benefits including a matching retirement plan RESPONSIBILITIES (more...)
Company: Delta Physician Placement
Location: Casper
Posted on: 08/22/2019

Log In or Create An Account

Get the latest Wyoming jobs by following @recnetWY on Twitter!

Casper RSS job feeds