Information Security Analyst
Company: Wyoming Medical Center
Posted on: February 4, 2019
The Analyst, along with the Compliance / Privacy Officer, is also responsible for the oversight and management of all activities related to the development, implementation, and maintenance of, and compliance with, WMC's policies, procedures, and standards governing the privacy, confidentiality, and security of all individually identifiable health information in compliance with HIPAA, the Department of Health and Human Services (DHHS) regulations implementing HIPAA, particularly the HIPAA privacy regulations, and other state and federal laws, professional ethics, and accreditation standards protecting the confidentiality and privacy of individuals and their health and other information, such as financial information. The Analyst's duties include training in and disseminating of security policies and practices, and planning for timely resumption of access to information in the event of a serious disruption.
- The employee shall comply with all safety and health standards, and all rules, regulations, and orders which are applicable to the individual's own position, actions, and conduct.
- Serves as a member of the Compliance committee to bring and maintain WMC into overall compliance with HIPAA. Oversees / conducts gap analysis and risk analysis.
- Assists management in the strategic planning of information security policies and procedures. Works with management, department heads, the compliance officer, risk management, quality assurance, human resources, the legal department, and the privacy officer to ensure compliance with security and privacy regulations and state and federal laws protecting patient confidentiality and privacy.
- Provides knowledge and best practice information to Compliance committee, work groups, and other structures charged with oversight of the entity's security and privacy program.
- Works with the privacy officer to ensure appropriate coordination between the facility's security program and its privacy program.
- Monitors entity operations and systems for security compliance. Reports to management on the status of security compliance.
- Revises the security program as necessary to comply with changes in the law, regulations, professional ethics, and accreditation requirements and / or as necessary because of changes in patient-client mix, business operations, the overall health care climate, or other factors.
- With other personnel such as management, the legal department, and related parties, represents the entity's security interests with external parties who may influence or attempt to enact or modify security protections, to ensure that such potential changes in laws or regulations do not unnecessarily adversely affect the entity.
- Reviews the security features of existing and new computer systems to ensure that they meet the security requirements of existing policies. Reviews and proposes changes to existing policies and procedures that reflect the existing requirements of the systems to which they apply.
- Provides information on WMC security policies and practices for employees and others with access to health information. Prepares and publishes papers / articles on good security practices for WMC employees and others. Ensure that training conforms to existing policies and procedures.
- In coordination with key personnel, develops and implements the following plans: disaster plan, emergency mode operation plan, backup plan, physical security plan, personnel security plan, access policies, and others. Tests and revises plans and policies as necessary to ensure data integrity, confidentiality, and availability.
- Ensures that personnel have uninterrupted access to critical patient information in the event of a power outage, natural or manmade disaster, or other disruption.
- Performs internal audits of data access and use to detect and deter breaches.
- Receives reports of security breaches, take appropriate action to minimize harm, investigates breaches, and make recommendations to management for corrective action.
- Maintains awareness of changes in security risks, security measures, and computer systems.
- Maintains and applies detailed knowledge about information technology, medical records and other medical information, patient privacy and confidentiality, and release of information.
- Communicates and works with all disciplines and departments, such as management, medical staff, information systems specialists, financial managers, state and federal agency officials, as well as with patients, clients, and any other individuals for whom WMC maintains or transmits individually identifiable health information.
Keywords: Wyoming Medical Center, Casper , Information Security Analyst, Professions , Casper, Wyoming
Didn't find what you're looking for? Search again!