Serves as the organization’s Chief Information Security Officer (CISO).
Conduct business in compliance with McLeod Health’s Code of Conduct and immediately reports violations to the designated authority and helps investigate alleged wrongdoing.
Interpret applicable federal and state law and regulations to plan audit parameters, determine compliance with such regulations and communicate necessary changes in compliance with regulatory requirements.
Develop and execute a system-wide compliance audit plan, effective tools, and methodologies to ensure data integrity and compliance with federal and state regulations pertaining to healthcare program requirements for information technology security.
Ensure McLeod Health is appropriately monitored for IT security compliance.
Maintain a focus on high-risk areas to determine if appropriate controls are in place to adequately mitigate risks.
Works collaboratively with others across the organization to help resolve areas of identified security risks.
Develop an understanding of the operations, systems processes and procedures used in the areas being audited.
Conduct security audits and review the results then devises appropriate recommendations and corrective action plans.
Manages the performance of subsequent audits to ensure completeness and oversees the execution of corrective action plans.
Work in conjunction with the HIPAA Privacy Administrator on the successful developments, execution, and completion of the annual HIPAA Audit Schedule.
Evaluates the IT threat landscape and devises cybersecurity policy and controls to reduce risk by conduction auditing and compliance initiatives.
Contribute to the development of cyber resiliency to rapidly recover from hacking, security incidents or infringements.
Participate in the development and/or enhancement of an information security management framework.
Develop and deploy continuous cybersecurity training.
Recommend appropriate industry standard policies and procedures and advises on content.
Serves as a security liaison to Network Services.
Generate periodic reports to the Corporate HIPAA Office on the state of IT security compliance.
Job Requirements
Required Qualifications:
Bachelors Degree in business related discipline required.
Preferred Qualifications:
Minimum of five years of healthcare auditing experience preferred.
Be able to demonstrate a competence in performing audits, produce reports, formulate remediation or mitigation plans, and conduction follow-up audits.
Must have project management experience.
Must have proficiency in MS Office applications.
Certification in industry related discipline preferred.
Additional commentary
Physical Requirements: Refer to Occupational Risk Assessment