Enterprise Privacy Information Security Analyst

Welcome! We're excited you're considering an opportunity with us! To apply to this position and be considered, click the Apply button located above this message and complete the application in full. Below, you'll find other important information about this position.This position is responsible for access auditing for privacy and security compliance as well as development, testing, implementation and maintenance of auditing software and interfaces. This position also collaborates with all affiliated management staff, other privacy and information security team members, and leadership to assure compliance with federal and state privacy and security regulations including HIPAA, HITECH, and other privacy and security laws, and the organizations privacy and information security policies and procedures.

MINIMUM QUALIFICATIONS:

EDUCATION, CERTIFICATION, AND/OR LICENSURE:

1. Associates Degree in Health Information Technology, Health Information Management, or relevant discipline.

EXPERIENCE:

1. Two (2) years' experience working with systems applications including design, testing, troubleshootingANDTwo (2) years' experience in Health Information Management setting.

PREFERREDQUALIFICATIONS:

EDUCATION, CERTIFICATION, AND/OR LICENSURE:

1. Bachelor's Degree in Information Technology, Health Information Technology or relevant discipline.

2. Registered Health Information Technician (RHIT) certification.

3. CHDS (AHIMA's Certified Healthcare Documentation Specialist) credential within one (1) year preferred.

CORE DUTIES AND RESPONSIBILITIES: The statements described here are intended to describe the general nature of work being performed by people assigned to this position. They are not intended to be constructed as an all-inclusive list of all responsibilities and duties. Other duties may be assigned.

1. Responsible for managing privacy and information security program projects.Coordinates department activities.

2. Provides coordination and general support of privacy and information security metrics and reporting, including running, distributing and creating reports and troubleshooting data anomalies.

3. Coordinates and maintains the incident management system, including master data file maintenance, managing user security, monitoring and triaging new matters, and managing intake and hotline incidents.

4. Documentation and data quality review of privacy and information security investigations and initiatives; coordination, implementation, and general support of training and program effectiveness, projects and core team functions, including development and maintenance of web and collaboration sites.

5. Develops, conducts, and coordinates periodic internal and external risk assessments and monitors key elements of the privacy and information security program, including the use of privacy monitoring software applications.

6. Performs general control reviews for applications, systems, security, and operation audits including staff, referring MD access, and "Break the Glass: functionality within all interfaced systems.

7. Responsible for documentation, including risk assessment, of every identified privacy or security concern.

8. Assists departments with data analysis of privacy and security logs, using audit software, when necessary.

9. Facilitates annual risk assessment using auditing software and coordinates the development of any remediation plans as requested.

10. Provides assistance to departments regarding compliance with government regulations, when requested.

11. Responsible for receiving, documenting, tracking, investigating and taking action on all concerns for patient privacy and security.

12. Conducts physical audits.

13. Assists with process improvement for any identified concerns.

14. Communicates directly with leadership and Human Resources to facilitate and assure investigation and timely resolution of issues.

PHYSICAL REQUIREMENTS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

1. Ability to sit for prolonged periods of time.

2. Has finger dexterity and complete use of hands, arms, and feet.

3. Endures excessive standing, bending or stooping.

WORKING ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

1. Familiarity with applications to be supported.

2. Standard Office Environment and Equipment.

3. Moderate level of adversity in working conditions 21-50% of working time.

SKILLS AND ABILITIES:

1. Strong professional interpersonal skills.

2. Working Knowledge of HHS, OCR, and TJC regulations - privacy and security laws and regulations.

3. Ability to maintain a high level of confidentiality.

4. Good verbal/written and interpersonal skills; basic mathematical skills.

5. Proven ability to follow through, meet deadlines, anticipate requirements, and build relationships.

6. Strong analytical, statistical, decision-making, and problem-solving skills.

7. Must be able to work collaboratively as a team environment with minimal supervision.

8. Excellent written and verbal communication skills with the ability to build effective working relationships with all levels of internal and external constituencies.

9. Advanced level of computer and application competency including Excel, PowerPoint, Word, and relational database management systems.

10. Strong ability to use reporting tools, tracking systems and databases

11. General knowledge of state and federal laws and regulations that apply to privacy and information security.

12. Good teamwork abilities and participation skills.

Additional Job Description:

Scheduled Weekly Hours:

40

Shift:

Day (United States of America)

Exempt/Non-Exempt:

United States of America (Exempt)

Company:

SYSTEM West Virginia University Health System

Cost Center:

537 SYSTEM HIM Privacy