Security Compliance Specialist- EU or US

The Security Compliance Specialist is a strategic role with DeepHealth’s Quality, Regulatory, and Compliance department, responsible for developing, implementing, and maintaining comprehensive security compliance strategies. This position is critical in protecting organizational data, ensuring regulatory adherence, and mitigating potential security risks in the complex digital health landscape.

ESSENTIAL DUTIES AND RESPONSIBILITIES

As the Security Compliance Specialist, this position will work with the Information Security Officer to:

Security Compliance Strategy:

• Develop and implement holistic security compliance programs

• Create comprehensive risk management frameworks

• Design and maintain security policies, procedures, and guidelines

• Continuously assess and update security strategies

• Ensure alignment with organizational objectives and regulatory requirements

Regulatory Compliance:

• Ensure compliance with complex regulatory standards including, but not limited to:

o HIPAA

o GDPR

o CCPA

o ISO 27001

o HITRUST

• Conduct thorough risk assessments and vulnerability evaluations

• Prepare detailed compliance reports and documentation

• Support external and internal audit processes

• Track and implement regulatory changes

Technical Security:

• Perform comprehensive security vulnerability assessment

• Develop and implement security control frameworks

• Monitor and analyze security incidents and breaches

• Design and conduct security awareness training programs

• Manage access control and identity management systems

• Evaluate and recommend security technologies and solutions

Incident Response and Management:

• Develop and maintain incident response plans

• Coordinate rapid and effective responses to security incidents

• Conduct pos-incident analysis and implement preventive measures

• Maintain detailed incident documentation and reporting

Interdepartmental Collaboration:

• Work closely with IT, Legal, Compliance, and Clinical teams

• Provide security guidance and recommendations

• Facilitate cross-functional security awareness and training

• Support technology implementation and security best practices

PLEASE NOTE: This is not an exhaustive list of all duties, responsibilities and requirements of the position described above. Other functions may be assigned and management retains the right to add or change duties at any time.

MINIMUM QUALIFICATIONS, EDUCATION AND EXPERIENCE

• Bachelor’s degree in a medical/pharma/science field (or equivalent level of practical technical experience in radiology).

• At least 3 years working experience as a radiographer/application specialist/technologists/RIS/PACS Administrator

• Advanced clinical knowledge on diagnostics is preferred.

• Proficiency in advanced visualization software and knowledge of radiology workflows.

• Ability to support customer success, sales, and marketing initiatives from a clinical perspective.

• Strong relationship-building skills.

• Strong attention to detail.

• Ability to work independently (home office) and as a team player.

• Proven ability to build and maintain influential customer relationships.

• Superb verbal and written presentation and communication skills.

• Demonstrated ability to prioritize and balance multiple priorities and projects

• Customer-centric mindset with a drive for understanding customer needs.

• Collaborative approach partnering with the commercial, implementation, operation, support, and product teams for clinical success.

• Goal-oriented mindset combined with resilience in the face of setbacks.

• Strong interpersonal skills to engage with various stakeholders.

• Effective educator, capable of training demanding customers.

• Intrinsic motivation to Deep Health products for healthcare improvement.

QUALITY STANDARDS

• Communicates, cooperates, and consistently functions professionally and harmoniously with all levels of supervision, co-workers, patients, visitors, and vendors.

• Demonstrates initiative, personal awareness, professionalism and integrity, and exercise confidentiality in all areas of performance.

• Follows all local, state and federal laws concerning employment to include but not limited to: I-9, Harassment, EEOC, Civil rights and ADA.

• Follows OSHA regulations, RadNet and site protocols, policies and procedures.

• Follows HIPAA, compliance, privacy, safety and confidentiality standards at all times.

• Practices universal safety precautions.

• Promotes good public relations on the phone and in person.

• Adapts and is willing to learn new tasks, methods, and systems.

• Reports to work regularly as scheduled; consistently punctual with respect to working hours and lunch schedules, and maintains satisfactory personal attendance in accordance with RadNet guidelines.

• Consistently adheres to the time management policies and procedures.

• Completes job responsibilities in a quality and timely manner.

MISSING PHYSICAL REQUIREMENTS

This position requires sitting for an extensive period of time.

Working Environment

This position will have the ability to work remotely.

ACCOMMODATIONS
This position often requires sitting, standing, walking, bending, twisting, reaching with hands and arms, using hands and fingers, handling, or feeling, speaking, listening, and high-level cognitive thinking. Also, must be able to lift up to 10 pounds occasionally.