Sr Privacy Security Analyst- Compliance & Audit Job

Children's Health - Compliance and Internal Audit Careers

Job Number: 51394

Location: Dallas, TX

Date Posted: 4-22-2017

Description:

POSITION SUMMARY:

The Sr. Privacy and Security Analyst oversees corporate personnel’s adherence to the policies and procedures relating to the privacy and security of systems including patient privacy. Additionally, the Sr. Privacy and Security Analyst will work with the Privacy Officer to ensure access to all clinical and research data, and all patient health information (PHI) is in compliance with federal and state laws, accreditation organizations, and Children’s Medical Center Dallas’ (Children’s) information privacy policy and Corporate Compliance procedures. Additionally, the Sr. Privacy and Security Analyst will work with the Information Security Officer, or their designee, to administer departmental polices for Information Services while working under Corporate Compliance guidelines and organizational structure.

JOB PROFILE:

The following describes the basic position duties that an employee MUST be able to perform for this role. This information is intended to be descriptive of the key responsibilities of the position. The list of essential functions below DOES NOT identify all duties performed by any single person in the position.

Requires depth within a specialized, critical discipline and/or breadth of substantive professional knowledge that crosses disciplines within the professional field

Interprets internal/external business challenges and recommends best practices to improve products, processes or services

May lead functional teams or projects with moderate resource requirements, risk, and /or complexity

Leads others to solve complex problems; uses sophisticated analytical thought to exercise judgment and identify innovative solutions

Impacts the achievement of customer, operational, project or service objectives; work is guided by functional policies

Works independently, with guidance in only the most complex situations

Communicates difficult concepts and negotiates with others to adopt a different point of view

JOB SPECIFIC RESPONSIBILITIES:

Risk Analysis and Field Assessment on Existing Systems

Respond to Security or Privacy incidents to prevent or reduce loss of PHI

Draft or update internal policies and procedures

Work within WebSense Enterprise v 6.2+ Internet Monitoring Software based on predication

Work within Ironport e-mail monitoring software looking for outbound PHI

Perform on-site workstation, HIPAA, EOC audits and document for matrices

Perform Photographic Release and Medical Record audits from office location and document

Update monthly departmental (HIPAA/Security) matrices for reporting to upper management

Create/Manage accounts within Medelearn physician CBT system (based at UTSW)

Perform the HIPAA Privacy lecture and assist in testing personnel during NEO day 2

Maintain hard copy filing system containing investigative data

Maintain HIPAA@Childrens website

Handle HIPAA Hotline issues

Change/reset Novell passwords, as needed, during Security portion of NEO day 2

Attend the Corporate Compliance Working Group meetings (new)

EXPERIENCE:

5-7 years’ experience in a complex network environment preferably in a hospital required

Experience utilizing forensic software, firmware and hardware required

Basic to moderate experience in performing electronic forensic investigations preferred

Experience in documentation following the chain of evidence required

EDUCATION:

Bachelor’s degree in Computer Science or equivalent discipline or combination of schooling and equivalent experience required

LICENSES and CERTIFICATIONS:

Certified Novell Administrator required

Certification in Healthcare Privacy required

Certification in Information Security required

Certified Information Security Manager (CISM) preferred

Specific Knowledge, Skills and Abilities:

Maintain effectiveness when experiencing major changes in work responsibilities or environment; adjust effectively to work within new work structures, processes, requirements, or cultures.

Use appropriate interpersonal styles to establish effective relationships with customers and internal partners; interact with others in a way that promotes openness and trust and gives them confidence in one's intentions.

Meet patient and patient family needs; take responsibility for a patient's safety, satisfaction, and clinical outcomes; use appropriate interpersonal techniques to resolve difficult patient situations and regain patient confidence.

Ensure that the customer perspective is a driving force behind business decisions and activities; craft and implement service practices that meet customers' and own organization's needs.

Develop and use collaborative relationships to facilitate the accomplishment of work goals.

Identify and understand issues, problems, and opportunities; compare data from different sources to draw conclusions; use effective approaches for choosing a course of action or developing appropriate solutions; take action that is consistent with available facts, constraints, and probable consequences.

Take prompt action to accomplish objectives; take action to achieve goals beyond what is required; be proactive.

Deal effectively with others in an antagonistic situation; use appropriate interpersonal styles and methods to reduce tension or conflict between two or more people.

Effectively manage one's time and resources to ensure that work is completed efficiently.

Accomplish tasks by considering all areas involved, no matter how small; showing concern for all aspects of the job; accurately checking processes and tasks; being watchful over a period of time.

Set high standards of performance for self and others; assume responsibility and accountability for successfully completing assignments or tasks; self-impose standards of excellence rather than having standards imposed.

Assimilate and apply new job-related information in a timely manner.

Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.


Back to top