Offer summary

Qualifications:

Bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related field., 3-5 years of experience in IT security, preferably within the healthcare industry., Security Certifications (e.g., CISSP, CISM, HCISPP) are highly desirable., Strong understanding of EHR systems and healthcare regulations, including HIPAA and HITECH..

Key responsabilities:

Oversee and ensure the security of the organization's Electronic Health Record (EHR) system.

Conduct regular security audits and manage access controls to ensure compliance with healthcare regulations.

Respond to and investigate security incidents related to the EHR system, ensuring timely resolution.

Collaborate with IT, clinical, and compliance teams to secure patient data and protect the integrity of the EHR system.

Job description

This candidate will be allowed to work remotely. All remote work must be completed in the United States. The contractor may be required to come onsite in Raleigh, NC, or to different healthcare facilities, as requested/needed for meetings. Candidate must work EST business hours. **

Our direct client has an opening for a Security Engineer w/ Healthcare Exp position # 750759. This position is for 12+ months, with option of extension, and will be worked remote – contractor may be required to be on-site in Raleigh, NC, as requested/needed for meetings. Candidate must work EST business hours.

If You Are Interested, Please Submit The Following

Ypur current resume
Your hourly rate

Description

Below is the job description – Resumes due ASAP –

The EHR Security Coordinator is responsible for overseeing and ensuring the security of the organization's Electronic Health Record (EHR) system. This role involves managing access controls, conducting security audits, developing security policies, and ensuring compliance with healthcare regulations such as HIPAA and HITECH. The EHR Security Coordinator will work closely with IT, clinical, and compliance teams to secure patient data and protect the integrity of the EHR system.

Key Responsibilities

Security Management & Compliance:

Ensure the EHR system is secure and compliant with federal, state, and organizational security policies, including HIPAA, HITECH, and other applicable regulations.
Monitor and enforce the appropriate use of EHR access controls, ensuring that users have the correct level of access based on their roles.
Conduct regular security audits of the EHR system, identifying and mitigating risks or vulnerabilities.
Develop and maintain security policies, procedures, and guidelines specific to the EHR environment.
Coordinate with the stakeholders to implement and maintain security tools, such as firewalls, intrusion detection/prevention systems, and encryption mechanisms, as applicable to the EHR system.

Access Controls & User Management

Oversee user provisioning and de-provisioning, ensuring appropriate access to the system for all employees and contractors.
Manage and audit role-based access controls (RBAC) for the system, ensuring that users have the correct level of access for their duties.
Ensure that system logs and user access records are maintained for auditing purposes, and work with internal audit teams to ensure compliance.

Incident Response & Risk Management

Respond to and investigate security incidents related to the EHR system, ensuring timely resolution and proper reporting to relevant stakeholders.
Perform risk assessments on new modules or integrations within the EHR, identifying potential security vulnerabilities and developing mitigation strategies.
Coordinate with clinical, IT, and legal teams on breach notification processes in compliance with regulatory requirements.

Collaboration & Coordination

Collaborate with the EHR implementation and optimization teams to ensure that security measures are integrated into the deployment of new features, updates, and third-party applications.
Work closely with other members of the IT security team to ensure alignment between EHR security and overall organizational cybersecurity strategies.
Participate in governance and compliance meetings, offering insights and reports on EHR security.

Continuous Improvement

Stay informed about emerging security threats, technologies, and best practices related to EHR systems.
Recommend improvements and optimizations to the EHR security environment based on industry trends and emerging threats.

Qualifications

Education:

Bachelor’s degree in information technology, Computer Science, Cybersecurity, or a related field.
Relevant work experience may substitute for formal education.
Security Certifications (e.g., CISSP, CISM, HCISPP) are highly desirable.

Experience

3-5 years of experience in IT security, preferably within the healthcare industry.
Prior experience with EHR systems is preferred.
Experience with HIPAA compliance, healthcare IT security audits, and risk management.
Knowledge of role-based access control (RBAC), identity management, and data encryption as it relates to healthcare information systems.

Skills

Strong understanding of EHR systems.
Proficient in healthcare regulations and standards, including HIPAA, HITECH, and meaningful use.
Excellent problem-solving and analytical skills.
Strong communication skills, capable of working across departments and with clinical teams.
Ability to manage security incidents and respond to them efficiently.
Familiarity with healthcare IT infrastructure, including networking, firewalls, and database security.

Working Conditions

May require occasional travel to different healthcare facilities within the organization.
On-call availability for security incidents.

Required/Desired Skills

Ability to manage security incidents and respond to them efficiently. - Required - 7 Years
Risk Management - must be able to identify gaps through risk management, and assist in the development of mitigation strategies. - Required - 7 Years
5-7 years of experience in IT security, preferably within the healthcare industry. - Required - 7 Years
Experience updating privacy and security policies based on gaps found through an assessment process. - Required - 7 Years
Experience performing risk assessments based on NIST 800-53 Rev 4. HIPAA, SSA, and IRS Pub 1075. - Required - 7 Years
Knowledge of role-based access control (RBAC), identity management, and data encryption as it relates to healthcare information systems. - Required - 7 Years
Proficient in healthcare regulations and standards, including HIPAA, HITECH, and meaningful use. - Required - 7 Years
Excellent problem-solving and analytical skills. - Required - 7 Years
Experience documenting vulnerability assessment results in an accurate, clear, actionable, and available way to appropriate personnel - Required - 7 Years
Familiarity with healthcare IT infrastructure, including networking, firewalls, and database security. - Required - 7 Years
Strong communication skills, capable of working across departments and with clinical teams. - Required - 7 Years

By replying to this job advertisement, I agree I want to receive additional job advertisements from Focused HR Solutions, including email, phone and mail to the contact information I am submitting. I consent to Focused HR Solutions, its affiliates, third parties and partners processing my personal data for these purposes and as described in the Privacy Policy. I understand that I can withdraw my consent at anytime.

Required profile