NCDHHS- PSO IT Security Specialist

Overview

Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 10 month(s)

Skills

Privacy
Electronic Health Record (EHR)
Health Care
Security Management
HIPAA
HITECH
Firewall
Intrusion Detection
Encryption
Identity Management
Provisioning
Management
Access Control
RBAC
Auditing
Internal Auditing
Incident Management
Risk Management
Reporting
Risk Assessment
Legal
Collaboration
Optimization
IT Security
Cyber Security
Regulatory Compliance

Job Details

NC DHHS - Privacy and Security Office (PSO) requiring services of an Electronic Health Record System IT Security lead to assist DSOHF.

The EHR Security Coordinator is responsible for overseeing and ensuring the security of the organization's Electronic Health Record (EHR) system. This role involves managing access controls, conducting security audits, developing security policies, and ensuring compliance with healthcare regulations such as HIPAA and HITECH. The EHR Security Coordinator will work closely with IT, clinical, and compliance teams to secure patient data and protect the integrity of the EHR system.

Key Responsibilities:

Security Management & Compliance:

Ensure the EHR system is secure and compliant with federal, state, and organizational security policies, including HIPAA, HITECH, and other applicable regulations.

Monitor and enforce the appropriate use of EHR access controls, ensuring that users have the correct level of access based on their roles.

Conduct regular security audits of the EHR system, identifying and mitigating risks or vulnerabilities.

Develop and maintain security policies, procedures, and guidelines specific to the EHR environment.

Coordinate with the stakeholders to implement and maintain security tools, such as firewalls, intrusion detection/prevention systems, and encryption mechanisms, as applicable to the EHR system.

Access Controls & User Management:

Oversee user provisioning and de-provisioning, ensuring appropriate access to the system for all employees and contractors.

Manage and audit role-based access controls (RBAC) for the system, ensuring that users have the correct level of access for their duties.

Ensure that system logs and user access records are maintained for auditing purposes, and work with internal audit teams to ensure compliance.

Incident Response & Risk Management:

Respond to and investigate security incidents related to the EHR system, ensuring timely resolution and proper reporting to relevant stakeholders.

Perform risk assessments on new modules or integrations within the EHR, identifying potential security vulnerabilities and developing mitigation strategies.

Coordinate with clinical, IT, and legal teams on breach notification processes in compliance with regulatory requirements.

Collaborate with the EHR implementation and optimization teams to ensure that security measures are integrated into the deployment of new features, updates, and third-party applications.

Participate in governance and compliance meetings, offering insights and reports on EHR security.

Stay informed about emerging security threats, technologies, and best practices related to EHR systems.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.