Role Description
The Info Sec Healthcare Data Privacy and Audit Analyst is responsible for a wide range of Healthcare specific audit/compliance related workflows. Specific areas of audits include:
• Data privacy of Epic medical records
• Litigations
• Reactive auditing
• Clinical workflows specific to the healthcare industry
• Ediscovery areas such as badge access in OR's and/or paging access
Key responsibilities include:
• Conducting proactive and reactive audits
• Documenting assessments, variances, findings, and remediation plans in Archer
• Maintaining knowledge of applicable federal and state privacy laws and accreditation standards
• Monitoring advancements in information privacy and security technologies
• Conducting information security research to stay updated on security issues
• Using Emory Healthcare values to govern decisions, actions, and behaviors
• Performing other duties as assigned
Qualifications
• Healthcare industry experience in an IT Audit/Compliance job function (preferred)
• Bachelor's degree (B.A. / B.S.) or equivalent from an accredited college or university required
• 3-5 years of experience in IT/IS
• 3-5 years of experience with information security risk analysis, security risk configuration development, or information security audit
• Demonstrated understanding of common healthcare technology implementation architectures
• Familiarity with HIPAA, GDPR, HITECH, and other information security and privacy regulatory requirements (a plus)
• In-depth knowledge of NIST 800-53, ISO 27K, GDPR, PCI-DSS (desirable)
• Any of the following certifications is a plus: ITIL, CISSP, HCISSP, CISM, CISA, CIPP, CIPM, CIPT, CPHIMS, PCIP, GSEC, GCIH, GCFE, GCFA, CEH, GPEN, PM
• A combination of education and analogous experience may be substituted for some requirements
Requirements
• Strong interpersonal skills to effectively communicate with cross-functional teams
• Outstanding time management and organizational skills
• Ability to work under required guidelines and deliver on business/project requirements
• Professional demeanor when working with team members and staff
• Comfortable working in a dynamic environment with multiple work streams, goals, and objectives
• Ability to recommend project-related task prioritization to ISPO leadership team
• Excellent vocabulary, written and verbal communication skills
• Understanding of Windows, Unix/Linux operating systems, security administration, virtualization, and TCP/IP networking concepts
• Ability to work independently with minimal supervision
• Strong problem-solving and negotiation skills
• Ability to effectively conduct meetings, both formal and informal
• Requires minimal direction from leadership and possesses the ability to learn quickly
Benefits
• Comprehensive health benefits that start day 1
• Student Loan Repayment Assistance & Reimbursement Programs
• Family-focused benefits
• Wellness incentives
• Ongoing mentorship, development, and leadership programs