Tandigm Health, LLC is a value based population health organization. We engage our physician network by aligning economics and rewarding them for the value of the care they provide rather than for the volume of services. We enable our physicians with innovative tools, actionable data, expert training and education, and clinical delivery support. We empower our physicians by building community-oriented care delivery systems that facilitate collaboration across the continuum of care.
At Tandigm you will find a culture where all Teammates have the opportunity to collaborate in an energized, multi-disciplinary work environment focused on improving patient outcomes and enabling our staff to do some of the most rewarding work of their careers.
The Vice President and Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This position provides leadership as well as oversees the day to day operations and activities related to the creation and delivery of security projects and services to Tandigm Health. He/she works in close collaboration with Tandigm Healthâs leaders to develop and maintain the information security strategy, tools and operations across the enterprise. Key components of this role include:
Program Management and Governance
- Builds a strategic and comprehensive information security program that defines, develops, implements and maintains processes that enable consistent and effective information security practices.
- Develops and implements policies and procedures related to security of data and wireless networks, applications, databases and telecommunications; health information security and privacy compliance; business continuity; risk management; and incident response.
- Researches and recommends appropriate hardware and software to implement and maintain health information privacy and security.
- Evaluates security trends, evolving threats, risks and vulnerabilities; implements tools to mitigate risk as necessary.
- Oversees periodic monitoring and reviewing of audit records to ensure that activity is appropriate; includes but is not limited to logons and logoffs, file accesses, updates, edits and printing.
- Serves as information security consultant to all departments for all data security related issues.
Compliance
- Works closely with the Tandigm Vice President, Information Systems and Technology and Director, & Compliance to ensure alignment between technology, security, privacy, and compliance programs.
- Identifies and prioritizes security initiatives and standards to address and maintain the confidentiality, integrity and availability of data.
- Responsible for information security risk assessments, analysis, mitigation and remediation; conducts audits to identify vulnerabilities.
- Establishes and maintains administrative, technical and physical safeguards to protect electronically stored protected health information (ePHI).
- Monitors and reviews logs of application systems and network activities for possible unauthorized intrusion.
- Develops and delivers security awareness training to Tandigm Teammates at all levels relative to the privacy and security of health information.
- Ensures organization has audit controls in place to monitor activity on electronic systems that contain or use electronic protected health information (ePHI).
Investigative
- Establishes and maintains a process for security incident investigation and response.
- Oversees vulnerability analysis, monitoring, intrusion detection/incident response, security assessments and security consulting.
Vendor Management
- Participates in the development, implementation, and ongoing compliance monitoring of all business associates, to ensure security risks, requirements, and responsibilities are addressed.
- Consistently exhibits behavior and communication skills that demonstrate Tandigmâs commitment to superior customer service, including quality, care and concern with internal and external customers.
- Performs additional duties as assigned
EDUCATION/CERTIFICATIONS/AFFILIATIONS:
- Bachelorâs degree in Information Systems, Computer Science or a related healthcare field required. Advanced degree in Computer Science, Information Security or a related field desired.
- Certified Information Systems Security Specialist (CISSP) certification and/or other healthcare industry related security credentials.
EXPERIENCE:
- Fifteen years progressive experience in health information security management, health information management, information systems and/or health risk management is required.
KNOWLEDGE, SKILLS, ABILITIES:
- Advanced knowledge of Information Security and Digital Forensics principles.
- Experience with common security and privacy legislation (e.g. HIPAA, PCI-DSS, etc.).
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, The IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
- Skilled at administering and maintaining firewalls, network access control, vulnerability assessment, endpoint encryption, anti-virus / anti-malware management, endpoint application control, host-based intrusion detection systems, digital forensic platforms, and Security Information and Event Management (SIEM), and security awareness platforms.
- Strong knowledge of Cloud technology and Software as a Service (SAAS) models.
- Skilled at problem-solving and performing analysis while under stress.
- Ability to organize and prioritize multiple simultaneous work activities to utilize time efficiently and meet objectives. Strong technical writing and communications/presentations skills.
- Strong organization, planning, and people skills. Skilled at learning new technologies in a short amount of time.
- Knowledgeable and up-to-date on the ever-evolving threat landscape.
Come see why Modern Healthcare voted us as a top place to work… again !
Find one job in US 