HIPAA SME/Technical Analyst – R6487-2603
Chickasaw Nation Industries
This job was posted by https://okjobmatch.com : For more information,
please see: https://okjobmatch.com/jobs/3185389 Its fun to work in a
company where people truly BELIEVE in what theyre doing!
Were committed to bringing passion and customer focus to the business.
SUMMARY
The HIPAA Subject Matter Expert supports the Health and Human Services
(HHS), Office for Civil Rights (OCR) promoting the right to access
health information and protection of the privacy and security of this
information. These highly trained and highly skilled consultants and
analysts are integral to the success and performance of OCR and to
further OCRs mission.
ESSENTIAL REQUIREMENTS
Preference will be given to candidates with relevant industry
certifications from CISSP, CISM, CIPP/CIPT/CIPT. Ten (10) years of
relevant cybersecurity experience is preferred.
KEY DUTIES AND RESPONSIBILITIES
Essential duties and responsibilities include the following. Other
duties may be assigned.
Reviews security and privacy complaints, data breach notification and
cybersecurity incident reports and other correspondence and evidence to
determine whether complaints, self-reported breaches or breach
notification reports indicate non-compliance with the HIPAA Security
Rule. Reviews data provided by the healthcare organizations across the
nation to assess the overall impact of security and privacy incidents.
Evaluates and determines the technical sufficiency of submissions from
HIPAA covered entities and business associates in response to data and
documentation requests (i.e. Assessing reports related to security
baselines, penetration tests, vulnerability assessments, and digital
forensics).
Documents processes, standard operating procedures and system
requirements; develops reports summarizing the analysis along with
formulating recommendations for OCR to consider for future action.
Develops written reports with technical security analyses, summaries,
and
recommendations for action, reports on root causes of problems,
efficiency, and support needs.
Provides expertise in the development and evaluation of health
information privacy policies and technologies, specifically regarding
protected health information; deidentified/re-identified health
information; limited data sets.
Provides subject matter expert analysis, evaluation, and recommendations
based on national security standards (NIST), industry best practices
from the International Organization for Standardization and
implementation specifications of the HIPAA Security Rule.
Provides DIN designing, implementing, and managing information security,
data protection, and risk management programs, including policies,
procedures, and controls for protected health information based on HIPAA
requirements.
Provides advisory expertise in the areas of risk analyses, vulnerability
assessments, incident response, security architecture, physical
security, business continuity and disaster recovery, enterprise
mobility, threat intelligence and analysis, security awareness and
online safety, and resolution of highly complex security projects and
issues.
Works well with programmers, developers, content managers, and other key
personnel in an interactive development situation.
Aids in own self-development by being available and receptive to all
training made available by the company.
Plans daily activities within the guidelines of company policy, job
description and supervisors instruction in such a way as to maximize
personal output.
EDUCATION/EXPERIENCE
Minimum educational experience is a Bachelors degree from an
accredited university with the focus on Cybersecurity, Computer Science,
Information Sciences, or other comparable fields of Study.
JOB SPECIFIC KNOWLEDGE/SKILLS/ABILITIES
Fundamental knowledge of basic systems analysis.
Knowledge of a broad range of relevant computer systems, applic tions,
and/or related equipment.
Knowledge of computer security procedures and protocol.
Basic knowledge of advanced operating system, network, or application
management tasks.
Knowledge of current technological developments/trends in area of
expertise.
Knowledge of federal copyright laws as they pertain to the use of
computer software.
Ability to integrate emerging technologies and applications into current
environment and to identify technical specifications to meet user needs
including operating system and network or application configuration.
Ability to identify technical specifications to meet user needs
including operating system and network or application configuration.
Skills in planning, organizing, and adapting within a multi-tasking
environment.
Strong interpersonal skills, flexibility, and customer service
orientation.
Ability to gather facts and data for technical proposals and to expand
upon them or develop alternatives and to evaluate emerging technologies
and identify their potential impact within the existing environment.
Ability to evaluate emerging technologies and identify their potential
impact within the existing environment.
Abil