Organization:

SHSO-Sutter Health System Office-Valley

Position Overview:

Manages the Sutter Health's information security and risk management functions while managing the actions of the privacy and information risk management team. Develops, implements, and monitors Sutter Health's vendor management program activities, including actions related to risk management, due diligence, contract provisions, vendor reviews, and requirements. Supervises and monitors periodic risk assessments and key elements of the vendor management program. Oversees technical security-related research and analysis and translates the results into meaningful input for Privacy and Information Security leadership to ensure effective coordination of privacy and security activities. Ensures adherence to applicable federal and state regulations. Establishes and/or reviews information security policies, procedures, standards, and guidelines to support Sutter Health business initiatives in alignment with regulatory requirements, security best practices, and evolving technologies.

Job Description :

EDUCATION:

Equivalent experience will be accepted in lieu of the required degree or diploma.

Bachelor's: Computer Science, Forensics, Healthcare Informatics, Health Information Management, Information Technology, Risk Management, or related field or equivalent education/experience

CERTIFICATION & LICENSURE:

CISSP-Certified Information Systems Security Professional within 1 Year of hire

CHPC-Certified in Healthcare Privacy Compliance within 1 Year of hire

CISM-Certified Information Security Manager within 1 Year of hire

TYPICAL EXPERIENCE:

8 years recent relavant experience

SKILLS AND KNOWLEDGE:

Well defined understanding of risk management from a technology perspective, including detailed knowledge of current hardware, software, and database technologies used for privacy and information security risk management in a healthcare system, including firewalls, encryption, intrusion detection, and other tools.

Solid understanding of current privacy and security policies including applicable state and federal regulations related to Protected Health Information such as National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act (HIPAA/HITECH), Federal Information Procession Standards (FIPS), and other industry related security standards, regulations, and best practices.

Working knowledge of management of an effective privacy program, including training, monitoring, conducting and documenting investigations, addressing violations, and monitoring corrective actions.

Developed project management skills, including the ability to initiate, plan, execute, and control activities to meet requirements and timelines of regional and system-wide initiatives or projects potentially impacted by new or changing regulations.

Business acumen and advanced analytic skills, with the ability to collect data, analyze information, reach practical conclusions, recommend corrective actions, resolve conflicts, and institute effective changes.

Attention to detail, superior problem solving and strategic planning skills the ability to analyze data, identify trends, provide insights to staff and affiliates, and recommend creative and actionable solutions in challenging situations.

Exceptional communication (written/verbal), interpersonal, and presentation skills to explain complex technical or sensitive information clearly and professionally to diverse audiences and all levels of internal and external constituencies.

Proficient computer skills and competency in related software applications for presentations, spreadsheets, and word processing including Microsoft Office Suite (Excel, Power Point, Word, and Project) and relational database management systems.

Manage people, cross-functional teams, and organizational dynamics while overseeing and prioritizing multiple projects simultaneously in a a dynamic and challenging environment.

Work independently, as well as part of a multidisciplinary team, while demonstrating organization skills to efficiently and effectively conduct reviews and assessments within established time-frames and government regulations.

Identify and resolve technical, operational and organizational problems using policies, procedures and department plans.

Foster a collaborative environment, to influence individuals or groups with diverse opinions and to enlist cooperation without direct control/authority.

Negotiate effectively with staff, internal departments, senior management, injured employees, external agencies, and organizations.

Maintain strict confidentiality and ensure the privacy of each patient’s protected health information (phi) as well as the confidentiality of all privacy and risk management data.

Build collaborative relationships with peers, other departments, stakeholders, and external agencies, to achieve regulatory and accreditation compliance.

Job Shift :

Days

Schedule :

Full Time

Shift Hours:

8

Days of the Week:

Monday - Friday

Weekend Requirements:

None

Benefits:

Yes

Unions:

No

This position is work from home eligible.

Position Status:

Exempt

Weekly Hours:

40

Employee Status:

Regular

Number of Openings:

1

Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

Pay Range is $62.95 to $94.42 / hour

The salary range for this role may vary above or below the posted range as determined by location. This range has not been adjusted for any specific geographic differential applicable by area where the position may be filled. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, department equity, training and organizational needs. Base pay is just one piece of the total rewards program offered by Sutter Health. Eligible roles also qualify for a comprehensive benefits package.

All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, marital status, sexual orientation, registered domestic partner status, sex, gender, gender identity or expression, ancestry, national origin (including possession of a driver's license issued to individuals who did not present proof of authorized presence in the U.S.), age, medical condition, physical or mental disability, military or protected veteran status, political affiliation, pregnancy or perceived pregnancy, childbirth, breastfeeding or related medical condition, genetic information or any other characteristic made unlawful by local, state, or federal law, ordinance or regulation. External hires must pass a background check/drug screening. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with Federal, state, and local laws, including but not limited to the San Francisco Fair Chance Ordinance.