Hours:

Shift Start Time:

Shift End Time:

AWS Hours Requirement:

Additional Shift Information:

Weekend Requirements:

On-Call Required:

Hourly Pay Range (Minimum - Midpoint - Maximum):

The stated pay scale reflects the range that Sharp reasonably expects to pay for this position.  The actual pay rate and pay grade for this position will be dependent on a variety of factors, including an applicant’s years of experience, unique skills and abilities, education, alignment with similar internal candidates, marketplace factors, other requirements for the position, and employer business practices.

Please Note: As part of our recruitment process, you may receive communication from Dawn, our virtual recruiting assistant. Dawn helps coordinate scheduling for screening calls and interviews to ensure a smooth and timely experience. Rest assured, all candidate evaluations and hiring decisions are made by our recruitment and hiring teams.

What You Will Do
This position is responsible for the development, implementation, and ongoing management of security and compliance initiatives and solutions across for SCMG's affiliate physician practices. The position plays a critical role in safeguarding protected health information, mitigating risks, and supporting each physician's practice with a commitment to compliance and organizational excellence.

Required Qualifications

• 5 Years experience with healthcare information security or administration. Experience to include supporting, improving processes, reporting, documenting audits and compliance with internal and external audits.

Preferred Qualifications

• Ambulatory healthcare business knowledge and experience with practice management and/or electronic health record.
• Leadership experience.

Other Qualification Requirements

• Bachelor's degree in healthcare, information security, information systems, or related field; or 4 years of relevant experience in information security, healthcare, or compliance can substitute for degree. - REQUIRED
• Industry-standard HIPAA privacy and security training and/or certification preferred (e.g., CPHIMS, ISACA, ISC2, CompTIA).

Essential Functions

• Education
  Develops and designs SCMG information security education.
  Interact with teams and departments outside SCMG's Privacy and Security team to promote best practices in handling and safeguarding protected health information.
  Assist physician practices in the design and development of a program for information security awareness, training, and education. Incorporate, SCMG supported software in physician practices to ensure adequate HIPAA privacy and security policies are in place.
  Develop, communicate, and maintain standards, procedures, and other documentation (e.g., guidelines, baselines) that support information security policies.
  Communicate and maintain information security policies that support the standard security strategies for physician practices.
  Provide information security advice and guidance to SCMG's independent practices.
• Leadership
  Exercise leadership role with SCMG's Management team with respect to privacy and security in physician practices.
  Serve as a liaison with Sharp Corporate Compliance with respect to privacy practices within physician offices.
  Provide direction to SCMG staff regarding work performance and business operations; mentor junior staff.
  Function as a security process lead to SCMG project teams, guiding effective use of resources to deliver effective solutions.
  Exercise leadership role with internal and external SCMG information security clients.
  Work with SCMG leadership and staff to review existing policies, procedures, and practices and to develop best practices that ensure security of information technologies and systems.
  Keep informed regarding information security and healthcare trends and opportunities afforded by emerging solutions.
• Performance Improvement
  Utilize effective and creative problem-solving techniques within standard information security best practices to develop quality solutions and resolve problems.
  Notice abnormalities and communicate them right away.
  Follow standard work practices and work with the SCMG team to continuously improve standards.
• Risk Management
  Leads SCMG risk management and incident response.
  Design and maintain a systematic and structured information risk management process for SCMG. Identify and periodically evaluate SCMG's information security controls and countermeasures to mitigate risk to acceptable levels. Report significant changes in information risk to appropriate levels of SCMG management for remediation on both a periodic and event-driven basis.
  Provide risk analysis to determine the threats, vulnerabilities, and controls present at our SCMG practices. Provide risk mitigation by working with SCMG system owners and custodians to implement additional controls to bring risk to acceptable levels.
  Guide and manage SCMG security event and incident response situations to ensure the impact is minimized and the lessons learned improve the overall information security posture. Provide oversight for processes for detecting, identifying, analyzing and responding to SCMG information security incidents.
• Security Policy Support
  Assist independent physician practices regarding HIPAA privacy and security to develop their best practices for employee training, security risk assessment and remediation, system downtime procedures, and disaster recovery / business continuity.
  Collaborate with the CONNECT implementation teams to integrate privacy and security into the implementation and training processes.

Knowledge, Skills, and Abilities

• Knowledge of regulatory requirements and their potential business impact from an information security standpoint.
• Demonstrated expertise in information security policies, principles, and practices. Knowledge of and experience with investigating information security incidents.
• Knowledgeable of the requirements for collecting, preserving and presenting evidence (e.g. admissibility, quality and completeness of evidence, chain of custody).
• Knowledgeable in the components of a security incident response plan. Advanced analytical and problem-solving skills; strong math skills.
• Ability to be flexible and work in a rapidly and constantly changing environment.
• Ability to lead work teams consisting of cross-department resources.
• Ability to work independently and meet deadlines.
• Understanding of quality and performance improvement initiatives (Lean / Six Sigma).
• Ability to achieve results for the organization with and through people; to practice good time management and to demonstrate good leadership skills.
• Thorough knowledge of information systems principles and practices, and on the legal, ethical, managerial and organizational principles and standards for clinics, acute care hospitals, and multi-facility health systems in California is desirable.
• Ability to effectively work with SCMG management, staff, physicians, and vendors; to communicate accurately and effectively with people, verbally and in writing.
• Must be able to respond calmly and professionally to telephone or face-to-face contact from angry or frustrated users/clients. Must be willing to travel.
• Knowledge of and experience with healthcare information systems (either business or clinical or both).
• Highly proficiency in all Microsoft Office applications (specifically, Excel, Word, and Visio).

Sharp HealthCare is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability or any other protected class