Information Security Analyst

Company: Wyoming Medical Center
Facility: Wyoming Medical Center at Casper
Department: Information Services

Role
In compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and good security practice, Wyoming Medical Center is responsible for appointing a health information security officer. The Information Security Analyst is responsible for developing and monitoring practices to ensure that WMC s health information is secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion.
The Analyst, along with the Privacy Officer, is also responsible for the oversight and management of all activities related to the development, implementation, and maintenance of, and compliance with, WMC s policies, procedures, and standards governing the privacy, confidentiality, and security of all individually identifiable health information in compliance with HIPAA, the Department of Health and Human Services (DHHS) regulations implementing HIPAA, particularly the HIPAA privacy regulations, and other state and federal laws, professional ethics, and accreditation standards protecting the confidentiality and privacy of individuals and their health and other information, such as financial information. The Analyst s duties include training in and disseminating of security policies and practices, and planning for timely resumption of access to information in the event of a serious disruption.
Education and Experience
A Bachelor s degree (B.A./B.S.) or equivalent in computer science or another relevant discipline from an accredited college or university is required.
A minimum of three years experience providing information security to a complex entity is required.
Demonstrated knowledge of general IT controls (e.g. access controls, risk management, change management) and related information security policies and procedures is required.
Proven understanding of health care regulatory standards (HIPAA privacy and security rules) is required.
Certificates, Licenses, and Registrations
An industry-recognized security certification, such as Certified Information Systems Auditor(CISA), is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Intrusion Analyst (CIA) certification is required within 12 months of hire also are acceptable.
Supervisory Responsibilities
None are associated with this position. Full-time Day shift