IT NIST/HIPAA Security Specialist (NC747232) The Compliance Officer will be familiar with risk management, comfortable leading internal risk assessments, and possess knowledge of HIPAA and NIST privacy and security requirements for health information networks. The candidate will be allowed to work remotely but will need to be onsite in Raleigh, NC on short notice. There is a mandatory three-week training onsite at the beginning of the engagement. Once all staff return to site the candidate will need to work onsite full time. The NC HIEA Compliance Officer will ensure that operations follow all relevant state and federal requirements for securely transacting health information via the HIE Network, NC HealthConnex. The Compliance Officer will be familiar with risk management, comfortable leading internal risk assessments, and possess knowledge of HIPAA and NIST privacy and security requirements for health information networks. This position will work closely with the NC HIEA leadership team, DIT legal counsel, and DIT Privacy Team, and DIT Security and Risk Management Team to ensure continual improvement of the NC HIEA’s security and risk profile. Responsibilities
- Assist with the development and implementation of a compliance program for the NC HIEA that includes preparation for HITRUST certification
- Create sound internal controls and monitor adherence to them
- Draft and revise policies
- Proactively audit processes, practices and documents to identify weaknesses
- Evaluate activities to assess compliance risk
- Collaborate with external auditors and DIT Security Team when needed
- Set plans to manage a crisis or compliance violation
- Educate and train employees on regulations and industry practices
- Address employee concerns or questions on compliance
- Keep abreast of industry standards and business goals