SarasotaFLRecruiter Since 2001
the smart solution for Sarasota jobs

Zone Facility Information Security Official

Company: Doctors Hospital of Sarasota
Location: Sarasota
Posted on: June 6, 2021

Job Description:


  • Are you passionate about the patient experience?At HCA Healthcare, we are committed to caring for patients with purpose and integrity. We care like family! Jump-start your career as a(an) Zone Facility Information Security Official today with Work from Home.
  • We are committed to providing our employees with the support they need. At Work from Home, we offer eligible colleagues an attractive benefit package that includes medical, wellbeing, dental and vision benefits along with some unique benefits including:
  • Student Loan Repayment
  • Tuition Reimbursement/Assistance Programs
  • Paid Time Off and Paid Family Leave
  • 401k (100% annual match 3%-9% of pay based on years of service)
  • Adoption Assistance
  • Employee Stock Purchase Program (ESPP)
  • Flexible spending accounts
  • Short and long-term disability coverage
  • Legal benefits and pet insurance
  • Discounted Auto, Home, and Life Insurance and Identity Theft Protection
  • For more benefits details clickhere.
  • Come join our team as a(an) Zone Facility Information Security Official. We care for our community! Just last year, HCA Healthcare and our colleagues donated $13.8 million dollars to charitable organizations. Apply Today!

HCAHealthcare ITG

Job Summary:

The Zone Facility Information Security Official is a shared role across a market, responsible for leading, driving, and, in some cases, implementing Information Protection & Security (IPS) activities in company facilities under the supervision of the divisions Information Protection & Security Director or a Senior ZFISO.He or she serves as a liaison between division/facility leadership and IPS leadership.

Under general supervision from the DISA, they are responsible for performing a wide range of tasks that support the ongoing maturation of the facilitys IPS program, including:driving consistency and visibility of IPS risk management activities; working with business owners to protect patients and prevent data loss; and rounding with division and facility leadership to reduce or eliminate risky behaviors. They are responsible for helping facility workforce members appropriately comply with the companys IPS requirements.

This role requires extensive focus on building and expanding relationships with key stakeholders such as facility and division leadership; workforce members; physicians; division and facility IT teams; business owners; vendors; and other people and entities who support IPS objectives and activities within the facility.

The ZFISO must have a combination of skills including written and verbal communication skills, interpersonal skills, and the ability to influence, guide, and/or lead others necessary to accomplish IPS goals.

General Responsibilities:

Risk Management:

  • Coordinate and perform risk assessments within facilities using corporate-provided tools and templates.

  • Drive and manage execution of corrective action plans to address deficiencies identified during risk assessments.

  • Ensure the designated facility committee (e.g., Facility Security Committee, Facility Ethics & Compliance Committee) receives, documents, tracks, investigates, and sponsors remediation of security control deficiencies, suspected IPS incidents, and complaints.Provide education and guidance to ensure these committees make informed, risk-based decisions necessary to balance business needs and security objectives.

  • Represent IPS needs in facility strategic planning, budgeting, and work prioritization processes.

  • Drive ongoing compliance with IPS policies, standards, and operational procedures.

  • Work with division and/or facility leaders to submit and approve exceptions to IPS standards.

  • Lead audit response activities to address IPS issues identified by Internal Audit or external auditors (e.g., CMS HIPAA Security audits).

Issues Tracking and Resolution:

  • Support, coordinate, and manage incident response and investigation activities involving the facility.

  • Investigate information leaving the organization with appropriate leadership (i.e. Manager, ECO, HR, Legal)

  • Coordinate with HR Director, Facility Privacy Official and Ethics & Compliance Officer to ensure that sanctions related to IPS issues are applied appropriately and consistently.

  • Perform follow-up education and consultation with workforce members with risky behaviors and/or behaviors that violate Company policies and standards.


  • Round the facility to build and strengthen relationships with workforce members at all levels and to educate staff on how to reduce or eliminate risky behaviors.

  • Facilitate, and lead where appropriate, proactive IPS communication and awareness activities in the facility including coordinating with facility HR and training departments to ensure that periodic workforce training includes company-required IPS content.

  • Assist with and manage the review and approval of user requests for high-risk access.

  • Assist the Division DISA in driving key elements in the enterprise and division IS programs at the facility level to ensure that required processes are adopted and maintained.

  • Lead and coordinate implementation and adoption of technology and processes changes in assigned facilities.

Vendor Systems Security:

  • Collaborates with facility system business owners to ensure vendor contracts are in place for department and facility IT systems and services.

  • Work with appropriate business, IT, supply chain, and corporate IPS stakeholders to help ensure division and facility-specific systems, services, and devices receive proper security assessments and remediation.

  • Work with business, purchasing, and IT stakeholders to ensure proper controls are in place for existing vendor-maintained solutions.

  • Work with system business owners and vendors to document system vulnerabilities and document mitigation controls or remediation actions.

  • Ensure vendor systems use approved connectivity, remote management and monitoring.

Education, Experience and Certifications:

  • Bachelors Degree Required
  • 3+ years of experience in relevant field Required
  • 3+ years of experience in security technologies, project management and/or Healthcare Preferred
  • CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant certifications in information security or privacy Preferred

Other Qualifications:

  • Experience in developing and assessing technical and process-based controls, managing risk assessments/investigations, and working with organization management to integrate controls into the scope of existing business practices.
  • Exposure to management and/or operations in a number of healthcare business or IT functional areas.
  • Experience in some combination of audit, risk management, information security, privacy, and information technology.
  • Knowledge of information security regulations (HIPAA Privacy/Security, Sarbanes-Oxley IT controls, Payment Card Industry (PCI))
  • Possesses the ability to build and maintain positive team relationships at all levels of the facility, market, and corporate levels.
  • Possesses A sense of responsibility and accountability someone who takes ownership and initiative.
  • Creative thinker, always looking for a better way to deliver value; not stopped or discouraged by adversity.
  • Demonstrates respect for diversity of experience, characteristics, viewpoints, and opinions.
  • Maintains professional demeanor, appearance, and positive attitude.
  • Adaptable and flexible, with the ability to handle ambiguity and sometimes changing priorities.

HCA Healthcares Information Technology Group (ITG) delivers healthcare IT products and services to HCA Healthcare's portfolio of business and partners, including Parallon, HealthTrust and Sarah Cannon.

For decades, ITG has been a pioneer in the industry, leading the transformation of healthcare into a new era of quality and connectivity. ITG relies on the breadth of the organization and depth of technical expertise to advance and enhance todays healthcare and to enable our physicians and clinicians to provide world-class, innovative care for patients.

ITG employees rally around the noble cause of transforming healthcare through technology and find inspiration in the meaningful work they docreating a culture that follows our mission statement which begins by saying above all else we are committed to the care and improvement of human life.

If you want a career in technology and have a heart for healthcare, apply your expertise to a mission that matters.

  • Bachelors Degree

HCA Healthcare (Corporate), based in Nashville, Tennessee, supports a variety of corporate roles from business operations to administrative positions. Like our colleagues in any HCA Healthcare hospital, our corporate campus employees enjoy unparalleled resources and opportunities to reach their potential as healthcare leaders and innovators. From marketratecompensation to continuing education and career advancement opportunities, everypersonhas a solid foundation for success. Nashville is also home to our Executive Development Program, where exceptional employees are groomed to take on CNO- and COO-level roles in our hospitals. Thisselective program focuses on ethics, leadership and the financial and clinical knowledge required of professionals at this level of the industry.

HCA Healthcare has been named one of the World's Most Ethical Companies by Ethisphere Institute for over a decade. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

If you are looking for an opportunity that provides satisfaction and personal growth, we encourage you to apply for our Zone Facility Information Security Official opening. We promptly review all applications. Highly qualified candidates will be contacted for interviews. Unlock the possibilities and apply today!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Company Description:

HCA Healthcare is a collaborative healthcare network, driven by physicians, nurses and colleagues helping each other champion the practice of medicine to give people a healthier tomorrow. With a comprehensive network of more than 270,000 people across approximately 1,800 care facilities, our scale enables us to deliver great outcomes for our patients, provide superior nursing care and be a preferred place for physicians to practice medicine. We never stop in our pursuit of insights and care advances based on the knowledge and data we gain from approximately 30 million patient encounters a year. Every day, we raise the bar to improve the way healthcare is delivered, not just in our facilities, but everywhere. Were committed to improving more lives in more ways, and above all else, we are committed to the care and improvement of human life.

Keywords: Doctors Hospital of Sarasota, Sarasota , Zone Facility Information Security Official, Other , Sarasota, Florida

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Florida jobs by following @recnetFL on Twitter!

Sarasota RSS job feeds