Zone Facility Information Security Official
Company: Doctors Hospital of Sarasota
Posted on: June 6, 2021
- Are you passionate about the patient
experience?At HCA Healthcare, we are committed to
caring for patients with purpose and integrity. We care like
family! Jump-start your career as a(an) Zone Facility Information
Security Official today with Work from Home.
- We are committed to providing our employees with the support
they need. At Work from Home, we offer eligible colleagues an
attractive benefit package that includes medical, wellbeing, dental
and vision benefits along with some unique benefits including:
- Student Loan Repayment
- Tuition Reimbursement/Assistance Programs
- Paid Time Off and Paid Family Leave
- 401k (100% annual match 3%-9% of pay based on years of
- Adoption Assistance
- Employee Stock Purchase Program (ESPP)
- Flexible spending accounts
- Short and long-term disability coverage
- Legal benefits and pet insurance
- Discounted Auto, Home, and Life Insurance and Identity Theft
- For more benefits details clickhere.
- Come join our team as a(an) Zone Facility Information Security
Official. We care for our community! Just last year, HCA Healthcare
and our colleagues donated $13.8 million dollars to charitable
organizations. Apply Today!
The Zone Facility Information Security Official is a shared role
across a market, responsible for leading, driving, and, in some
cases, implementing Information Protection & Security (IPS)
activities in company facilities under the supervision of the
divisions Information Protection & Security Director or a Senior
ZFISO.He or she serves as a liaison between division/facility
leadership and IPS leadership.
Under general supervision from the DISA, they are responsible for
performing a wide range of tasks that support the ongoing
maturation of the facilitys IPS program, including:driving
consistency and visibility of IPS risk management activities;
working with business owners to protect patients and prevent data
loss; and rounding with division and facility leadership to reduce
or eliminate risky behaviors. They are responsible for helping
facility workforce members appropriately comply with the companys
This role requires extensive focus on building and expanding
relationships with key stakeholders such as facility and division
leadership; workforce members; physicians; division and facility IT
teams; business owners; vendors; and other people and entities who
support IPS objectives and activities within the facility.
The ZFISO must have a combination of skills including written and
verbal communication skills, interpersonal skills, and the ability
to influence, guide, and/or lead others necessary to accomplish IPS
- Coordinate and perform risk assessments within facilities using
corporate-provided tools and templates.
- Drive and manage execution of corrective action plans to
address deficiencies identified during risk assessments.
- Ensure the designated facility committee (e.g., Facility
Security Committee, Facility Ethics & Compliance Committee)
receives, documents, tracks, investigates, and sponsors remediation
of security control deficiencies, suspected IPS incidents, and
complaints.Provide education and guidance to ensure these
committees make informed, risk-based decisions necessary to balance
business needs and security objectives.
- Represent IPS needs in facility strategic planning, budgeting,
and work prioritization processes.
- Drive ongoing compliance with IPS policies, standards, and
- Work with division and/or facility leaders to submit and
approve exceptions to IPS standards.
- Lead audit response activities to address IPS issues identified
by Internal Audit or external auditors (e.g., CMS HIPAA Security
Issues Tracking and
- Support, coordinate, and manage incident response and
investigation activities involving the facility.
- Investigate information leaving the organization with
appropriate leadership (i.e. Manager, ECO, HR, Legal)
- Coordinate with HR Director, Facility Privacy Official and
Ethics & Compliance Officer to ensure that sanctions related to IPS
issues are applied appropriately and consistently.
- Perform follow-up education and consultation with workforce
members with risky behaviors and/or behaviors that violate Company
policies and standards.
- Round the facility to build and strengthen relationships with
workforce members at all levels and to educate staff on how to
reduce or eliminate risky behaviors.
- Facilitate, and lead where appropriate, proactive IPS
communication and awareness activities in the facility including
coordinating with facility HR and training departments to ensure
that periodic workforce training includes company-required IPS
- Assist with and manage the review and approval of user requests
for high-risk access.
- Assist the Division DISA in driving key elements in the
enterprise and division IS programs at the facility level to ensure
that required processes are adopted and maintained.
- Lead and coordinate implementation and adoption of technology
and processes changes in assigned facilities.
- Collaborates with facility system business owners to ensure
vendor contracts are in place for department and facility IT
systems and services.
- Work with appropriate business, IT, supply chain, and corporate
IPS stakeholders to help ensure division and facility-specific
systems, services, and devices receive proper security assessments
- Work with business, purchasing, and IT stakeholders to ensure
proper controls are in place for existing vendor-maintained
- Work with system business owners and vendors to document system
vulnerabilities and document mitigation controls or remediation
- Ensure vendor systems use approved connectivity, remote
management and monitoring.
Education, Experience and Certifications:
- Bachelors Degree Required
- 3+ years of experience in relevant field Required
- 3+ years of experience in security technologies, project
management and/or Healthcare Preferred
- CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant
certifications in information security or privacy Preferred
- Experience in developing and assessing technical and
process-based controls, managing risk assessments/investigations,
and working with organization management to integrate controls into
the scope of existing business practices.
- Exposure to management and/or operations in a number of
healthcare business or IT functional areas.
- Experience in some combination of audit, risk management,
information security, privacy, and information technology.
- Knowledge of information security regulations (HIPAA
Privacy/Security, Sarbanes-Oxley IT controls, Payment Card Industry
- Possesses the ability to build and maintain positive team
relationships at all levels of the facility, market, and corporate
- Possesses A sense of responsibility and accountability someone
who takes ownership and initiative.
- Creative thinker, always looking for a better way to deliver
value; not stopped or discouraged by adversity.
- Demonstrates respect for diversity of experience,
characteristics, viewpoints, and opinions.
- Maintains professional demeanor, appearance, and positive
- Adaptable and flexible, with the ability to handle ambiguity
and sometimes changing priorities.
HCA Healthcares Information
Technology Group (ITG) delivers healthcare IT products and services
to HCA Healthcare's portfolio of business and partners, including
Parallon, HealthTrust and Sarah Cannon.
For decades, ITG has been a pioneer
in the industry, leading the transformation of healthcare into a
new era of quality and connectivity. ITG relies on the breadth of
the organization and depth of technical expertise to advance and
enhance todays healthcare and to enable our physicians and
clinicians to provide world-class, innovative care for
ITG employees rally around the
noble cause of transforming healthcare through technology and find
inspiration in the meaningful work they docreating a culture that
follows our mission statement which begins by saying above all else
we are committed to the care and improvement of human
If you want a career in technology
and have a heart for healthcare, apply your expertise to a mission
HCA Healthcare (Corporate), based in Nashville,
Tennessee, supports a variety of corporate roles from business
operations to administrative positions. Like our colleagues in any
HCA Healthcare hospital, our corporate campus employees enjoy
unparalleled resources and opportunities to reach
their potential as healthcare leaders and innovators. From
marketratecompensation to continuing education and career
advancement opportunities, everypersonhas a solid
foundation for success. Nashville is also home to our
Executive Development Program, where exceptional
employees are groomed to take on CNO- and COO-level roles in our
hospitals. Thisselective program focuses on ethics, leadership and
the financial and clinical knowledge required of professionals at
this level of the industry.
HCA Healthcare has been named one of the World's Most Ethical
Companies by Ethisphere Institute for over a decade. In recent
years, HCA Healthcare spent an estimated $3.7 billion in cost for
the delivery of charitable care, uninsured discounts, and other
If you are looking for an opportunity that provides satisfaction
and personal growth, we encourage you to apply for our Zone
Facility Information Security Official opening. We promptly review
all applications. Highly qualified candidates will be contacted for
interviews. Unlock the possibilities and apply today!
We are an equal opportunity employer and value diversity at our
company. We do not discriminate on the basis of race, religion,
color, national origin, gender, sexual orientation, age, marital
status, veteran status, or disability status.
HCA Healthcare is a collaborative healthcare network, driven by
physicians, nurses and colleagues helping each other champion the
practice of medicine to give people a healthier tomorrow. With a
comprehensive network of more than 270,000 people across
approximately 1,800 care facilities, our scale enables us to
deliver great outcomes for our patients, provide superior nursing
care and be a preferred place for physicians to practice medicine.
We never stop in our pursuit of insights and care advances based on
the knowledge and data we gain from approximately 30 million
patient encounters a year. Every day, we raise the bar to improve
the way healthcare is delivered, not just in our facilities, but
everywhere. Were committed to improving more lives in more ways,
and above all else, we are committed to the care and improvement of
Keywords: Doctors Hospital of Sarasota, Sarasota , Zone Facility Information Security Official, Other , Sarasota, Florida
Didn't find what you're looking for? Search again!