Easter Seals Jobs

Working/Functional Title

Associate CISO for Health

Position Summary

The Associate Chief Information Security Officer (CISO) for Health is a critical leadership role within Michigan State University (MSU) Information Technology, responsible for ensuring the security and compliance of all health-related information, technology, and systems across the university. This role is responsible for identifying, evaluating, and responding on health information security risks in a manner that safeguards health information, adheres to regulatory requirements such as HIPAA, and maintains the integrity of all related data and systems. This role establishes annual and long-range health information security strategies, programs, plans, and metrics for continual program improvement.

The individual will serve as the Health Information Security Officer, overseeing the health information security domain and collaborating with key IT offices, Health Sciences, multiple university colleges and business units, governance groups, and stakeholders to protect and safeguard sensitive health data in support of MSU's goals for Research, Education, and Clinical Care.

Some key projects which the Associate CISO of Health will lead include:

• Helping to improve and streamline Identity and Access Management processes for health systems.
• Improving Health Information Privacy and Security Awareness training.
• Reviewing systems that manage, process, and store health information, including third-party software systems for contract and liability issues.
• Updating and maintaining relevant contingency plans.
• Developing and maintaining robust and sustainable health privacy and information security governance with the Health Information Privacy Officer.

Primary Responsibilities:

• Ensure the security and compliance of health-related data, information, and systems across MSU.

• Oversee the Information Security Program and related plans based on NIST standards.

• In coordination with Privacy Officers support compliance and response regarding HIPAA, HITECH, and PHI-related matters.

• Develop and implement health IT security governance, strategies, policies, standards, programs, and plans.

• Conduct risk assessments and mitigation plans.

• Manage incident responses and breach investigations.

• Provide leadership and guidance on best practices for health data security.

• Collaborate with multiple key stakeholders including:

• • MSU IT
  • Office of Health Sciences
  • MSU Healthcare
  • College of Human Medicine
  • College of Osteopathic Medicine
  • College of Nursing
  • College of Veterinary Medicine
  • University Health and Wellbeing
  • University Physicians
  • Student Athletics
  • Agriculture and Natural Resources, and other relevant units

• Defining, directing, and managing the security of diverse and complex health-related data and information across multiple university units and systems in a federated IT model.
• Ensuring compliance with stringent regulatory requirements such as HIPAA and HITECH.
• Coordinating security efforts across a broad range of stakeholders with varying levels of technical expertise.
• Balancing the need for robust security measures with the operational requirements of healthcare providers, educators, and researchers.

• Staying current with evolving threats and advancements in health information security.

   

Michigan State University (MSU) is a top 100 global university located in East Lansing, three miles east of the state's capitol. The MSU community includes more than 12,000 faculty, academic and support staff, as well as over 52,000 students. MSU offe