5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Job Category:
Information Services
Health Care & Medicine
Info Security Manager Compliance
(This job is no longer available)
UCLA Health | Los Angeles, CA
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description

Job Duties
SUMMARY STATEMENT: Under direction of the Chief Compliance Security Officer, manage the Information Security compliance program for the UCLA Health Sciences to help assure compliance with Federal, State, and local laws, and University of California and UCLA Information Security policies. · Coordinate and collaborate on Information Security matters related to UCLA Health Sciences, UCLA Campus, UC and external parties. · Assist with the design and direction of the Information Security Compliance Program · Direct and implement Information Security projects, including risk assessments, education, monitoring, auditing, response and prevention. · Serve as a consultant to IT and business owners on implementation of an effective Risk Management Plan to minimize risks to the confidentiality, integrity and availability of Restricted Information (including PHI, Personal Information as defined by the State of California and other confidential information). · Manage Office of Compliance Services Information Security team. · Review and approve IT Security risk assessments. · Investigate Information Security and other issues as requested by the Chief Compliance Security Officer, the Chief Privacy Officer and the Chief Compliance Officer. · Participate in incident response management and breach notification as necessary. · Develop policies and procedures. * Review Agreements and other documentation for Information Security and Compliance issues. TYPE OF SUPERVISION RECEIVED: Regular meetings with the Chief Compliance Security Officer. Others as needed MANAGEMENT OF HUMAN RESOURCES Supervise OCS Information Security Office staff Assist in identifying and recruiting effective people. Develop and retain staff within the department Encourage cooperation, teamwork and facilitate constructive conflict resolution. Motivate staff and establish departmental goals. Plan, prioritize and use effective time management. Ensure the development, documentation and maintenance of Standard Operating Procedures for internal Information Security processes. Provide or obtain necessary training for staff to perform their duties. Prepare, monitor and manage departmental budgets. Information Security Policies and Procedures · In coordination with the Chief Compliance Security Officer, Chief Compliance Officer, Chief Privacy Officer, Chief Information Security Officer, IT, business owners and Legal, revise and update Health Sciences Information Security polices, standards and procedures. Create new policies as necessary. Information Security Compliance Oversight · Maintain current knowledge of applicable federal and state privacy and security laws and accreditation standards, and monitor advancements in information security technologies to ensure organizational adaptation and compliance. · Serve as a consultant for the Health Sciences for any questions on policies, procedures, regulations, and laws relating to Information Security. · Advise IT and business owners in defining information security and privacy compliance requirements for projects, applications, and purchases not only for acquisition but also for implementation. · Review contracts, data security requirements, IRB applications and other documents as requested for Information Security and other Compliance concerns. Training and Education · Direct, deliver, or ensure delivery of information security training and orientation to all appropriate University workforce members and appropriate third parties. · Initiate, facilitate and promote activities to foster information security awareness within the organization and related entities. Monitoring and Auditing · With the Chief Compliance Security Office, provide oversight and consulting for Enterprise Security Risk Assessments. · Coordinate and cooperate with UCLA Audit and Advisory Services and other compliance and operational assessment functions. · Direct, perform and document ongoing information security risk assessments for specific issues/areas. Work with departments and IT groups to identify potential threats and vulnerabilities. Assess current security measures. Determine likelihood of threat occurrence and impact. · Perform audits in cooperation with IT and business owners to verify compliance with security requirements and policies and verify remediation status. · Work with IT to develop monitoring and assessment methodologies such as network scanning, log monitoring and web application vulnerability testing. Response and Prevention · Cooperate with the Office for Civil Rights, other legal entities, and UCLA Health Sciences Officers in any compliance reviews or investigations. · Participate on the Computer Security Incident Response team. Serve as a resource to IT on incident response and security breach issues. · Conduct investigations into Information Security incidents, breaches and issues in coordination with the Chief Compliance Security Officer, the Chief Compliance Officer, the Chief Information Officer, the Chief Privacy Officer, legal counsel and other appropriate entities. `Arrange for, coordinate and oversee both internal and external forensics as necessary. · In conjunction with the Chief Compliance Security Officer, the Chief Compliance Officer, the Chief Privacy Officer, the Chief Information Security Officer, assist in the development of remediation/corrective action plans including identification of priorities, setting timelines, and tracking progress. · Assist the Privacy team with technical issues for their investigations and any necessary notifications. OTHER DUTIES As necessary

Job Qualifications
A minimum of 5 years' information security working experience Experience as a supervisor. Team building skills. In-depth knowledge of the HIPAA Privacy and Security Regulations, and detailed knowledge of California law relating to privacy and security of patient and other personally identifiable information. Ability to read, comprehend and implement state and federal regulations Ability to explain legal requirements and regulations to other individuals. Ability to review, analyze and summarize data in Excel and Power Point required. Ability to use Access preferred. Working knowledge of Word Knowledge of the seven elements of an effective compliance program Familiarity with UCLA Healthcare clinical documentation and electronic systems. Working knowledge of principles of performance /quality improvement. Superior command of English. Ability to speak in public and present to various groups on privacy and confidentiality requirements. Ability to handle difficult and sensitive situations tactfully and responsibly. Excellent organizational skills in maintaining paper and computerized files. Ability to focus carefully on details. Ability to appropriately prioritize work responsibilities, with fluctuating workload. Ability to compose concise and accurate reports. Ability to communicate both verbally and in writing with individuals of varying degrees of technical knowledge. Ability to translate technical information so that is understandable by non-technical staff. Degree: BS required; MS preferred Certification: CISSP or CISA or CISM

About UCLA Health

For more than half a century, UCLA Health  has provided the best in healthcare and the latest in medical technology to thepeople of Los Angeles and throughout the world. Today we are one of the most comprehensive and advanced healthcare systems in existence. We are comprised of Ronald Reagan UCLA Medical Center, UCLA Medical Center, Santa Monica, Resnick Neuropsychiatric Hospital at UCLA, Mattel Children’s Hospital UCLA, and the UCLA Medical Group, with offices throughout the region.

Ronald Reagan UCLA Medical Center is consistently ranked by U.S.News & World Report as one of the top five hospitals in the nation and the best medical center in the western United States. The doctors, scientists and caregivers of UCLA are leaders in their fields. Every day, they perform pioneering work across an astounding range of disciplines, from organ transplantation and cardiac surgery to neurosurgery and cancer treatment. Year after year, our people have achieved medical breakthroughs and earned the highest industry honors. And we’re just getting started.

The dedicated professionals of UCLA Health are committed to healing humankind, one patient at a time, by improving health, alleviating suffering, and delivering acts of kindness on a daily basis.