IT Compliance/Cyber Security Administrator

Griffin Hospital•Derby, CT

About The Position

This role involves working closely with legal counsel, management, and key departments to ensure the organization adheres to privacy and confidentiality requirements. The administrator will establish and manage processes for handling privacy-related complaints, promote privacy awareness, and coordinate privacy safeguards with the security officer. This position also involves developing and presenting annual reports on privacy and security compliance, creating a security training program, and collaborating with the Privacy Officer to implement and maintain security policies, procedures, and safeguards. Responsibilities include managing user access levels, investigating and remediating security incidents, overseeing third-party technical maintenance, and ensuring compliance with security practices.

Requirements

Experience working with legal counsel and management.
Experience establishing and administering complaint handling processes.
Experience in promoting privacy awareness.
Experience coordinating privacy safeguards with security officers.
Experience serving as a resource to regulatory and accrediting bodies.
Experience supporting audits concerning privacy laws or regulations.
Experience developing and presenting annual reports on compliance.
Experience developing security training programs.
Experience collaborating with a Privacy Officer.
Experience developing and implementing security policies, procedures, and guidelines.
Experience researching and recommending security measures.
Experience monitoring and testing security practices.
Experience ensuring security policies, baselines, risk management, administration, network security, asset security, physical security, disaster recovery plans, and third-party due diligence are in place.
Experience maintaining documentation regarding user access levels.
Experience investigating, responding to, and remediating security incidents.
Experience overseeing third parties performing technical system maintenance.
Knowledge of state or federal privacy laws or regulations.

Responsibilities

Work with legal counsel and management to ensure appropriate privacy and confidentiality consent, authorization forms, and information notices.
Establish and administer a process for handling complaints concerning the organization’s privacy policies and procedures.
Initiate and promote activities to foster information privacy awareness within the organization.
Coordinate privacy safeguards with the security officer for consistent development, documentation, and training.
Serve as the organization’s resource to regulatory and accrediting bodies for privacy and security matters.
Support audits concerning state or federal privacy laws or regulations.
Develop and present an annual report on privacy-related issues and compliance.
Develop a security training program that supports privacy and information security programs.
Collaborate with the Privacy Officer to develop and implement security policies, procedures, and guidelines.
Research and recommend new security measures for implementation.
Monitor and test security practices for effectiveness.
Collaborate with the Privacy Officer to ensure security policies, baselines, risk management, administration, network security, asset security, physical security, disaster recovery plans, and third-party due diligence are in place.
Maintain documentation regarding user access levels and review them periodically.
Investigate, respond to, and remediate security incidents in coordination with legal counsel and outside vendors.
Oversee third parties performing technical system maintenance to ensure compliance with security practices.
Develop and present an annual report on security-related issues and compliance.