The CIO reports to the CEO and works closely on strategy and deployment with the Executive Team and Senior Leadership. He/she will partner with senior leadership and the Board of Directors to develop and drive information technology strategies across the organization critical for cost-effective operations and long-term strategic success. He/she will lead and coach a staff of technology professionals, creating a high-performing team, and will also lead and coach others in the organization in maximizing efficiency via the use of technology-based systems and processes. The CIO must adapt to a continually evolving environment and thrive in an autonomous and deadline-driven workplace.
The CIO is charged with developing and implementing technology-oriented best practices across the organization, and positioning COPC as a leader in the healthcare industry. The CIO is also responsible for the organization's security program including, but not limited to, daily operations of the IT security program, oversight of the annual and ongoing risk assessment process, development, implementation, and maintenance of policies and procedures, ensuring the confidentiality, integrity and access of electronic protected health information and of monitoring program compliance as well as investigation and tracking of incidents and breaches and in compliance with federal and state laws.
•Plans, manages and coordinates technology infrastructure to provide information services and technology to all practices, ancillaries, departments and vendors within the organization.
-Establishes short- and long-term strategies for the organization's information management and processing systems, including computers and peripherals, hardware, software and networks.
•Responsible for direct management of the IT team, assigning clear tasks and objectives,
and establishing KPI measurables for monitoring results versus objectives. Responsible for the development and engagement of team members by creating a motivating work environment that recognizes and rewards strong performance.
•Oversees IT operations, network administration, service desk, IT security, telephony and clinical applications.
•Acts as a trusted advisor, building and maintaining relationships with other leaders to
develop a clear understanding of business needs.
•Develops and controls annual operating and capital expenditure budget for IT. Works closely with contracted IT and telecommunications service providers to manage
the technology infrastructure in the most effective and efficient manner.
•Partners with the Compliance Officer, and Chief General Counsel to maintain HIPAA compliance across the organization and all platforms.
•Oversees the execution of audits, monitoring controls and testing for compliance. Ensures resolution of any deficiencies identified as a result of these audits.
•Responsible for supporting the initiation, planning, execution, control, and closing of complex system implementation projects.
•Monitors project metrics for significant deviations in quality, cost, or schedule.
•Manage key vendors to align with company goals.
•Oversees the ongoing testing and evaluation of the organization's security measures and controls to prevent, detect, contain and guard against unauthorized access to electronically stored and/or transmitted information; and to protect against reasonably anticipated threats and hazards. These may include but are not limited to integrity controls, authentication controls, access controls, encryption, abnormal condition alarms, audit trails, entity authentication and event reporting
•Directs or conducts periodic risk assessments of information systems to determine the extent to which key business areas and the infrastructure comply with security requirements; updates those assessments when there are changes or additions to information systems or processes; assures leadership has appropriate understanding of residual risk.
•Coordinates with appropriate personnel to ensure timely development and implementation of corrective action plans in response to security deficiencies.
•Evaluates and recommends new information security technologies and counter measures to guard against threats to electronic information.
•Ensures that security concerns have been addressed in the implementation of systems that store and process electronic information, and the exchange of health information with patients and outside entities.
•Leads the team of individuals assembled in response to an information systems security breach. Works with the team to contain and investigate the breach and prevent future computer security breaches.
•Works with vendors, outside consultants and other third parties to improve information security within the organization.
•Oversees the development and periodic testing of the organization's disaster recovery and business continuity plans for information systems.
•Ensures the ongoing integration of information security with business strategies and requirements.
•Oversees, facilitates, and promotes training and activities that raise security awareness within the organization.
•Ensures that a mechanism exists within the organization to report security incidents and that appropriate sanctions are applied for security violations.
•Bachelor's degree in information systems, computer science, technology or a related field; Master's degree preferred.
•10+ years in an IS/IT leadership role, with at least 5 years in healthcare leadership.
•Previous experience with clinical applications; eClinical Works (eCW) preferred.
•Advanced knowledge of network, telecommunications, clinical applications (EMR) and commonly used business systems and software (i.e. Microsoft).
•Knowledge and experience in state and federal information security laws, including but not limited to HIPAA and PHI.
•Preferred security certification such as Certified in Healthcare Privacy and Security (CHPS) and/or other healthcare industry related security credentials.
•Demonstrated organization, facilitation, written and oral communication, and presentation skills.
•Ability to lead IT transformational initiatives in a complex and dynamic environment, utilizing project management techniques.
•Ability to drive organizational change.
•Focused and influential communication style.
•Strong negotiation skills.
•Success building business relationships, strong business skills and proven leadership in developing, implementing and supporting IT solutions for both internal and external customers.
•Knowledge and expertise around database management and corresponding interfaces.
•Ability to think strategically about technology and how to incorporate it into the business units and processes to increase efficiencies.
•Ability to effectively communicate information technology to physicians and presenting the costs necessary while allowing them to make sound business and healthcare decisions.
•Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals.
•Knowledge of HIPAA, state and federal guidelines on security, transactions and security.
•Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient security.