Technical Support Analyst/ EHR Security Analyst

Job Description

The EHR Security Analyst is responsible for managing and helping define user access policies, security policies and role-based permissions within the EHR. This role will work closely with the EHR Application team, ISO Team and HIPAA compliance officer among others to ensure that the application is compliant with HIPAA standards, organizational security policies and best practices.

Key Responsibilities

• Map and maintain EHR positions definitions, including Millenium Positions, Preferences and OHPAC Security groups with VDH Positions.
• Monitor and enforce appropriate use of EHR Access Control Positions and Policies, ensuring correct user access based on roles and job functions.
• Work with EHR Security Officer, IT Technical team, Support Team and EHR Core team to define and automate user provisioning and offboarding procedures.
• Monitor and conduct internal security audits of the EHR application to identify and mitigate risks and vulnerabilities.
• Develop and maintain security policies, procedures and guidelines related to the Application with EHR Security Officer.
• Define and complete security documentation and downtime procedures with EHR Security Officer, ISO Office and EHR Core team according to VDH Security guidelines.
• Respond and investigate security incidents related to EHR Application ensuring timely resolution and proper reporting to stakeholders.
• Collaborate with EHR implementation and optimization teams to integrate security measures into new features, updates, and third-party applications.
• Stay informed about emerging security threats, technologies, and best practices related to EHR systems.
• Recommend improvements and optimizations to the EHR security environment based on industry trends and emerging threats.
• Monitor user behavior using tools like P2Sentinel to determine trends and possible incidents.
• Assist on internal and external audits with EHR Security Officer and EHR Core team.
• Participate in Cerner/OHPAC upgrades, security patches and system maintenance to ensure ongoing security.
• Participate in the Domain Strategy for EHR Application.
• Stay up to date with security updates, best practices and regulatory changes.

Required Experience

• Three plus years of IT experience desired.
• Strong understanding of EHR Systems.
• Understanding of HIPAA, HITECH, meaningful user and other healthcare security regulations.
• Experience with Active Directory (AD), single sign-on (SSO), multi-factor authentication (MFA), and identity management solutions.
• Strong analytical, problem-solving, and troubleshooting skills related to Cerner/OHPAC security and access issues.
• Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users.
• Familiarity with healthcare IT infrastructure, including networking, firewalls, and database security.
• Knowledge of Discern and ccl.

Required/Desired Skills

• Strong understanding of Oracle Health EHR and Security (Required, 5 Years)
• Understanding of HIPAA, HITECH, meaningful user and other healthcare security regulations (Highly desired, 3 Years)
• Experience with Active Directory (AD), single sign-on (SSO), multi-factor authentication (MFA), and identity management solutions (Highly desired, 3 Years)
• Knowledge of Discern and ccl (Highly desired, 3 Years)
• Strong analytical, problem-solving, and troubleshooting skills related to Cerner/OHPAC security and access issues (Required, 5 Years)
• Excellent communication and collaboration skills to work with IT teams, compliance officers, and end users (Required, 5 Years)
• Familiarity with healthcare IT infrastructure, including networking, firewalls, and database security (Highly desired, 5 Years)
• Application Support Experience (Required, 5 Years)
• Ability to handle multiple competing priorities and multitask efficiently in a dynamic, fast-paced environment (Required, 3 Years)
• Demonstrated commitment to exceptional customer service with individuals of varying technical knowledge (Required, 3 Years)