In healthcare, business or government information security management is where health information management meets information technology. The information security manager is responsible for a healthcare organization’s information systems and information security program that protects electronic protected health information (PHI) and confidential business information.
The Information Security Maintenance Process
The job responsibilities of an information security manager may include:
- Develops, implements, and maintains security policies and procedures for electronically maintained information and oversees security reviews of existing information systems
- Keeps up with revisions of legislation and accreditation standards related to information security
- Leads the security team in maintaining a secure computing environment
- Manages assessments of security risk, deals with security complaints, and enforces security policies
- Manages the department budget and information security personnel
- Manages the technology to support information privacy and security requirements
- Puts into place plans for disaster recovery and business continuity
- Trains or oversees training of employees, contractors, and other third parties in information security, implements activities to promote security awareness, and monitors compliance with information security policies
Generally, becoming a healthcare information security manager requires at least a bachelor’s degree in information systems, computer science, health information management, or a related field, plus at least five years of experience in healthcare-related jobs. The manager needs experience/knowledge in health information management, healthcare operations, project management, and change management, along with knowledge of areas such as information security, access technologies, database applications, and network infrastructure.
Certification is commonly preferred or required for information security management positions. Three commonly looked for certifications are CHPS, CISSP, and CISM.
Information Security Manager Salary
The median annual base pay in 2012 for healthcare IT managers was $109,000, according to research by InformationWeek. In comparison, a 2012 ComputerWorld survey found the median base salary for chief security officers across all industries (including healthcare) was $108,085.
- Information Security In Healthcare
- JOnline: An Introduction to Information Security Management in Health Care Organizations