Information security is one of the biggest issues facing healthcare today. Following events such as Wannacry, the Anthem hack of 2015, and a number of other ransomware attacks, consumer confidence in the security of health information systems has suffered.
As a result, the role of the Chief Information Security Officer (CISO) has never been as important as it is in the era of digitized health information exchange. This C-level position is an important figure in the life of a health IT team, as decisions vital to information security programs and protocols fall to the CISO.
Job Duties for a CISO
On a day-to-day basis, the CISO’s job reaches many different parts of a healthcare organization. They are expected to anticipate new threats and work to prevent them from happening. But their duties can include any of the following:
- Overseeing identity and access management
- Reviewing investigations after breaches or incidents that reveal vulnerabilities
- Implement and test disaster recovery and business continuity plans
- Implement an effective process for incident reporting
- Stay up to date with the latest cybersecurity technology and best practices
- Manage the IT security team
- Ensure compliance with government regulations
- Create the strategy behind, and design of, information security systems
- Conduct security awareness training for employees
This is not an exhaustive list of the duties a CISO may have to execute, it is merely a list of some of this position’s core functions. The CISO must work with other executives across departments to understand and reduce the organizational risk healthcare companies face as they collect huge amounts of patient data.
Job Growth and Salary
The U.S. Bureau of Labor Statistics does not track the title of Chief Information Security Officer specifically. However, it does profile the position of Computer and Information System Managers, a job category with a projected growth rate of 12%, faster than the national average for all other occupations.
Professionals in these positions earned an average of $145,740 per year, with the top 10% averaging more than $200,000 in annual income.
Education and Skills
This position will require executive leadership skills. Managing people and empowering them to meet goals in a digital environment is necessary. The quickly evolving IT landscape requires a passion for technology, an analytical mind capable of multi-tasking and excellent communication skills.
Candidates for CISO positions must have at least a bachelor’s degree and a number of standard IT certifications. In today’s market, it’s more likely that the job will require a master’s degree in a related field to attain top positions. If you are looking to attain a CISO position in a healthcare organization, a master’s degree or a graduate certificate in health informatics or healthcare analytics could help separate you from the competition.