A healthcare information technology (HIT) and security leader with a collaborative approach to building responsive IT support teams that enhance the delivery of services. Leveraging over 20 years of comprehensive expertise in hospital operations, clinical workflows and the management of HIT - related systems, applications and infrastructures for areas including acute care, practice management, revenue cycle management, ERP systems (supply chain), credentialing and population health strategies to advance organization strategic goals. Expertise in leading corporate information systems transformation initiatives and organizational improvement projects through the analysis of critical business requirements; continuous improvement of information systems management and surveillance of healthcare and IT regulatory targets.
Director of Compliance
- Supported growth of compliance and solution security service line
- Formalized strategic partnerships with industry leading solution providers to extend compliance and security capabilities
- Support implementation of hybridized modular framework audit capabilities, approaches, and methodologies to ensure customers gain critical insight into both compliance and security posture
- Primary subject matter expert for all internal and external security-related efforts
- Lead and participate in framework based compliance evaluations for HIPAA and HITECH ( NIST)
- Lead client engagement and partnership management
Consultant-HIPAA Privacy and Security Compliance Consultant
- Completed HIPAA internal auditing for CHRISTUS Health- Santa Rosa and Southeast Texas regional acute care and DUBUIS (long term care facilities), reviewed existing administrative, technical and physical safeguards through questionnaires and performed walkthroughs to assess organization culture and documented physical safeguards.
- Identified organizational risks and compliance gaps against existing privacy and security controls aligned with HIPAA, NIST and HITECH guidance and mandates.
- Documented detailed HIPAA compliance gaps and provided best-practice remediation recommendations
- Submitted final report summation with tabulated privacy and security risk scores for CHRISTUS Health-Santa Rosa and Southeast Texas region acute care, ambulatory clinics and long term acute care facilities.
Confidential, Jacksonville Beach, Fla
- Successfully directed the efforts of the Information Technology Clinical Application team and 3rd party resources to support the Ellis Medicine (Schenectady, NY) Information Technology Strategic Plan and application portfolio.
- Aligned procedures with the Information Security Officer (ISO) for application access provisioning, modification and termination standard operating procedures (Identify Access Management) for HIPAA compliance.
- Restructured application team support strategy aligned with application life cycle management of clinical information systems at Ellis Medicine and clinical content development ( CPOE, Orders, POCs, clinical summaries, Work flows, clinical documentation and service catalog management) improving customer requirement gathering and request fulfillment.
- Regulatory/Incentive programs: Led completion of IT Joint Commission remediation targets within defined time line. Sustained IT PM role for MU Stage 2 dashboard creation and communication to executive team. Developed and socialized an enterprise Meaningful Use (MU) Dashboard for MU Stage 3 planning. Coordinated DSRIP initiatives. Worked with Care Management (Case Management and Utilization) review to comply with automation of workflow and data capture. Managed the completion of electronic prescribing of controlled substances (EPCS) initiative and revised policies for governance and support standards. Sustained HIXNY community CCDA initiative.
- Creation and socialization of an Application Portfolio tool to inventory assets and provide enterprise knowledge tool for decision-making and support enhanced IT turnaround times, project request and audit feedback.
- Support CIO IT Strategic planning and member of IT Steering committee
- Application lifecycle management of Cerner Soarian Clinicals: completed implementation and socialization of electronic prescribing of controlled substances, upgraded to v 4 SP 5, project planning for Cerner URL rebranding, managed clinical content updates/request for change for order sets and clinical documentation aligned with change management protocols and stakeholders vetting management.
- Application lifecycle management of Allscripts: sustained project planning for v15.1 in Test with planned rollout to Prod, completed rollout of e-faxing capability to EMG practices, project planning for CIE migration replacement of R-Connect interface engine, coordinated Deliver System Reform Incentive Payment(DSRIP) reporting for Medicaid patients, managed clinical content updates/request for change for clinical documentation and reports aligned with change management protocols and practice vetting management.
- Perform current state analysis to include existing and planned capabilities (Orders Portability), applications (DOD: AHTLA/CHCS) and infrastructures @ JAL FHCC including external interface partners VA and DMDC.
- Define future state capabilities as outlined by DHMSM EHR capability (Cerner deployment)
- Develop an implementation strategy for transitioning existing DOD JAL FHCC integrated systems to the DHMSM EHR capability.
- Direct application lifecycle management strategies of the Application Team, 3rd party support and vendor managed services resources.
- Led the application team and defined clinical content development setting standards for request for change to include feasibility and proper vetting for all stakeholders, controlled requirement development in the Test environment with participation of requesting and impacted stakeholders, end-end testing of developed components, and planned implementation to the Production environment. Build experience: Service Catalog maintenance and updates, Clinical documentation, Orders, CPOE, clinical summaries, integration with Laboratory, Radiology and Cardiology systems. Implementation of workflows and rule engines for clinical decision support. Initial planning and vetting for IPPD.
- Led upgrade and ongoing support and maintenance of the ECHO credentialing information system
- Led the phased implementation of Cerner Soarian Clinicals Computerized Provider Order Entry (CPOE) on acute care units with defined plan for Critical Care and Labor and Delivery units. Work flow/Rule Engine development for clinical decision support (CDS). Online Medication Reconciliation enterprise implementation. Completed current state analysis for provider documentation. MobileMD clinical/patient portal implementation and HUH data integration with CRISP( ADT, Lab and Radiology data)
- Regulatory targets: Project Manager for Meaningful Use Stage 1 Attestation (Certified Health Record Technology: Soarian Clinicals). Meaningful Use - Year 1.5 and 2 planning and configuration (Clinical Quality Measures/eCQMs). Developed MU enterprise tracking Dashboard for executive and operational reporting.
- Process improvement: Streamlined clinical content request process to enhance turn-around times, and eliminated redundancy. Developed IT Application Team/Department System Administrators Standard Operating Procedures (SOP) development for Security Access Management, Application Maintenance, Application development and Change Management.
- Compliance: Member of HIPAA Task Force, Application Identity/Access Management, Disaster Recovery strategies, internal/external audit remediation, policy creation and review, risk assessment and initiated Privacy impact Assessments for all portfolio applications.
- Service Management: Defined and socialized Incidence Management, Problem Management, Project Management, Change/Release Management for all production applications and infrastructure changes
- Creation and socialization of an Application Portfolio tool to inventory assets and provide enterprise knowledge tool for decision-making and support enhanced IT turnaround times, project request and audit feedback
- Supported Imprivata Single Sign One rollout to 200+ devices (desktops/mobile carts), 5 profiled applications, multi-user and single user device configurations
- Improved IT operations efficiency and IT Service delivery through the use of industry frameworks, ITIL
- Evaluate and test the effectiveness of internal controls on processes and applications
- Internal and External audit support, participation in desk audits and interviews
- Initiated process of performing Privacy Impact Assessments on all applications within the portfolio and future acquisitions.
- Planning and support Lab system upgrade, CAP inspection readiness, Meaningful Use- LO INC and Electronic Lab Reporting, instrument upgrade and interface platform conversion ( Novius Lab, PowerPath, Abbott, HCLL, Cerner Soarian Clinicals order entry and results). Led HUH participation in CRISP project for ADT, lab and radiology integration.
- Supported Faulty Practice Plan-(FPP) Allscripts team, Meaningful Use and HIPAA compliance readiness and governance.
- Led Data Center migration, evaluated and contributed to configuration of FairWarning tool, incorporated network and infrastructure changes to defined change management structure.
- Delivered statement of work requirements for clinical content readiness for Meaningful Use attestation for stage 1.
- Defined standard consultant off boarding tool for clinical services team and regional healthcare organization staff.
- Established and implemented a tracking tool that streamlined clinical content tracking adopted as the standard for all regional healthcare organizations.