Residence Requirements:

RESIDENCE REQUIREMENTS: THERE ARE NO RESIDENCY REQUIREMENTS FOR PARTICIPATION IN THIS EXAMINATION. There is one vacancy at the Erie County Medical Center. 

Examples of Duties:

A Healthcare Information Security Officer designs and manages the Information Security Program at the Erie County Medical Center Corporation;

Manages the Information Security Program, including the development and oversight of policies, procedures, technical systems and workforce training in order to maintain the confidentiality, integrity, and availability of data
within all information systems;

Implements, manages and enforces information security directives as mandated by Federal and State regulations, including but not limited to the Health Insurance Portability and Accountability Act (HIPAA);

Develops and enforces policies and procedures in relation to information security;

Ensures the ongoing integration of information security with business strategies and requirements;

Ensures that the access control, disaster recovery, business continuity, incident response and risk management needs of the organization are properly addressed;

Leads the information security awareness and training initiatives to educate workforce about information risks;

Provides project management oversight and operational responsibility for administrative coordination and implementation of the organization’s security program;

Manages information risk assessments and security audits to ensure that the information systems are adequately protected and meet HIPAA certification requirements;

Collaborates with various departments and law enforcement agencies to coordinate response to information security incidents, investigate and prevent future computer security breaches and to manage security vulnerabilities;

Conducts security research in keeping abreast of latest security issues;

Leads an incident response team to contain investigations and prevent future computer security breaches;

Coordinates security survey regulatory activities and participates in accreditation surveys;

Attends and participates in meetings, seminars and training sessions.

Qualifications:

MINIMUM QUALIFICATIONS:  Candidates must meet  the following requirements on or before the date of the written test: 

Graduation from a regionally accredited or New York State registered college or university with a Bachelor’s Degree in Health Information Systems, Computer Technology, Computer Science, Business Administration, Healthcare Administration or related computer or management field and five (5) years of experience in computer or information security, one (1) year of which included experience with federal and state privacy and security laws, regulations and accreditation standards for maintaining information security and confidentiality.

Notes:

NOTES: 1. Verifiable part-time and/or volunteer experience will be pro-rated toward meeting the experience requirements. 2. Your degree and/or college credit must have been awarded by a regionally accredited college or university or one recognized by the New York State Education Department as following acceptable educational practices. A grade of "D" or better is necessary for a course to be credited as successfully completed. If your degree and/or college credit was awarded by an educational institution outside of the United States and its territories, you must provide independent verification of equivalency. You can write to this Department for a list of acceptable companies providing this service; you must pay the required evaluation fee.

Notice to Candidates: Transcripts will now be accepted by the Department of Personnel ONLY at time of application.
All subsequent transcripts must be submitted at time of interview.

The New York State Department of Civil Service has not prepared a test guide for this examination. However,candidates may find information in the publication "How to take a written test" helpful in preparing for this test. This publication is available on line at: www.cs.ny.gov/testing/localtestguides.cfm

Subjects of Examination:

SUBJECTS OF EXAMINATION: A written test designed to evaluate knowledge, skills and /or abilities in the following areas: 

1. Administration

These questions test for knowledge of the managerial functions involved in directing an organization or an organizational segment. These questions cover such areas as: developing objectives and formulating policies; making decisions based on the context of the administrator's position and authority; forecasting and planning; organizing; developing personnel; coordinating and informing; guiding and leading; testing and evaluating; and budgeting.

2. Data processing concepts and terminology

These questions are designed to test for knowledge of computer characteristics and operations that is relevant for computer programming and analysis. They may cover, but not necessarily be confined to, basic terminology of data processing, data entry, data access, and data communications; basic characteristics of storage media and data bases; types of data processing (e.g., time-sharing), the functions of operating systems, and hierarchies of computer memory.

3. Data center operations

These questions test for knowledge of the principles and practices employed in planning, organizing and controlling the operating activities of a computer center. They cover such areas as: data center methods and procedures; identifying and resolving operational problems; coordinating and maintaining schedules for the utilization of equipment; and monitoring and controlling operating systems, equipment, and the physical environment in the computer center.

4. Principles of networked communications

These questions test for basic concepts and terminology of data communications. They cover such subjects as data communications, types of networks, modems, security, protocols, topologies, transmission media, wiring, installation and troubleshooting. The questions are general in scope and are not specific to any vendor or system.

5. Project management

These questions are designed to test for techniques and concepts of project management. They may cover, but not necessarily be confined to, management of systems development, management by objectives, project scheduling and control techniques (e.g., PERT), characteristics of organizations and of the systems life cycle, and the development of data processing standards.

6. Supervision

These questions test for knowledge of the principles and practices employed in planning, organizing, and controlling the activities of a work unit toward predetermined objectives. The concepts covered, usually in a situational question format, include such topics as assigning and reviewing work; evaluating performance; maintaining work standards; motivating and developing subordinates; implementing procedural change; increasing efficiency; and dealing with problems of absenteeism, morale, and discipline.

7. Systems analysis and design

These questions test for techniques and concepts of computer systems analysis and design. They cover such subjects as feasibility and applications studies, systems development tools and software, the systems life cycle, types of systems (e.g., client/server, Web-based), controls, and systems documentation, testing, and implementation.

NOTICE TO CANDIDATES:  Unless otherwise noted, candidates are permitted to use quiet, hand held, solar or battery powered calculators.  Devices with typewriter keyboards, "Spell Checkers", “Personal Digital Assistants", "Address Books", "Language Translators", "Dictionaries", or any similar devices are prohibited.  You may not bring books or other reference materials.

**IMPORTANT APPLICATION FEE - READ CAREFULLY**

A $20.00 filing fee is required for this exam. The required fee must accompany your application. Send or bring check or money order made payable to Erie County Personnel Department and write the examination number(s) on your check or money order. Do not send or bring cash, as the County cannot be responsible for cash payment. As no refund will be made, you are urged to compare your qualifications carefully with the requirements for admission and file only for those examinations for which you are clearly qualified.