• Establish monitoring and detection mechanisms to identify potential threats, and lead or assist in responding to incidents. • Conduct vulnerability assessments, penetration testing, and remediation of security weaknesses. • Automate tasks where possible, using scripting and configuration management tools. • Architect and implement security controls, including firewalls, intrusion detection systems, and encryption technologies. • Review of applications and systems to ensure industry best practices and security hardening.

Site: Mass General Brigham Incorporated Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham. Job Summary Under the direction of the Audit Supervisor and according to established policies and procedures, the individual is responsible for accurately abstracting protected health information (PHI) by sorting, categorizing, searching, retrieving, and sending encounter documentation to support the Mass General Brigham reimbursement and/or compliance audits for services rendered. The Audit Abstractor is responsible for, including but not limited to, responding to third party payer requests, appeals, denials, QIO, Mass Health, RAC, CMS, ADR, HEDIS, Medicare Risk Adjustment, CERT, CDAC, DPH reporting, DRG, charge audits, joint venture audits, internal compliance audits, DME, Patient Financial Services (PFS), OIG, and/or third party payer audits. Fulfillment of such requests are performed on a timely basis ensuring that assigned due dates are met. Qualifications - Ability to prioritize competing tasks to ensure all due dates are met or exceeded - Accept ownership of assigned requests and worklists reaching out for clarification if necessary - Understands and enforces hospital confidentiality policies and procedures, department policies and procedures including Massachusetts General Laws (MGL), Federal Public Health Laws, HITECH, and HIPAA regulatory guidelines - Reviews requests to determine completeness and validity of authorization. Understands the rules governing the release of sensitive/protected PHI as pertaining to HIPAA, CFR 42 Part 2 rules, MA public health laws, MA mental health laws regulations, as well as, Mass General Brigham policies and procedures. Able to redact information when necessary. - Maintains up-to-date knowledge of third party payer billing requirements to support services billed, including required medical documentation based on billing compliance rules - Locates medical record numbers and dates of service for encounters to be reviewed in system applications in response to requests - Produces computer-generated PHI from respective system applications including legacy applications - Coordinates electronic and paper record retrievals, trouble shoots for required records/documentation in response to a request and/or audit - Orders paper records as needed - Coordinates the retrieval of site specific applicable joint venture records required for an audit - Effectively utilizes Cobius, (emDR and esMD, including accessing requests, posting pdf’s, merging and delivering pdf’s), secure delivery server, e-fax, Adobe (searching, redacting, merging files, and securing security settings), portals, legacy applications, archived systems, and scanning documents. - Acquires and maintains a strong working knowledge of the secure delivery server and e-fax functionality. Able to troubleshoot issues as needed. - Examines records to be released and/or audited to ensure required and complete documentation is available to meet the requirements of a request - Works independently, as well as, contributes as a productive member of a team - Notifies the HIM Notes Deficiency if required documentation is missing for assistance. Troubleshooting may also require contacting appropriate providers/clinics to obtain required documentation. - Prepares and delivers records to the designated review/audit location in a timely manner for onsite audits - Ensures 100% of requested records made available for an audit on time or provides expeditious mitigation to reconcile as needed - Photocopies paper records and/or prepares PDF’s for stat deliveries as needed - Prepares and coordinates the delivery of PHI via FedEx/UPS/US Mail, Cobius esMD, portal, e-fax, or secure delivery server to recipient as directed for offsite audits - Enters and fulfills all requests in logging system for tracking purposes - Meets performance measures/expectations - Other duties as assigned by the supervisor or manager Education - Associate degree or High school diploma or equivalent required - Experience working in the Health Information Management field; minimum of 1-2 years experience preferred Experience - Understands the components of a medical record, including how a record is maintained, organized and the retrieval of medical documentation in both paper and/or electronic format - General understanding of reimbursement and billing compliance requirements - General knowledge of medical terminology - General knowledge of HIPAA privacy and security rules and state and federal rules and regulations related to the disclosure of protected health information preferred - Experience working with Epic clinical and/or financial applications preferred Skills/Abilities/Competencies - Self motivated and able to manage time effectively in a fast paced work environment - Medical Terminology - Strong computer skills - Proficient utilization in Microsoft Office products (Outlook, Teams, Word, PowerPoint, and Excel) - Exhibits critical thinking skills - Proficiency in the use of Adobe software - Ability to adapt to system enhancements and the onboarding of new site locations - Exhibits strong professionalism and highly proficient persona - Exhibits strong oral and written communication skills - Detail-Oriented - Excellent analytical and problem solving skills - Ability to be flexible, versatile, and adaptable in day to day activities conducted in a multi-site environment - Ability to manage workload and competing priorities in order to complete tasks within set limits - Ability to produce quality work on a consistent basis - Ability to work cooperatively and efficiently within all levels of the Mass General Brigham organization - Ability to work independently and as a team player - Demonstrates commitment to delivery of high quality customer service - Uses the Mass General Brigham values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability and Service Commitment, Decisiveness, Innovation and Thoughtful Risk; and how we treat each other: Diversity and Inclusion, Integrity and Respect, Learning, Continuous Improvement and Personal Growth, Teamwork and Collaboration Additional Job Details (if applicable) - M-F 9:00am – 5:30pm EST schedule required for remote role - Quiet, secure, stable, compliant work station required Remote Type Remote Work Location 121 Innerbelt Road Scheduled Weekly Hours 40 Employee Type Regular Work Shift Day (United States of America) Pay Range $22.22 - $31.71/Hourly Grade 4 At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package. EEO Statement: 0100 Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran’s Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at (857)-282-7642. Mass General Brigham Competency Framework At Mass General Brigham, our competency framework defines what effective leadership “looks like” by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.

• Engage with engineering teams to promote security-aware development of Red Hat technologies/solutions. • Understand current and emerging threats impacting the enterprise product, service and supply chain space. • Analyze complex software systems and identify potential weaknesses in their architecture and dependency trees. • Plan and carry out threat modeling activities, and realistic threat simulations across products, services and their productization pipelines. • Consult with software developers, product and pipeline teams on improved security architecture. • Ensure that product roadmaps and new features mitigate risk, adhere to security policies, and provide customers with minimal security risk. • Contribute to customer facing security documentation, reference, and other data as used by the Common Vulnerabilities and Exposures (CVE) pages. • Promote Red Hat Product Security efforts within the community and the greater public. • Communicate effectively and efficiently with various internal stakeholders about security issues and vulnerabilities.

• Lead the development, implementation, and ongoing improvement of CareOregon’s information security program • Partner with leaders across the organization to strengthen security governance, reduce risk, and ensure compliance with regulatory and industry standards • Oversee security operations, incident response, vulnerability management, and third-party risk • Provide strategic guidance on secure architecture and emerging threats • Manage a high performing security team and foster strong collaboration with internal stakeholders and external partners to maintain a resilient enterprise security posture