Profiles search
Charles Hutchings
Director of MIS and Information Security Officer
Maynard, MA, United States
Details
Experience:
2021 : Present
Acton Medical Associates, PC
Director of MIS and Information Security Officer
2020 : 2021
Rocket Software
Security Analyst II
2019 : 2020
Enterprise Bank (Enterprise Bancorp)
Operational Risk Analyst
- As a member of the Information Security and Privacy committee ensure the instate has appropriate safeguards in place to comply with the HIPAA Security Rule.
- Develop and maintain Institute wide information security policies and procedures.
- Develop and conduct workforce trainings to promote information security policies and best practices.
• Investigate and report on information security incidents.
- Develop corrective action plans in response to incidents.
- Prepare quarterly presentations for the Information Security Officer to report to the institute’s compliance committees.
- Act as a point of contact for all workforce members to answer any information security questions
- Develop a phishing awareness campaign.
o Choose phishing simulations that mimic real world phishing attacks.
o Analyze phishing simulation results to determine workforce susceptibility to different triggers.
o Develop and conduct phishing training for individuals and departments.
- Perform assessments of third party organizations with access to institute data.
- Implement and maintain Symantec Endpoint DLP.
o Develop DLP policies to ensure confidential data is leaving the institute in a secure manor.
- Conduct on site walkthroughs of departments to ensure compliance of Information Security Policies.
- Work with business data owners to conduct internal risk assessments.
- Oversee the annual, institute wide, third party HIPAA based risk assessment.
2016 : 2019
Dana-Farber Cancer Institute
Senior Information Security Analyst
- Member of the HIPAA compliance committee.
- Actively participate in risk assessments.
- Assist in creating and maintaining HIPAA compliant policies and procedures.
- Develop privacy and security training material for Acton Medical Associates, PC employees
- Lead training sessions for Acton Medical Associate, PC employees.
- Write up a quarterly newsletter for all Acton Medical Associates, PC employees that included
HIPAA privacy and security tips.
- Participate in HIPAA audits.
- Develop a Massachusetts compliant Written Information Security Plan (WISP).
- Lead IT projects.
- Implantation and roll out of Symantec Endpoint Protections.
- Implementation of Distributed File System.
- Rolling out automatic windows updates using a WSUS server.
- Reorganization the Microsoft Active Directory Environment so the securities can be more
intuitively managed.
- Implement voice recognition software Dragon Naturally Speaking 12 Network Edition.
- Provide Technical support to all employees of Acton Medical Associates, PC.
- Work closely with the applications department to troubleshoot technology issues affecting the EMR.
- Assist in testing and deploying Touchworks EMR updates.
- Manage the Avaya phone system.
- Microsoft Exchange administrator
- Disaster recovery team member.
- Manage the daya to day operations of a small IT staff
2013 : 2016
Acton Medical Associates, PC
Manager of Information Technology
Acton Medical Associates, PC
Director of MIS and Information Security Officer
2020 : 2021
Rocket Software
Security Analyst II
2019 : 2020
Enterprise Bank (Enterprise Bancorp)
Operational Risk Analyst
- As a member of the Information Security and Privacy committee ensure the instate has appropriate safeguards in place to comply with the HIPAA Security Rule.
- Develop and maintain Institute wide information security policies and procedures.
- Develop and conduct workforce trainings to promote information security policies and best practices.
• Investigate and report on information security incidents.
- Develop corrective action plans in response to incidents.
- Prepare quarterly presentations for the Information Security Officer to report to the institute’s compliance committees.
- Act as a point of contact for all workforce members to answer any information security questions
- Develop a phishing awareness campaign.
o Choose phishing simulations that mimic real world phishing attacks.
o Analyze phishing simulation results to determine workforce susceptibility to different triggers.
o Develop and conduct phishing training for individuals and departments.
- Perform assessments of third party organizations with access to institute data.
- Implement and maintain Symantec Endpoint DLP.
o Develop DLP policies to ensure confidential data is leaving the institute in a secure manor.
- Conduct on site walkthroughs of departments to ensure compliance of Information Security Policies.
- Work with business data owners to conduct internal risk assessments.
- Oversee the annual, institute wide, third party HIPAA based risk assessment.
2016 : 2019
Dana-Farber Cancer Institute
Senior Information Security Analyst
- Member of the HIPAA compliance committee.
- Actively participate in risk assessments.
- Assist in creating and maintaining HIPAA compliant policies and procedures.
- Develop privacy and security training material for Acton Medical Associates, PC employees
- Lead training sessions for Acton Medical Associate, PC employees.
- Write up a quarterly newsletter for all Acton Medical Associates, PC employees that included
HIPAA privacy and security tips.
- Participate in HIPAA audits.
- Develop a Massachusetts compliant Written Information Security Plan (WISP).
- Lead IT projects.
- Implantation and roll out of Symantec Endpoint Protections.
- Implementation of Distributed File System.
- Rolling out automatic windows updates using a WSUS server.
- Reorganization the Microsoft Active Directory Environment so the securities can be more
intuitively managed.
- Implement voice recognition software Dragon Naturally Speaking 12 Network Edition.
- Provide Technical support to all employees of Acton Medical Associates, PC.
- Work closely with the applications department to troubleshoot technology issues affecting the EMR.
- Assist in testing and deploying Touchworks EMR updates.
- Manage the Avaya phone system.
- Microsoft Exchange administrator
- Disaster recovery team member.
- Manage the daya to day operations of a small IT staff
2013 : 2016
Acton Medical Associates, PC
Manager of Information Technology
Company:
Acton Medical Associates, PC
Profile Photo
