Welcome James C. Murphy to everythingEHR: Senior Information Security Specialist
Jim is an IT Security consultant with 30+ years’ experience, predominantly in healthcare. He was introduced to us by one of our excellent Behavioral Health EHR vendors: Integrity Support. He recently retired from the State of North Carolina, where his last position was Senior Information Security Specialist within the Office of Internal Audit (OIA) in the NC DHHS. He provided information security expertise for audit planning, follow-up review of previous audits and assisted in system access management and updating the OIA business continuity plan. Earlier he was the Information Security Architect in the Office of MMIS Services of NC DHHS, providing information security consulting for major development projects, including the NCTracks system, and the State Health Information Network planning project. Prior to, Jim was a HIPAA Security consultant at the UNC Health Care System; assisting in risk analyses, documentation, and BC/DR planning. He also directed IT technology for UNC School of Public Health and lent his expertise as a consultant to leading Electronic Health Record vendors.
He is a member of the Information Systems Security Association (ISSA) Raleigh Chapter, and the North Carolina Healthcare Information and Communications Alliance (NCHICA), serving on the Privacy and Security Work Group (PSWG), and co-founded the Health Care IT-IS Internal Auditors Task Force (HCIIA) under the PSWG. He was also a contributing author for the (ISC)2 HealthCare Information Security and Privacy Practitioner (HCISPP) offered earlier in 2014. Jim has written (published), taught and spoken on information security management, service continuity, security auditing and security certification training to diverse audiences. Jim has an MS in Information Science from the UNC School of Information and Library Science, and holds GSEC, CISSP, ISSMP, CISA and CISM certifications.
James C. Murphy – Current expertise/experience:
Consulting to establish or augment a security management structure
Work force awareness and training
Creation/review of security plans
Security architecture design and review
Creation/review of security policies/procedures/standards
Creation/review of BC/DR plans
Vendor assessment and selection
Regulatory compliance (e.g., HIPAA, NIST, ISO, SOX)
Security and/or risk assessments/audits
Business criticality and vulnerability assessments
Working with internal or external auditors for evidence gathering
Security of large system development projects
You can review Jim’s Curriculum Vitae: JCMres15b. Be prepared to have your head spin!
We are proud to offer his expertise to our EHR vendors and Behavioral Health organizations.
Have a question for Jim?