GRC Support Analyst

Responsibilities

Artificial Intelligence;
Advanced Technology;
The very best in patient care. With decades of expertise, Rad Net is Leading Radiology Forward. With dynamic cross-training and advancement opportunities in a team-focused environment, the core of Rad Net’s success is its people with the commitment to a better healthcare experience. When you join Rad Net as a GRC Support Analyst
, you will be joining a dedicated team of professionals who deliver quality, value, and access in the 21st century and align all stakeholders- patients, providers, payors, and regulators to achieve the best clinical outcomes.

• Support the evaluation of IT systems, processes, and policies against regulatory requirements and industry standards.
• Stay informed on evolving regulations, industry standards, and best practice in IT compliance.
• Help develop, update, and maintain IT policies, procedures, and guidelines in alignment with industry standards, compliance frameworks, and regulatory requirements (e.g., SOC 2, ISO 27001, NIST, HIPAA, GDPR, SOX).
• Support internal stakeholders in understanding and implementing compliance requirements.
• Work with IT Cyber and Security teams, Compliance, Legal, Internal Audit, and External Auditors, as well as act as a member of Rad Net’s IS Policies and Procedures Committee.

• Work closely with key stakeholders to conduct business impact assessments across multiple areas of the business.
• Maintain Rad Net’s enterprise risk register.
• Support ongoing risk assessments to identify, analyze and mitigate security and compliance risks.
• Develop and maintain risk scoring processes and documents
• Assist in third-party vendor risk management (VRM) by evaluating security controls and compliance posture.

• Align policies and procedures with documentation requirements for all required compliance frameworks.
• Identify process and procedure gaps between current IT practices and compliance requirements, and collaborate with internal stakeholders to develop and implement necessary workflows.
• Support internal and external audits (SOC 1&2, HIPAA, SOX etc.) by gathering evidence and ensuring control effectiveness.
• Coordinate with cross-functional teams to address compliance gaps and implement corrective actions.
• Document audit compliance activities and track remediation efforts to completion.

• Work closely with key stakeholders and system owners in the ongoing development of BC/DR plans.
• Regularly update and test BC/DR plans to ensure readiness in the event of an incident.
• Help ensure BC/DR documentation aligns with operational resilience requirements.

• Support initiatives related to data security awareness training.
• Assist in the development of security awareness programs to educate employees on security best practices.
• Collaborate with IT security and compliance teams to ensure secure data handling and protection measures. Collaborate with Compliance Team to develop, track, and report on Security related training initiatives.

• Provide application data and user activity information for Legal requests.
• Analyze surveillance footage in support of Legal discovery process.
• Coordinate with Operations and Compliance in investigating and fulfilling medical records requests.
• Support internal teams by providing key application data as needed.

• Create and maintain data flow diagrams and workflow diagrams as needed to support security, compliance, and operational initiatives.
• Collaborate with IT and business teams to ensure diagrams accurately represent current processes and data flows.

• Passionate about patient care and exercise sound judgement and an ability to remain professional in all situations.
• You demonstrate effective and professional communication, interpersonal skills and respect with patients, guests & colleagues.
• You have a structured work-approach, understand complex problems and you are able to prioritize work in a fast-paced environment.