POSITION: DATA ANALYST & INFORMATION SECURITY OFFICER WORK STATION: NAIROBI REPORTING TO: CHIEF TECHNICAL OFFICER DIRECTLY SUPERVISES: NO MANAGEMENT RESPONSIBILITY _________________________________________________________________________________ ABOUT CAREPAY: CarePay Ltd (“CarePay”) is a young and fast-growing company with the ambition and ability to transform the healthcare sector in Africa through cloud based- and mobile technology. We are a mobile health exchange where digital payment streams and information are connected to medical data, thus improving quality of care, reducing cost of care and creating transparency and accountability. Our platform is currently being used by over 200,000 users and is being installed at more than a 1000 healthcare providers throughout Kenya, and through it people are able to transfer, receive and pay with health-related funds and benefits on their mobile phone.
Our mission is to Connect Everyone, Everywhere to Better Healthcare, we make our mission come alive through close partnerships with well-known companies such as Vodafone and Safaricom (Kenya’s largest mobile network operator and the company behind the world’s most successful mobile payment platform: M-PESA), and with some of the largest and most successful pharmaceutical companies in the world. We have strong financial backing from both private equity and a well-known Kenyan foundation, and are looking for colleagues who are among the best of the best to make our ambition come alive.
MAIN PURPOSE OF JOB:
The Data Analyst & Information Security Officer is responsible for: – • Data Analysis: that involves design, development and analysis of data from multiple data sources with the purpose of supporting CarePay’s operational and strategic decision-making.
• Information Security: ensuring appropriate controls are in place for the security of information assets ensuring compliance with all regulatory requirements, and internal policies, procedures and standards. In addition, safeguards information by ensuring that security risks are identified, assessed and reported.
DUTIES AND RESPONSIBILITIES:
Page 2 of 3
• Identify areas to increase efficiency and automated data processes. • Identify, evaluate and implement external services and tools to support data validation and cleansing. • Produce and track key performance indicators and develop and support reporting processes • Liaise with internal and external clients to fully understand data content • Manipulate, analyze and interpret complex data sets relating to the CarePay’s business • Pull and integrate data from disparate sources (e.g. cost and claims or clinical data) • Delve into data to discover discrepancies and patterns • Build models that capture a wide range of health care indicators and trends. • Present and explain information in a simple and complete way • Collaborate with management and internal teams to implement and evaluate improvements • Exercise independent judgment and discretion in the preparation of both client reports and internal analysis
Information Security Officer:
• Be the internal and external IT Security expert • Create the companies’ procedures, policies and processes around data and IT security and enforce them • Set the standards and policies around data transmission, security for access controls, audit trails, event reporting, encryption and integrity controls. • Develop Disaster Recovery and Emergency operating procedures. • Maintain the IT Security Incident Response process and protocols. • To Develop secure business and data sharing policies and practices and audit compliance to this. • Ensure Security policy enforcement to ensure Personnel only have access to the sensitive information for which they have appropriate authority and clearance. • To continually anticipate new threats and actively work towards preventing them from occurring. Work to reduce CarePay Operational risk and impact in the face of a security attack. • Conduct functionality and gap analyses to continually access the company’s compliance within the statutory and the regulatory framework and or within any guidelines from relevant bodies or audit recommendations with regards to data security and integrity. • Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards. • Evaluate and recommend new information security technologies and counter-measures against threats to information or privacy. • Ensure compliance through adequate training programs and periodic security audits. These audits should be both internal and external in nature. _________________________________________________________________________________
KEY PERFORMANCE MEASURES: 1. Monthly and quarterly reporting 2. Quick turnaround for ad-hoc reports 3. Audits completed on data and processes 4. Procedures for security and privacy
Page 3 of 3
EDUCATIONAL QUALIFICATIONS, KNOWLEDGE & EXPERIENCE: • Bachelor degree in Health Informatics, Statistics, Mathematics, economics, computer science/IT or a related field • At least 3 years of relevant experience • Experience in data analysis and visualization methods • Understanding of healthcare procedures • Knowledge of Extract, Transform and Load (ETL) frameworks • Proficient in SQL and analysis tools • Familiarity with data analysis and statistical methods. • Experience in developing and administering an information security program • Working knowledge of and experience in the policy and regulatory environment of information security • An understanding of confidentiality and data protection issues.
KEY SKILLS AND COMPETENCIES: • Good analytical, logical and problem-solving skills • Outstanding organizational and problem-solving aptitude • Excellent oral and written communication skills with good experience of writing reports • Strong interpersonal skills with ability to work with cross cultural and diverse people and teams • Ability to manage multiple projects occurring simultaneously • Customer care, collaboration and team working skills • Demonstrable networking and external relations skills • Excellent Eye for details • Training and facilitation skills • Computer proficiency including word processing and fluency in spreadsheets • Flexible and ability to adapt or change to new situations and handle high levels of uncertainty • Proven ability to maintain confidentiality and be discreet at all times • Personal qualities of integrity, credibility, professionalism and a commitment to CarePay’s mission