Gary Isaac

Sarasota FL | gary@thesecurityassessor.com

Professional Summary

Seasoned Health IT professional with 10+ years supporting 100+ clients for ONC-Authorized Test Lab and Certification Body. Expert in healthcare compliance, regulations, and standards. 5 years conducting HITRUST risk-based cybersecurity assessments. CISA and HITRUST CCSFP certified. M.S. in Cybersecurity and Information Assurance.

Skills

  • Emotional intelligence, communication, and interpersonal skills.
  • Network architecture
  • Advanced in all desktop software.
  • Hands on experience with cloud computing
  • Ruby, Python, and Web application frameworks.

Strengths

  • Initiated projects directly with executive leadership.
  • Continuous learning mindset.
  • Comfortable with nuanced issues.
  • Recognized for overseeing high-risk clients.
  • Committed to adding value to compliance testing for all stakeholders.

Work History

Drummond Group

October 2010 - August 2024 | 13 years
Sarasota, Florida (Remote)

Senior Program Engineer
Research, Innovation, and Development
01/2022 – 05/2024

Elevated to the RID team to devise growth strategy and enhance overall company offerings. Teamed up on research, innovation, and development initiatives to improve program effectiveness and efficiency.

  • Carried out in-depth research on regulatory and industry market drivers influencing the adoption of testing and assurance services for AI in the healthcare sector.
  • Built test scripts in alignment with implementation guides, standards, and program specifications to assist clients and facilitate test events.
  • Launched three new certification programs by collaborating with cross-functional teams, addressing challenges common to new initiatives.

Senior Cybersecurity Assessor
HITRUST Services
01/2017 – 12/2021

Received Drummond Group Impact award as pivotal team member from inception to launch of the service line. Advancements three times during five years resulting in Senior HITRUST Assessor role leading special projects. Interacted with all levels of client organizations through the assessment lifecycle.

  • Scoped environment based on the use and flow of covered and/or confidential data.
  • Set boundaries for shared responsibility according to the HITRUST Shared Responsibility Matrix and created test plans and population sampling.
  • Inspected policies and procedures providing templates and advisory where necessary.
  • Examined the implementation readiness of clients with diverse environments and helped resolve gaps or document CAPS before approval for the validated assessment.
  • Assessed organizations of varying size and complexity to compliance with security control requirements.
  • Scored requirement statement evaluative elements to the scope of the assessment according to HITRUST Control Maturity Scoring Rubric.
  • Took clients through the HITRUST QA procedures, resolved issues in draft reports, and conducted exit review of final reports.

Technical Review Manager
Healthcare Compliance Services
01/2019 – 12/2020

Promoted to Technical Review Manager within Drummond Group’s Certification Body. Audited test events performed by the test lab approving the product for certification or sending them back for additional testing. Required deep technical knowledge to pinpoint compliance requirements for the ONC legislation.

  • Evaluated high volumes of attestations each quarter for any required additional testing.
  • Designed unique test plans based on complaints and reportable events to the ONC.
  • Maintained good client relations in high stress situations while ensuring the resolution of non-compliance issues.
  • Coded new automation process, reducing time to review submissions by 10%-15%.

Health IT Test Proctor
Health IT Test Lab
10/2010 – 12/2018

  • Ran functional tests for more than 200 Health IT products to NIST and ONC methods.
  • Demonstrated expert knowledge of the ONC’s standards, particularly in interoperability and data blocking specifications.
  • Prioritized customer relationships, contributing to the Drummond Group Test Lab capturing over 80% of the Meaningful Use certification market.

Education

Master of Science in Cybersecurity and Information Assurance

Western Governors University
05/2020

Graduate Diploma in Institutional Administration

Concordia University
08/1995

Bachelor of Arts, History

Concordia University
05/1991

Certifications

Certified Information Systems Auditor (CISA)

ISACA
2016

Certified CSF Practitioner (CCSFP)

HITRUST Alliance
2024 (Reinstated)