Ronnie D. Kelley

**** **** ******** ******

Fresno CA 93720

Mobile 559-***-****

acel7i@r.postjobfree.com

KEY SKILLS

• Executive level health care management Chief Information Officer, Chief Information Security

Officer, Program Manager, Privacy and Compliance Officer, Project Manager

• Almost 10,000 hours in IT infrastructure, application and IT construction management

• Outstanding tactical and strategic planning skills, organizational development, team leadership and

mentoring, business analysis and budgetary development.

• Demonstrated abilities in team development, mentoring, empowering individuals through decision

making skills

ASSOCIATIONS

• Building Industry Consulting Services International (BICSI)

• Information Systems Audit and Control Association (ISACA)

• American Health Information Management Association (AHIMA)

• Project Management Institute (PMI)

CERTIFICATIONS

• ISACA Certified Information Security Manager (CISM) – Certification Number 0912851

EDUCATION

• Master of Public Administration Degree - Troy University

• Bachelor of Applied Science Degree in Business Management - Wayland Baptist University

PROFESSIONAL EXPERIENCE

Senior Information Technology & Security Consultant – Intellix – Nationwide (February

2014 to Present)

• Program Manager and SME for Healthcare Information Technology to include: Information and

Physical Security, HIPAA Privacy and Security Guidelines, Disaster Recovery & Business

Continuance, Healthcare Construction, and Network Management. Provided information security

consultation to numerous organizations using COBIT, ISO 27001/27002, PCI-DSS, NIST and

other prevailing standards.

• Perform as Interim Information Security Officer for healthcare clients – developing information

security department, strategic/tactical budget, policies and procedures.

Director, Information Technology – Vista Community Clinic – Vista CA (June 2012 to

March 2014)

• Leading a staff of 19 technologists, providing IT, data & telecommunications, governance & risk

management support for large non-profit community healthcare system of over 60,000 patients

per year -- consisting of 6 clinics and a staff of 550 staff personnel and 100 physicians.

• Developed 3 year information technology strategic plan for organization to include operation and

capital budgets and technology roadmap ensuring that VCC will stay current in technology

platforms.

• Leading the Meaningful Use attestation efforts at the clinic – successfully attested 13 providers in

2012 and have submitted attestation documentation for 40 in 2013.

• Internal project manager for 2 major EHR/EPM upgrades, i2iTracks implementation, and ICD-10

project.

• As Director of Emergency Planning and IT Disaster Recovery Planning, revamped program to

include quarterly disaster/emergency scenarios.

• Implemented the Omnibus HIPAA rule set for Business Associate Agreements, Notice of Privacy

of Practices, and breach notification policies.

• As the Information Security Officer, implemented a two-factor authentication program for PCI-

DSS compliance and implemented an Intrusion Prevention Detection System, and desktop,

server encryption program.

• Rewrote all information security and privacy policies to ensure that they met the latest

requirements of HIPAA and HiTech.

Senior Project Manager and Consultant (Independent Contractor) - San Diego CA (June

2011 to June 2012)

• Managed project team for large healthcare system’s multi-service on-site teams, comprised of

both internal and external resources – completed Active Directory and data and print

consolidation and migration projects on time and on budget.

• Performed information security and privacy consulting services for local pharmaceutical and

digital pathology companies reviewing security architecture, function, design, policies, and identity

and access management functions utilizing industry best practices including: ISO, COBIT,

HIPAA, and HITECH.

Chief Information Officer - Tulare Regional Medical Center (TRMC) – Tulare CA (January

2010 to June 2011)

• Directed IT services for 750-person, 120-bed medical facility and 7 rural healthcare clinics located

throughout the region.

• Conducted advanced technology strategy, design and execution including virtualization and

automation efforts – virtualized over of the data center’s server population.

• Established Meaningful Use initiative and executive advisory committee within hospital and rural

health clinics. Managed the MU effort by developing a tracking and reporting system that

reported on the design, implementation and reporting/monitoring progress against CMS’s MU

targets and goals.

• Developed change management program for vendor and non-vendor supported systems

(including new EHR systems) to ensure that all changes to environment were appropriately

tracked and MU targets were being met.

• Oversaw the organization’s Information Security and Privacy governance risk assessment which

resulted in the implementation of intrusion prevention and detection system (IPDS), encryption of

mobile devices, data leakage prevention, and stronger access management of information

systems.

• Led successful implementation of the NextGen Enterprise Practice Management (EPM) solution

within the TRMC clinical operations environment – on time and on budget. Developed new

information security requirements including role based security.

• Developed tactical and strategic plans for organization including the IT tactical planning and

design process for 3 new rural health clinics. Planning included defense in depth model to

support HIPAA and HiTech requirements.

Director, Information Security – Catholic Healthcare West (July 2008 to November 2009)

• Provided departmental leadership for 25 on-site and 30 off-site information security professionals

charged with data security and directory services for a 42-hospital system with over $8 billion in

revenue, 58,000 employees and 8,700 acute care beds.

• Responsible for strategy and framework to assure information security, including development of

long term security strategies that led to the implementation of security-related capital projects

valued at over $5 million for FY2010. This included: Intrusion Detection System, Data Loss

Protection, End Point Encryption, and Security Incident and Event Management.

• Managed the off shore transitioning of the information security provisioning team to include

negotiations, project management, training material reviews, application design documents, etc.

• Developed security assessment and risk management program for organization. Conducted over

300 application security assessments on existing and in-flight applications and projects -- the

result: reduced the number of information system variances from over 700 to 100 within one

year.

• Served as the information security subject matter expert for the ARRA HITECH – provided

briefings on new security/privacy criteria to senior leadership and departmental management

teams.

• Selected by the CIO to lead the Information Technology departmental efforts to prepare for CHAN

IT Audit review. Reviewed each finding or potential finding and ensured mitigation strategies

were in place or the issue was closed prior to audit. Conduct audit requirements for all three CHW

states (California, Arizona, and Nevada and determined how each state role pertained to HIPAA

and HiTech reporting requirements.

• Conducted annual Privacy and Information and Security Awareness Training for 42 hospitals on a

bi-annual basis. Including implementing a HIPAA monthly notification letter that provided trending

on the latest issues.

Managing Consultant – IBM (October 2002 to July 2008)

• Program Manager and SME for Healthcare Information Technology to include: Information and

Physical Security, HIPAA Privacy and Security Guidelines, Disaster Recovery & Business

Continuance, Healthcare Construction, and Network Management. Provided information security

consultation to numerous organizations using COBIT, ISO 17799/27002, PCI-DSS, NIST and

other prevailing standards.

• Technical Security Consultant & Project Lead (Central California) for state-wide California

Child Support Automated Systems (CCSAS) project, implementing a new child support

enforcement system throughout all 58 counties within the state of California.- including security

architecture and framework design, network security, and performing network assessments at

client sites. As Central California Team Lead, managed implementation efforts for all desktop,

server, and network switch implementations through Central California counties.

• Interim Chief Information Security Officer (CISO) at UT Southwestern in Dallas TX. Served

as UTSW’s first Director of Information Security – developed security practice and built

department that provided oversight of IT technical, administrative and physical security controls to

an organization of 2 hospitals, 20 clinics, a large School of Medicine, over 11,000 users and a

$1.2 million dollar security operations and capital budget.

• Project and Program Director at Stanford University Medical Center - Managed network

operations and infrastructure projects for 2 large hospitals and over 20 clinics and provided

design and implementation oversight of the IT construction portion of the Stanford Cancer Center.

Manager of Technical Services – TEKsystems Inc – San Antonio & Austin TX (January

2000 to October 2002)

• Supervised a staff of 35+ technical professionals in the San Antonio and Austin offices –

providing coverage to the entire South Texas area. Reduced bench time to 15% within the first 60

days of assignment – and increased consultant profitability by over 20%. Managed all contractor

relationships and contract-related issues.

• Project manager for the Texas rollout of national project to replace network electronics in Wal-

Mart and Sam’s Clubs – over 100 locations.

• Planned and delivered 400+ computer/server data transfer and erasure project for the Bush-

Cheney National Campaign – Result: On-time and under budget.

• Planned and delivered 2600+ Dell PC installation/deployment project for large school district –

result: delivered early and under budget despite numerous change controls.

Director of Operations and Sales - Alamo Technologies Inc – San Antonio TX (September

1996 to January 2000)

• Developed and implemented corporate sales strategy for local and state-wide accounts,

developed oral and written presentations to clients, and created client proposals. Responsible for

overall client satisfaction.

• Designed, planned, and delivered multi-million dollar LAN-WAN construction project for large

Department of Defense installation. Developed statement of work, Request for Proposal,

conducted vendor conferences and vendor selection, and performed all contract (including

subcontract) administration and compliance for client.

• Directed a team of over 15 full-time network engineers, computer technicians, and cable

installation technicians covering the entire South and West Texas areas.

• Managed large state-wide cable & telephony installation program for State of Texas Department

of Transportation.

• Provided installation of horizontal cable plant and network installation of multiple school districts

within south and southwest Texas.

Senior Information Systems Management Officer – United States Air Force (February

1983 to September 1996)

• Supported Department of Defense communications and information systems management

requirements to include: IT construction projects, infrastructure deployment and software

development & deployment. Ensured COMSEC/OPSEC compliance.

• Managed installation communications related plans, information resources, communications,

contract management, and information engineering efforts. Conducted strategic planning.

Developed and wrote plans, programs, and policies. Coordinates plans to ensure coherent

planning efforts.

• Decorations include: Meritorious Service Medal, Joint Service Commendation Medal, Air Force

Commendation Medal (4), Humanitarian Service Medal (2) Joint Service Achievement Medal and

Air Force Achievement Medal.

• Awards and Honors: Alaskan Air Command Company Grade Officer of the Year, Air Training

st

Command Officer Instructor of the Year, Military Airlift Command & 21 Air Force Information

Systems Officer of the Year, and Air Force Communications Command Training Manager of the

Year.

Contact this candidate