Stephen Collins


Breach Reporting / OCR Investigation Leadership
Information Security Risk Management
Information Security Operations Management
Bachelor of Business Administration Accountancy
Risk Management
HIPAA Security Rule Risk Assessments & Remediation
Critical Infrastructure Security Management
Regulatory Compliance and Reporting
Incident Response / Breach Response
Business Impact Analysis
Breach Reporting
OCR Investigation Leadership
NIST & HITRUST Security Frameworks
Office 365 Security & Compliance Development

Stephen Collins

Information Security Officer | vCISO


Stephen brings executive level, action-oriented leadership experience to augment existing security programs or build out from scratch in practical, relevant terms for the organization. With experience in two highly regulated fields; Healthcare and the Texas Electrical Utility spaces, Stephen has provided information security strategies, services, delivery structures, and processes with strategic direction. He has also directed the processes to establish a Risk Management Program that include the NIST framework and HIPPA regulatory requirements. Assisting organizations through the process of establishing, improving and managing an effective security program to meet the demands of the Healthcare organization. Integrating with information security teams to meet complex compliance requirements.


  • Align Information Security Risk Management processes with established Hospital Quality Management to ensure leadership visibility.
  • Management of third-party InfoSec Security Assessments, and medical device security assessment.
  • Managed Third Party risk assessments.
  • Breach Reporting / OCR investigation leadership.
  • Administer enterprise Information Security training and awareness program.
  • Remote access administration and Multi-Factor Authentication implementation projects.
  • Office 365 security and compliance development.
  • Created Security Program for the enterprise / responsible for Information Security Policy and Procedure creation and compliance.
  • Oversight and direct responsibility for adherence to HIPAA Security Rule.
  • Chair key security working committees.
  • Created Incident response plan / lead Incident response team.
  • Lead InfoSec Risk Management; Information Security Risk Register and Risk Management process.
  • Advisory seat on Executive Committees.
  • Experience in NIST and HITRUST Security Frameworks.
  • Negotiate Business Associate Agreements - work closely with legal counsel.
  • Liaison with Hospital District Police departments and other governmental agencies.
  • Office 365 Security and Compliance administration.


  • University of Texas of the Permian Basin Odessa, TX.  Graduated with Honors.
  • BBA: Accountancy 1990


  • ISC (2) CISSP Certification - member number 479128


    • Office


    • Email