Director Data Protection

HCA Healthcare Director Data Protection Nashville , Tennessee Apply Now

Do you have the career opportunities as a(an) Director Data Protection you want with your current employer? We have an exciting opportunity for you to join HCA Healthcare which is part of the nation's leading provider of healthcare services, HCA Healthcare.

HCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include:

Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical transportation.

Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more.

Free counseling services and resources for emotional, physical and financial wellbeing

401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service)

Employee Stock Purchase Plan with 10% off HCA Healthcare stock

Family support through fertility and family building benefits with Progyny and adoption assistance.

Referral services for child, elder and pet care, home and auto repair, event planning and more

Consumer discounts through Abenity and Consumer Discounts

Retirement readiness, rollover assistance services and preferred banking partnerships

Education assistance (tuition, student loan, certification support, dependent scholarships)

Colleague recognition program

Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence)

Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income.

Learn more about Employee Benefits (

Note: Eligibility for benefits may vary by location.

Our teams are a committed, caring group of colleagues. Do you want to work as a(an) Director Data Protection where your passion for creating positive patient interactions is valued? If you are dedicated to caring for the well-being of others, this could be your next opportunity. We want your knowledge and expertise!

Job Summary and Qualifications

Position Summary

The Director of Data Protection is a core member of the HCA Information Protection & Security program reporting to the AVP of Business Risk Solutions. The Director of Data Protection is responsible for leading the design and implementation of a data protection architecture that aligns with HCA Healthcare's Information Governance and Data Protection policies and standards. The position will be responsible for ensuring that the organization's data (digital and paper) is properly classified, secured, and managed throughout its lifecycle, in compliance with legal and regulatory requirements, and in accordance with best practices. The Director of Data Protection will also work closely with key stakeholders across the business, including all teams within Information Protection & Security, Legal, Internal Audit, ITG, and Business Units to provide guidance and support on data protection issues and initiatives.

Major Responsibilities:

Quality

Develop and maintain a data protection framework that defines the policies, standards, processes, and controls for data protection across the organization.

Resolves complex storage, accession, retention, and destruction problems.

Conduct data protection assessments and audits to identify and mitigate data protection risks and gaps.

Implement and oversee data protection configurations, solutions, and tools, such as data encryption, data masking, data loss prevention, data retention, and data disposal.

Develop and monitor key performance indicators (KPIs) to report on the effectiveness and performance of data protection activities and metrics.

Partner with IPS Workforce Behavior to develop and deliver communications, awareness, and training designed to drive promotion and adoption of the program and compliance with requirements.

Collaborates with IPS Field Operations to drive program compliance with divisions, facilities, and iLOBs.

Work with Internal Audit to incorporate data protection controls into recurring audits to monitor adoption and compliance with high priority requirements.

Service

Lead the development and execution of objectives and key results for each team

Lead the team in strategic planning to keep the rolling 36 month roadmap current, including anticipated FTE and licensing/professional services spend

Lead the team in facilitating and guiding business decisions and solutions

People

Delegate responsibility and accountability for major work (including setting due dates and identifying key milestones) based on staff competency and interest

Establish mutual objectives and targets for team members

Mentor team members, including developing and monitoring their personal development plans, and provide feedback via the annual performance review process

Promote a culture of collaboration, work/life balance, and open communication and that encourages innovation in problem solving; and a culture

Lead the team through organization change management

Growth

Monitor developments in related industries and communicate on the potential impact on or applicability to the organization including latest developments and trends in data protection laws, regulations, standards, and best practices.

Build rapport, credibility, and cohesion within IPS and with other stakeholders across the enterprise

Participate in educational opportunities to build and maintain team knowledge of evolving data protection, risk management, compliance, information security, and privacy concepts

Finance

Responsible for ensuring proposed future work efforts/projects are appropriately captured with labor and spend estimates and submitted for leadership prioritization and funding

Responsible for tracking spend against yearly budgets and for staying within budget

Performs other duties as assigned

Practices and adheres to the “Code of Conduct” philosophy and “Mission and Value Statement”

Strong knowledge and understanding of data protection laws, regulations, standards, and best practices, such as HIPAA, GDPR, CPRA, and NIST

Ability to effectively manage multiple priorities in a fast-paced environment

Excellent written and verbal communication skills; interpersonal and collaborative skills; the ability to communicate privacy, security, and risk-related concepts to technical and nontechnical audiences; persuasive, encouraging, motivating, and inspiring; the ability to listen and understand

Exposure to strategy, management, and/or operations in a number of healthcare and/or business functional areas

Independent, yet collaborative; respected by peers and others

The ability to think and act: decisiveness, assertiveness, with the ability to achieve results quickly

High degree of initiative, dependability, and the ability to work with minimal supervision

A sense of responsibility and accountability – someone who takes ownership and initiative

Creative thinker, always looking for a “better way” to deliver value; not stopped or discouraged by adversity

Respect for diversity of experience, characteristics, viewpoints, and opinions

Adaptable and flexible, with the ability to handle ambiguity and sometimes changing priorities

Demonstrated ability to effectively lead teams with diverse interests and skills

Strong organizational and interpersonal skills

Ability to elicit cooperation from a wide variety of resources, including peers, IPS management, other business units, and company leadership

Ability to define, learn, understand, and apply new technologies, methods, and processes

Professional demeanor, appearance, and positive attitude

Education & Experience:

Bachelor's degree Computer Science Required

Master's degree Preferred

5+ years of experience in a leadership role Required

10+ years of experience in information technology, data protection, information security, privacy, or information governance. Required

Or equivalent combination of education and/or experience

Licenses, Certifications, & Training:

CISSP Preferred

CISM Preferred

CIPP Preferred

CIGP Preferred

Proficiency in data protection tools and techniques, such as data discovery, data masking, data encryption, data deletion, and data lifecycle management

Knowledge, Skills, Abilities, Behaviors:

Service and Quality Excellence: Ability to demonstrate an uncompromising commitment to delivering exceptional care to create an unmatched value proposition for our patients.

Honor our Mission and Values: Ability to build trust and act with authenticity to cultivate a culture of integrity, inclusion, and mutual respect.

Effective Decision Making: Ability to make timely, informed decisions that are in the best interest of our patients, employees, providers, community and HCA.

Attain and Leverage Strategic Relationships: Ability to develop and strengthen collaborative relationships with both internal and external stakeholders to advance the care of our patients and the growth of HCA.

Lead and Develop Others: Ability to lead others to accomplish organizational goals and objectives; provide meaningful coaching and mentoring to increase the capabilities of individuals and teams and drive employee engagement.

Communicate with Impact: Ability to deliver information in a clear, concise, and compelling manner to effectively engage others and achieve desired results.

Achieve Success through Change: Ability to identify opportunities for improvement and innovation, remove barriers and resistance, and enable desired behaviors.

Drive Execution and Financial Results: Ability to commit to the success and financial wellbeing of HCA by challenging others to excel and hold themselves and others accountable for achieving results.

We are comprised of affiliated hospitals, physician practices and other sites of care across the United States and United Kingdom. The Sarah Cannon Cancer Network is transforming cancer care through integrated services and cutting-edge technologies. Our physicians can develop leading oncology programs to advance science and patient care. Providing physician-led patient care offers our doctors access to a national network of experts. This is where multidisciplinary teams come together with a goal of delivering seamlessly coordinated, quality cancer care. Through a united network of globally recognized oncology specialists, we collaborate and share best practices. We address each aspect of the cancer journey, from screening and diagnosis through treatment and survivorship, to advance our shared mission: Above all else, we are committed to the care and improvement of human life.

HCA Healthcare has been recognized as one of the World's Most Ethical Companies by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

"Bricks and mortar do not make a hospital. People do."- Dr. Thomas Frist, Sr.

If you are looking for an opportunity that provides satisfaction and personal growth, we encourage you to apply for our Director Data Protection opening. We promptly review all applications. Highly qualified candidates will be contacted for interviews. Unlock the possibilities and apply today!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.