System Director of Privacy & Privacy Officer

Work whereevery momentmatters. Every day, more than 40,000 Hartford HealthCare colleagues come to work with one thing in common: Pride in what we do, knowing every moment matters here. We invite you to become part of Connecticutu2019s most comprehensive healthcare network. Hartford HealthCare is transforming healthcare across Connecticut and beyondu2014enhancing access, affordability, health equity, and excellence. Spanning 500 locations across 185 towns and cities, our comprehensive care-delivery system is built to serve every community, every day. From world-class hospitalsu2014including two tertiary-level teaching hospitals, an acute-care community teaching hospital, an acute-care hospital and trauma center, and three community hospitalsu2014to an expansive network of behavioral health services, multispecialty physician groups, urgent and virtual care, surgery centers, home care, senior care, rehabilitation, and mobile neighborhood health programs, Hartford HealthCare is there when and where it matters most. We touch the lives of nearly 28,000 people every single day, delivering unparalleled care through our unique Institute Modelu2014bringing together leading experts in neuroscience, cancer, digestive health, heart and vascular care, orthopedics, and urology & kidney health to provide a unified, high standard of care at the most affordable cost. Position Summary: The System Director of Privacy (Privacy Officer) serves a key strategic advisor to executive leadership providing authoritative guidance on enterprise privacy risks, emerging regulatory trends, digital transformation initiatives, and organizational readiness. The System Director will establish systemwide privacy vision and strategic direction, developing governance structures, and ensuring consistent implementation across all regions, service lines, and affiliated entities. The System Director will maintain enterprise accountability for compliance with federal and state privacy laws, emerging regulatory frameworks, artificial intelligence (AI) governance standards, and all policies and procedures related to the protection of confidential patient, colleague, and business information. Key Accountabilities: Leads the development and execution of the enterpriseu2011wide privacy strategy by setting the systemu2019s privacy vision, strategic priorities, and governance structures. Advises executive leadership on complex privacy risks, emerging issues, and system readiness through reports, analyses, and formal guidance materials Oversees the systemu2011wide privacy risk management framework, conducting continuous and datau2011driven risk assessments of internal operations, vendors, and business associates Maintains expert knowledge of AI governance frameworks, emerging privacy technologies, and crossu2011state privacy legislation. Translates emerging trends into enterprise policies, governance models, and strategic recommendations for executive leadership Oversees governance of secondary uses of health and personal data, including research, analytics, quality improvement, innovation, population health, AI training, and datau2011sharing initiatives, ensuring ethical use, regulatory compliance, and alignment with organizational values Serves as the systemu2019s executive lead for privacy incident response, overseeing all investigations involving potential HIPAA Privacy Rule breaches. Directs Incident Response Team (IRT) operations, interfaces with cyber insurance carriers, oversees investigative timelines, and prepares formal responses for executive leaders and regulatory bodies at the state and federal levels Provides dayu2011tou2011day executive oversight of the enterprise privacy function, including management of the compliance reporting system, incident investigation database, and all associated data, documentation, and reporting workflows Oversees consistent and defensible risk analyses for all impermissible uses or disclosures of PHI to determine whether an incident constitutes a reportable breach under the HIPAA Breach Notification Rule Directs the development, implementation, dissemination, and continuous improvement of privacy policies and procedures ensuring alignment with regulatory requirements, organizational needs, and industry best practices Leads all privacy components of mergers, acquisitions, joint ventures, affiliations, and clinical partnerships Oversees development and delivery of systemu2011wide privacy training, orientation, and education programs for employees, volunteers, providers, and affiliated workforce Maintains expert knowledge of federal and state privacy requirements, accreditation standards, and evolving industry trends Oversees the enterprise Privacyu2011byu2011Design framework to ensure privacy considerations are embedded into new technologies, digital health solutions, AI models, clinical innovation projects, and operational workflows prior to implementation Oversees enterprise privacy elements of the vendor and thirdu2011party risk management program ensuring business associates, technology vendors, cloud solutions, and datau2011sharing partners meet organizational privacy requirements and comply with contractual and regulatory obligations Masteru2019s or other advanced degree is required Ten plus years of health care compliance and privacy experience, preferably in a large healthcare system setting or in a legal, advisory or consulting capacity Ten plus years of progressive leadership experience is required At least one privacy certification from either the Health Care Compliance Association (eg. CHPC) or International Association of Privacy Professionals (eg. CIPP) is required Strong knowledge of applicable privacy laws and regulations Visible leader with excellent interpersonal communication skills who relates well with all levels of the organization A creative, forward-thinking leader with the proven ability to engage, coach and mentor direct reports, colleagues and other key stakeholders Ability to analyze complex problems and develop effective solutions for correction. Regularly exercises independent judgment in solving day-to-day privacy matters Ability to effectively work with and coordinate the activities of outside consultants and legal counsel High level of integrity and trust We take great care of careers. With locations around the state, Hartford HealthCare offers exciting opportunities for career development and growth. Here, you are part of an organization on the cutting edge u2013 helping to bring new technologies, breakthrough treatments and community education to countless men, women and children. We know that a thriving organization starts with thriving employees-- we provide a competitive benefits program designed to ensure work/life balance. Every moment matters. And this isyour moment. Job: Management / Administration Organization: Hartford HealthCare Corp. Title: System Director of Privacy & Privacy Officer Location: Connecticut-Hartford-100 Pearl Street Hartford (10484) Requisition ID: 26156037 Other Locations: Connecticut-Hartford-560 Hudson St HH E&R Ctr (10058)

Created: 2026-04-23