**Description** This position is incentive eligible. **Introduction** Do you have the career opportunities as a(an) Director Data Protection you want with your current employer? We have an exciting opportunity for you to join HCA Healthcare which is part of the nation's leading provider of healthcare services, HCA Healthcare. **Benefits** HCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include: + Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical transportation. + Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more. + Free counseling services and resources for emotional, physical and financial wellbeing + 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service) + Employee Stock Purchase Plan with 10% off HCA Healthcare stock + Family support through fertility and family building benefits with Progyny and adoption assistance. + Referral services for child, elder and pet care, home and auto repair, event planning and more + Consumer discounts through Abenity and Consumer Discounts + Retirement readiness, rollover assistance services and preferred banking partnerships + Education assistance (tuition, student loan, certification support, dependent scholarships) + Colleague recognition program + Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence) + Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income. Learn more about Employee Benefits (https://careers.hcahealthcare.com/pages/employee-benefits-and-rewards) **_Note: Eligibility for benefits may vary by location._** Our teams are a committed, caring group of colleagues. Do you want to work as a(an) Director Data Protection where your passion for creating positive patient interactions is valued? If you are dedicated to caring for the well-being of others, this could be your next opportunity. We want your knowledge and expertise! **Job Summary and Qualifications** Position Summary The Director of Data Protection is a core member of the HCA Information Protection & Security program reporting to the AVP of Business Risk Solutions. The Director of Data Protection is responsible for leading the design and implementation of a data protection architecture that aligns with HCA Healthcare's Information Governance and Data Protection policies and standards. The position will be responsible for ensuring that the organization's data (digital and paper) is properly classified, secured, and managed throughout its lifecycle, in compliance with legal and regulatory requirements, and in accordance with best practices. The Director of Data Protection will also work closely with key stakeholders across the business, including all teams within Information Protection & Security, Legal, Internal Audit, ITG, and Business Units to provide guidance and support on data protection issues and initiatives. Major Responsibilities: Quality + Develop and maintain a data protection framework that defines the policies, standards, processes, and controls for data protection across the organization. + Resolves complex storage, accession, retention, and destruction problems. + Conduct data protection assessments and audits to identify and mitigate data protection risks and gaps. + Implement and oversee data protection configurations, solutions, and tools, such as data encryption, data masking, data loss prevention, data retention, and data disposal. + Develop and monitor key performance indicators (KPIs) to report on the effectiveness and performance of data protection activities and metrics. + Partner with IPS Workforce Behavior to develop and deliver communications, awareness, and training designed to drive promotion and adoption of the program and compliance with requirements. + Collaborates with IPS Field Operations to drive program compliance with divisions, facilities, and iLOBs. + Work with Internal Audit to incorporate data protection controls into recurring audits to monitor adoption and compliance with high priority requirements. Service + Lead the development and execution of objectives and key results for each team + Lead the team in strategic planning to keep the rolling 36 month roadmap current, including anticipated FTE and licensing/professional services spend + Lead the team in facilitating and guiding business decisions and solutions People + Delegate responsibility and accountability for major work (including setting due dates and identifying key milestones) based on staff competency and interest + Establish mutual objectives and targets for team members + Mentor team members, including developing and monitoring their personal development plans, and provide feedback via the annual performance review process + Promote a culture of collaboration, work/life balance, and open communication and that encourages innovation in problem solving; and a culture + Lead the team through organization change management Growth + Monitor developments in related industries and communicate on the potential impact on or applicability to the organization including latest developments and trends in data protection laws, regulations, standards, and best practices. + Build rapport, credibility, and cohesion within IPS and with other stakeholders across the enterprise + Participate in educational opportunities to build and maintain team knowledge of evolving data protection, risk management, compliance, information security, and privacy concepts Finance + Responsible for ensuring proposed future work efforts/projects are appropriately captured with labor and spend estimates and submitted for leadership prioritization and funding + Responsible for tracking spend against yearly budgets and for staying within budget + Performs other duties as assigned + Practices and adheres to the “Code of Conduct” philosophy and “Mission and Value Statement” + Strong knowledge and understanding of data protection laws, regulations, standards, and best practices, such as HIPAA, GDPR, CPRA, and NIST + Ability to effectively manage multiple priorities in a fast-paced environment + Excellent written and verbal communication skills; interpersonal and collaborative skills; the ability to communicate privacy, security, and risk-related concepts to technical and nontechnical audiences; persuasive, encouraging, motivating, and inspiring; the ability to listen and understand + Exposure to strategy, management, and/or operations in a number of healthcare and/or business functional areas + Independent, yet collaborative; respected by peers and others + The ability to think and act: decisiveness, assertiveness, with the ability to achieve results quickly + High degree of initiative, dependability, and the ability to work with minimal supervision + A sense of responsibility and accountability – someone who takes ownership and initiative + Creative thinker, always looking for a “better way” to deliver value; not stopped or discouraged by adversity + Respect for diversity of experience, characteristics, viewpoints, and opinions + Adaptable and flexible, with the ability to handle ambiguity and sometimes changing priorities + Demonstrated ability to effectively lead teams with diverse interests and skills + Strong organizational and interpersonal skills + Ability to elicit cooperation from a wide variety of resources, including peers, IPS management, other business units, and company leadership + Ability to define, learn, understand, and apply new technologies, methods, and processes + Professional demeanor, appearance, and positive attitude Education & Experience: + Bachelor's degree Required + Master's degree Preferred + 5+ years of experience in a leadership role Required + 10+ years of experience in information technology, data protection, information security, privacy, or information governance. Preferred + Or equivalent combination of education and/or experience Licenses, Certifications, & Training: + CISSP Preferred + CISM Preferred + CIPP Preferred + CIGP Preferred + Proficiency in data protection tools and techniques, such as data discovery, data masking, data encryption, data deletion, and data lifecycle management. Additional Information: + Candidate must live in/near the Greater Nashville, TN Area or be willing to commute to office. + Position is Monday - Friday (3-5 days) in office We are comprised of affiliated hospitals, physician practices and other sites of care across the United States and United Kingdom. The Sarah Cannon Cancer Network is transforming cancer care through integrated services and cutting-edge technologies. Our physicians can develop leading oncology programs to advance science and patient care. Providing physician-led patient care offers our doctors access to a national network of experts. This is where multidisciplinary teams come together with a goal of delivering seamlessly coordinated, quality cancer care. Through a united network of globally recognized oncology specialists, we collaborate and share best practices. We address each aspect of the cancer journey, from screening and diagnosis through treatment and survivorship, to advance our shared mission: Above all else, we are committed to the care and improvement of human life. HCA Healthcare has been recognized as one of the World's Most Ethical Companies® by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses. "Bricks and mortar do not make a hospital. People do."- Dr. Thomas Frist, Sr. HCA Healthcare Co-Founder If you are looking for an opportunity that provides satisfaction and personal growth, we encourage you to apply for our Director Data Protection opening. We promptly review all applications. Highly qualified candidates will be contacted for interviews. **Unlock the possibilities and apply today!** We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.