Job Listing Details

System Director for Privacy

Facility: Bon Secours Mercy Health
State: Cincinnati
Contact Name: Kayla Chambers
Contact Title: Executive Recruiter

Bon Secours Mercy Health

System Director for Privacy

Cincinnati, OH with 20-30% travel required

This is an exciting time for Bon Secours Mercy Health. Upon completion of our merger, our new system includes 43 hospitals serving 7 states on the East Coast. Our mission to provide compassionate healthcare to those in need will be carried out by the hearts and hands of our 57,000 employees daily. To be considered for this exciting opportunity, please submit resume below. 

The Director for Privacy will be responsible for Bon Secours Mercy Health’s Privacy Program for the entire health system including but not limited to daily operations of the program, development, implementation, and maintenance of policies and procedures, monitoring program compliance, investigation and tracking of incidents and breaches and insuring patients’ rights in compliance with federal and state laws.


  • Build a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI), paper and/or electronic, across all media types. Ensures privacy forms, policies, standards, and procedures are up-to-date.
  • Work with organization senior management, security, and Chief CRO to establish governance for the privacy program.
  • Serve in a leadership role for privacy compliance
  • Collaborate with the Chief Information Security Officer (CISO) to ensure alignment between security and privacy compliance programs
  • Establish, with the CISO, an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information. Monitor patterns of inappropriate access and/or disclosure of protected health information.
  • Perform/oversee initial and periodic information privacy risk assessment/analysis, mitigation and remediation.
  • Oversee, develop and deliver initial and ongoing privacy training to the workforce.
  • Participates in the development, implementation, and ongoing compliance monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.


  • Master’s Degree in Law, regulatory affairs, healthcare administration, medicine, nursing, business, or ethics required
  • A minimum of 3-5 years’ experience in medical affairs, healthcare regulations and law and advising healthcare institutions.
  • Experience working with senior executives and Board members in a demanding and dynamic corporate environment with access to highly confidential and proprietary information.
  • Demonstrated knowledge of federal and state regulations relating to healthcare operations.
  • Proficiency in Microsoft Office suite (Word, PowerPoint, Excel, Outlook), and demonstrated ability to use other relevant software applications to present data, information and analysis in a clear, compelling and professional way.
  • Demonstrated strong oral and written communication skills, strong analytical, organizational, research and collaborative problem-solving skills; ability to establish trust and credibility with senior executives and Board members; ability to work with multiple strategies simultaneously; commitment to quality and excellence; superior sense of judgment, confidentiality and discretion

Preferred Knowledge, Skills and Abilities

  • Extensive knowledge of the regulatory and legal issues governing the provision of healthcare. Knowledge of federal and state laws and regulations regarding the privacy of health information, including HIPAA and CMS requirements.
  • Effective organizational, planning, controlling, scheduling and project management abilities with a track record of being able to multi-task and meet deadlines.

To be considered for this position, please submit application to: