Profiles search

Michael Chirico, Esq., CISA

Data Privacy and Information Security Attorney and Governance, Risk and Compliance Professional
New York, NY, United States

Details

Education: JD



Quinnipiac University School of Law
Experience: 2022 : Present

Saint Peter’s Healthcare System

Chief Information Security Officer

2000 : 2022

Additional experience available upon request

Additional history available upon request
Company: Saint Peter’s Healthcare System
Years of Experience: 24

Skills

Analysis, Auditing, Business Analysis, Business Continuity, Business Process, Business Process Improvement, Change Management, CISA, COBIT, Consulting, Contract Negotiation, COSO, Due Diligence, Enterprise Risk Management, Finance, Financial Analysis, Financial Risk, Financial Services, Fraud, Governance, Information Security, Information Security Management, Information Technology, Internal Audit, Internal Controls, IT Audit, IT Management, IT Risk Management, IT Strategy, Leadership, Management, Management Consulting, Operational Risk Management, Outsourcing, Policy, Process Improvement, Program Management, Project Management, Project Portfolio Management, Risk Assessment, Risk Management, Sarbanes-Oxley, Sarbanes-Oxley Act, SAS70, SDLC, Security, Start-ups, Strategy, Team Leadership, Vendor Management

About

An information security and privacy professional with over twenty years in industry and a former Information Security Officer (CISO) for one of the largest publicly owned hospitals in the country. I have spent my career working with clients, both internal and external, to develop global privacy and security programs. My background also includes the performance and management of audit and risk assessments, development of policies and supporting governance models, implementing effective data transfer strategies, and negotiating cloud and other complex agreements.



I have practical experience that comes from having decades of experience as an information security officer and IT advisory professional. I work to understand clients’ business and information security challenges. I frequently collaborate with primary stakeholders, including executive leadership, at health delivery organizations, insurance companies, and more generally, covered entities, on the development of industry best practices and strategies to meet the challenges of privacy and security requirements under HIPPA, state and federal laws and regulations.



A recognized security and privacy professional, I am a Certified Information Systems Auditor as certified by Information System Audit and Control Association (ISACA)



I have advised and served on the boards of directors and have most recent served as the Vice-President of the board of directors for a chapter of the Health Information Management Systems Society(HIMSS). Additionally, I have served in an advisory capacity for Rutgers Cybersecurity Executive Program, and previously served on the Board of Directors for Information Systems Audit and Control Association (ISACA).