Paul Connelly

Chief Information Security Officer HCA Healthcare

Paul Connelly is Chief Security Officer for HCA Healthcare in Nashville, TN. He leads the programs for Cyber Security, Privacy, Information Governance, and Physical Security that protect the company’s 185 hospitals, 1400 outpatient clinics, 275,000 employees, and 35 million patient care encounters each year.

Paul oversees a team of 165 subject matter specialists in Nashville, 60 regional leaders across the US and UK, and approximately 3000 facility security officers. He is an innovator who saw an opportunity for synergy and efficiency, and developed the business case to persuade Company leadership to bring Cyber Security, Privacy, Physical Security, and Information Governance together into one team in 2012.

Paul started as an information security analyst at the National Security Agency in 1984, spent nine years as Information Security Officer at the White House, and six years as a partner leading an information security audit and consulting group at PricewaterhouseCoopers. He has led HCA’s program since 2002.

Highlights of Paul’s career include:

  • The first Information Security Officer at the White House, serving under Presidents Ronald Reagan, George H.W. Bush, and Bill Clinton. Responsible for national security systems supporting the President, National Security Council, and White House Military Office (Air Force One, Marine One, Camp David, and White House Medical Unit)
  • The first civilian Presidential Communications Officer, leading communications and emergency support for the President during travel throughout the world. 
  • Inducted into the White House Communications Agency Hall of Fame in 1998.
  • Federal government’s top award for achievement in Information Security in 1992.
  • Information Security Executive of the Year for the private sector for North America in 2009.
  • 21 members of Paul’s teams have been selected as CISOs at other organizations.

Paul has Bachelor’s and Master’s degrees in Resource Economics from the University of Florida, completed the National Security Studies program at the US Naval War College, holds the National Association of Corporate Directors/Carnegie Mellon University CERT Certificate in Cybersecurity Oversight, and is part of the Leadership Nashville class of 2018. 

Day One: Monday, May 18, 2020

Monday, May 18th, 2020

12:30 PM Establishing a Culture of Comprehensive Vigilance within Both Your Cyber & Physical Security Teams

The evolution of the Internet of Things into the Internet of Everything has profound consequences on clinical settings and requires the development of a comprehensive strategy to create synergies between cyber and physical security assets. Join Paul Connelly, CISO at HCA Healthcare, as he shares how he’s leveraging the convergence between the two functions to protect both sensitive, HIPPA-protected patient data as well as his organization’s varied physical assets. 


Participate in this session to gain insights into: 

  • Improving the accuracy and efficiencies of risk assessments by avoiding duplication and establishing a “single source of truth”
  • Establishing appropriate physical controls that take into account the complexity of identity and access management within a layered, complex clinical ecosystem 
  • Generate cost savings by assessing how cyber threats pose risks to both physical assets and IT infrastructures  
  • Maintaining the individual identities of both the physical and cybersecurity teams while fostering collaboration 

Check out the incredible speaker line-up to see who will be joining Paul.

Download The Latest Agenda