
Chief Technology and Information Officer
Job Description
Company Overview
Health disparities among New Yorkers are large, persistent, and increasing. Public Health Solutions (PHS) exists to change that trajectory and support underserved New Yorkers and their families to achieve optimal health and build pathways to reach their potential.
As the largest public health nonprofit serving New York City, we improve health outcomes and help communities thrive by providing direct services to underserved families, supporting community-based organizations through our long-standing public-private partnerships, and bridging the gap between healthcare and community services. To learn more about our work, please visit healthsolutions.org.
Position Summary
The Chief Technology and Information Officer (CTIO) is an executive leader responsible for advancing PHS’ technology, data, cybersecurity, and digital transformation strategy in service of equitable public health outcomes. Reporting to the Chief Operating Officer and serving as a member of the Executive Leadership Team, the CTIO has enterprise authority for technology strategy, cybersecurity governance, data architecture, IT investment prioritization, and technology vendor oversight.
The CTIO will oversee enterprise IT operations, cloud and data infrastructure, cybersecurity, HIPAA and NYS OHIP security compliance, interoperability, AI governance, analytics modernization, and strategic technology partnerships. The role will lead a multidisciplinary technology organization that includes infrastructure and end-user support, enterprise applications, data and analytics, cybersecurity, and strategic technology transformation.
The CTIO will lead the responsible adoption of artificial intelligence (AI), automation, advanced analytics, and digital tools to improve organizational effectiveness, strengthen program and service delivery, support data-informed decision-making, and enhance the experience of PHS staff, partners, and the communities served.
Key Responsibilities
Enterprise Technology Strategy and Leadership
- Develop and implement an enterprise-wide technology strategy that supports PHS’ strategic priorities, mission, public health programs, and long-term organizational resilience.
- Oversee IT infrastructure, enterprise systems, databases, cloud services, networks, end-user support, and technology service delivery.
- Manage IT budgeting, procurement, vendor relationships, and investment prioritization to ensure resources are aligned to organizational risk, mission impact, and operational needs.
- Set enterprise architecture, technology standards, and modernization priorities that support secure, scalable, and user-centered systems.
- Ensure enterprise technology, data, and AI initiatives are designed and evaluated for accessibility, equity, language inclusion, usability, and potential disparate impact across the communities served by PHS.
Digital Transformation, AI, and Automation
- Establish and execute an enterprise AI and automation strategy that advances equitable public health outcomes, improves service delivery and constituent engagement, reduces administrative burden, and strengthens organizational decision-making while maintaining appropriate human oversight, privacy protections, and regulatory compliance.
- Lead enterprise digital transformation initiatives, including AI-enabled platforms, workflow automation, interoperability modernization, and user experience optimization.
- Evaluate and implement emerging technologies, including generative AI, machine learning, workflow automation, AI agents, advanced analytics, and cloud-native platforms, where they can responsibly improve operational effectiveness and program outcomes.
- Establish and chair an enterprise AI Governance Council with representation from technology, privacy, legal, compliance, program leadership, analytics, and operations.
- Maintain an AI governance operating model that reviews high-impact AI use cases, establishes approval criteria, maintains an AI system inventory, and oversees model monitoring, vendor risk assessment, human oversight, and incident escalation.
- Foster responsible experimentation and innovation while supporting change management, staff training, AI literacy, cybersecurity awareness, and adoption of digital tools across the organization.
Enterprise Data Strategy, Analytics, and Interoperability
- Lead enterprise data architecture and interoperability initiatives to improve access to high-quality, actionable data across the organization.
- Lead technology and data interoperability across public health programs, community-based organizations, healthcare partners, government agencies, and external vendors, including standards-based approaches to secure data exchange and shared service delivery.
- Drive modernization of data platforms, analytics infrastructure, data warehouses or lakes, and cloud-based data environments.
- Promote enterprise-wide data literacy, data quality, data lineage, and self-service analytics capabilities.
- Support secure use of data for research, evaluation, program improvement, advanced analytics, and predictive modeling to improve public health outcomes and operational performance.
Information Security, HIPAA, NYS OHIP Compliance, and Cybersecurity
- Serve as the designated HIPAA Security Officer and NYS OHIP Information Security Officer, with responsibility for executive oversight of the security program, risk management, compliance reporting, and incident governance.
- Direct operational security activities through appropriately qualified internal staff, consultants, and external security partners.
- Establish and maintain PHS’ HIPAA Security Program, ensuring compliance with 45 CFR §164 Subpart C and applicable NYS OHIP requirements.
- Oversee implementation and annual review of the Security Risk Assessment (SRA), mitigation plans, System Security Plan (SSP), access control policies, incident response plans, contingency and disaster recovery plans, Data Use Agreements, and Business Associate Agreements.
- Maintain a proactive cybersecurity program aligned with NIST, HIPAA, NYS OHIP, and applicable CMS security frameworks, including encryption, access control, vulnerability management, patch management, security assessments, penetration tests, audits, and incident response.
- Evaluate cybersecurity risks associated with AI systems, third-party AI vendors, automated decision-making platforms, prompt injection, model misuse, unauthorized data exposure, and adversarial threats.
- Lead adoption of appropriate advanced cybersecurity technologies, including AI-driven threat detection, zero-trust architecture, and security automation.
Data Governance, Privacy, and Technology Resilience
- Oversee policies and practices for secure data storage, processing, sharing, retention, and responsible use.
- Collaborate with the Privacy Officer, Legal, Compliance, and program leadership to ensure adherence to HIPAA Privacy Rules, NYS data privacy requirements, and organizational standards.
- Establish enterprise governance for data quality, lineage, AI model governance, ethical data usage, and appropriate controls for training, processing, and storing data used in AI applications.
- Establish technology resilience standards addressing vendor concentration risk, third-party service continuity, cloud portability, data recovery, contractual safeguards, and continuity of operations for mission-critical systems.
- Monitor and report on the status of security risks, audit findings, mitigation efforts, AI governance risks, and technology resilience priorities to executive leadership and NYS OHIP as required.
Leadership, Collaboration, and Change Management
- Lead, develop, and support a multidisciplinary team of IT professionals, data and analytics staff, consultants, and security partners.
- Foster a culture of innovation, service, accountability, cybersecurity awareness, and continuous improvement across the organization.
- Build cross-functional partnerships between IT, operations, legal, compliance, privacy, analytics, finance, procurement, and program leadership.
- Translate complex technology, cybersecurity, data, and AI issues into clear recommendations for executive leaders, board stakeholders, and program partners.
- Lead organizational change management efforts related to technology modernization, AI adoption, digital transformation, and data-informed decision-making.
Qualifications and Experience
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, Data Science, Public Health Informatics, or a related field; Master’s degree preferred.
- Minimum of 10 to 15 years of relevant technology, data, cybersecurity, or digital transformation experience, including at least 5 years in a senior leadership role.
- Deep knowledge of the HIPAA Security Rule, NYS OHIP requirements, NIST, CMS security frameworks, cybersecurity risk management, and regulated technology environments.
- Proven experience managing healthcare, public health, Medicaid, Medicare, or other complex enterprise technology systems, interfaces, cloud-based applications, and vendor platforms.
- Demonstrated success leading enterprise cybersecurity programs, compliance initiatives, risk mitigation, incident governance, and technology resilience planning.
- Experience developing or implementing AI, automation, advanced analytics, interoperability, or digital transformation strategies in complex organizations.
- Familiarity with generative AI platforms, machine learning concepts, data governance frameworks, responsible AI principles, model governance, and AI risk management.
- Experience with enterprise cloud platforms, data warehouses or data lakes, interoperability frameworks, modern analytics environments, and secure data exchange.
- Experience evaluating and managing strategic technology partnerships, emerging technology vendors, managed-service partners, and complex vendor portfolios.
- Demonstrated ability to translate technology strategy into measurable improvements in client access, program outcomes, staff productivity, operational effectiveness, and organizational resilience.
- Strong leadership, communication, change management, vendor negotiation, systems thinking, and cross-functional partnership skills.
Preferred or Strongly Desired Experience
- Experience leading technology, data, or digital transformation in public health, Medicaid, social services, community health, nonprofit, or government-adjacent organizations.
- Experience working with community-based organizations, public-private partnerships, healthcare partners, government agencies, or multi-stakeholder service-delivery ecosystems.
- Experience leading modernization in resource-constrained environments while balancing innovation, compliance, risk, security, and operational continuity.
- Relevant certifications such as CISSP, CISM, CISA, CRISC, PMP, cloud security, healthcare compliance, or related credentials are helpful but not required.
Our Commitment to Diversity, Equity, and Inclusion
At PHS, we place immense value on diversity within our teams, understanding that varied backgrounds and experiences significantly enhance our community and propel us toward our goals. If you find that you do not have experience in all the areas listed above, we still encourage you to apply and share your background and experiences in your application. We are eager to discover how your unique perspective can bring positive transformations to our team and help advance our mission of creating healthier, more equitable communities.
We look forward to learning more about you.
PHS is proud to be an equal opportunity employer and encourages applications from women, people of color, persons with disabilities, LGBTQIA+ individuals, and veterans.
Monday - Friday, 9am - 5pm
35 hours per week