Barbara McClung


CISA (Computer Information System Auditor)
CHP (Certified HIPAA Privacy)
CSCS (Certified Security Compliance Specialist)
CHC (Certified Healthcare Compliance )

Barbara McClung



Creative, committed, and an influential GRC leader with proven ability to drive organizational results. Dedicated to building data privacy and security seamlessly into business operations in support of the enterprise goals. Partner with key stakeholders across all company functions to implement security controls and mitigate risk at each level. Align HIPAA and PCI compliance requirements with Information Technology objectives utilizing ISO and NIST frameworks for creating an Information Security program. Healthcare subject matter expert in both inpatient and outpatient administrative and clinical settings. Performed CISO responsibilities in a multi-facility healthcare system. Exhibit strong leadership skills with allows for personal and professional growth for team members as well as demonstrates decisiveness, clarity, courage, passion and humility.


  • Security professional and acting CISO responsible for the design and implementation of an Enterprise IT Security and Risk Management Program for multi-hospital, skilled nursing facility, and multi-clinic physician organization
  • Developed and lead the implementation of the cybersecurity program for a multi-hospital health system
  • Provided strategic leadership consulting services to executives of healthcare organizations in areas of risk identification, remediation, vulnerability and threat management
  • Designed and implemented a vendor security management program
  • Developed a Business Impact Analysis service offering
  • Performed Business Impact Analysis projects for clients
  • Established an in-house Security Operations Center (SOC) for a multi-hospital Health System
  • Conducted Risk Assessments based on HIPAA and NIST CSF
  • Managed security controls audit for annual financial reporting
  • Served as Hospital Privacy Officer and Compliance Officer
  • Implemented and facilitated ongoing security education awareness and training programs
  • Created, implemented, and managed cybersecurity policies, HIPAA and compliance policies, procedures and standards
  • Established cybersecurity reporting metrics for executive leadership


  • Certificate Program – Practice Workflow & Information Management Redesign specialist – Mission College, Santa Clara, CA
  • CISA (Computer Information System Auditor)
  • CHP (Certified HIPAA Privacy)
  • CSCS (Certified Security Compliance Specialist)
  • CHC (Certified Healthcare Compliance – must be renewed)


    • Office


    • Email