Colleen Shannon

Colleen Shannon is the Chief Compliance and Privacy Officer at Duke University Health System (DUHS). She is responsible for implementing and overseeing the Health System’s compliance and privacy programs and facilitating the DUHS enterprise risk management process. Shannon reports to the DUHS Compliance/Audit Committee of the Board of Directors and Health Affairs Chancellor and DUHS President and CEO. Shannon co-chairs the DUHS Privacy and Security Steering Committee and administers various facilities’ compliance committees. 

Shannon joined DUHS in July 2007 and has 26 years of health care regulatory experience. Prior to joining DUHS, Shannon was the Chief Compliance and Privacy Officer for OhioHealth, an integrated multi-hospital health system in Columbus, Ohio. Shannon served as a Regulatory and Licensing Attorney for Cole Managed Vision, a 50 state vision benefit administrator, developing its privacy program at the inception of HIPAA privacy regulations. She also served in multiple positions within The Cleveland Clinic Foundation, including staff counsel, Chief Operating Officer of Lakewood Hospital and Chief Integration Officer, Western Region, Cleveland Clinic. 

Shannon is a graduate of the University of Virginia Law School. Shannon served as Chair of the Association of American Medical Colleges (AAMC) Compliance Officers’ Forum (COF) and established the AAMC COF, Privacy Committee. Shannon serves as a member of American Association Hospital, Chief Compliance Officer Forum and is a member of the American Health Lawyers Association and Association of American Medical Colleges Compliance Officers’ Forum.