Robert Carvajal, CISSP, has been named BayCare’s chief information security officer.
BayCare Health System has appointed Robert Carvajal as its new Chief Information Security Officer (CISO) as of February 16, 2026. In this pivotal role, Carvajal will be responsible for overseeing the organization’s cybersecurity strategy, aligning with BayCare’s commitment to innovation, patient safety, and operational excellence across its healthcare services.
With over 20 years of experience in information technology, including nearly two decades specifically in cybersecurity leadership, Carvajal brings a wealth of knowledge to his new position. Before taking on the CISO role, he served as BayCare’s Director of Information Services Security and Threat Management, where he led critical enterprise security operations, incident response initiatives, and threat intelligence efforts. His leadership was instrumental in enhancing the organization’s cybersecurity posture.
Strategic Focus on Cybersecurity and Patient Care
As CISO, Carvajal will work closely with the executive leadership team to advance BayCare’s technology strategy and digital health initiatives. He will lead information security governance and promote secure health information exchange throughout the continuum of care, ensuring that technology supports the delivery of high-quality, compassionate healthcare.
“Robert Carvajal has been a trusted leader within BayCare and a steady presence in an increasingly complex cybersecurity landscape,” said Lynnette Clinton, BayCare’s Chief Information Officer. “His deep expertise, leadership style, and commitment to collaboration make him the right choice to help protect our systems, support our team members, and advance BayCare’s digital future.”
Carvajal is well-versed in leading enterprise security strategy and has chaired various security committees. He is experienced in managing incident responses and aligning cybersecurity programs with regulatory frameworks such as the Health Insurance Portability and Accountability Act (HIPAA) and the National Institute of Standards and Technology (NIST). His broad background includes work within health systems, digital health, and large enterprise environments, with a significant focus on risk mitigation and continuous improvement.
Commitment to Protecting Patients and Staff
“I’m honored to step into this role at an organization that puts trust, dignity, and patient care at the center of everything it does,” Carvajal stated. “Cybersecurity is ultimately about protecting people — our patients, our team members, and the communities we serve. I look forward to continuing to work alongside BayCare’s teams to strengthen our capabilities while enabling innovation and safe, connected care.”
Carvajal holds a Bachelor of Science in Criminal Justice from Northeastern University and maintains several industry certifications, including the Certified Information Systems Security Professional (CISSP) designation.
BayCare Health System is a prominent not-for-profit academic healthcare provider, serving individuals and families across 16 hospitals and numerous other locations throughout the Tampa Bay and central Florida areas. The system is recognized as West Central Florida’s largest provider of behavioral health and pediatric services, and its medical group, BayCare Medical Group, ranks among the largest in the region. BayCare’s mission is to enhance the health of all it serves through community-oriented healthcare services that set the standard for high-quality, compassionate care. For more information, visit BayCare.org.
