HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE
|
|
- Damian Greene
- 5 years ago
- Views:
Transcription
1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO & AVP Intermountain Healthcare Erik Decker, CPSO The University of Chicago Medicine 1
2 Conflict of Interest Karl J. West Has no real or apparent conflicts of interest to report. 2
3 Conflict of Interest Erik Decker Has no real or apparent conflicts of interest to report. 3
4 Learning Objectives Describe the characteristics of an effective security leader and when an organization should have a security leader to lead its cybersecurity program Identify the key ingredients for effectively governing an organization s cybersecurity program from a security leader s perspective Explain best practices for overseeing an organization s cybersecurity program in the role of a security leader Demonstrate how a security leader can effectively communicate with other executives and other management about the organization s cybersecurity program, initiatives, and security incidents 4
5 Karl J. West, CISO & AVP Karl is the Chief Information Security Officer and AVP of Information Systems at Intermountain Healthcare, an integrated delivery network of 22 hospitals and 185 clinics. Karl is a wellrespected speaker and security expert who is often sought after by other organizations that want to embed his holistic solutions in their security strategies. At Intermountain, Karl is responsible for all aspects of the organization s security strategy. Karl s leadership throughout the planning, development, implementation, and maintenance of an excellent security program has earned Intermountain national recognition as a leader in health information security. 5
6 Quick Facts about Intermountain Healthcare Headquartered in Salt Lake City 39,000 employees 470 volunteers governing trustees on 32 boards Created in 1975 when LDS Church donated its 15 hospitals to the communities they served 22 hospitals with 2,769 licensed beds $419 million in charity care during 2016 (249,000 cases) Integrated Health System Serving Utah and Southern Idaho 1,600 employed physicians and caregivers at more than 180 clinics SelectHealth insurance plans with 850,000 members TeleHealth Homecare & Hospice InstaCare Connect Care Life Flight Precision Genomics Strong Bond Agency Ratings S&P: AA+ Moody s: Aa1
7 Intermountain Cybersecurity Governance Chief Information Officer Chief Security Officer Central Compliance Committee Executive Privacy and Security Committee Privacy and Security Working Group Chief Compliance Officer Chief Privacy Officer Governance of Information Risk Reporting & Funding Authority 7
8 Erik Decker, CSPO Erik Decker is the Chief Security and Privacy Officer for the University of Chicago Medicine, and is responsible for its Cyber Security, Identity and Access Management and HIPAA Privacy Programs. Erik has 18 years of experience within Information Technology, with 12 years focused on Information Security. The majority of his career has been focused on Academic Medical Centers; establishing two information security programs and an identity and access management program. Erik is the current Chair of the AEHIS Board, and joined AEHIS in This association focuses on educating the CISO and providing cybersecurity resources within the Healthcare sector. 8
9 Quick Facts about The University of Chicago Medicine On track to become a Clinically 1000 Integrated Network Beds with recent acquisition of Ingalls Created in 1927 Headquartered in Chicago Journeying toward being an Integrated Delivery Network 12 Nobel Prize Winners 500,000 Outpatient Visits Annually 9
10 UCM Cybersecurity Governance Chief Information Officer Executive Cyber Risk Committee Chair: CEO Staff: CISO Executive Corporate Compliance Committee Chair: CEO Staff: CCO & Privacy Officer Chief Compliance Officer Security & Privacy Officer Privacy and Security Steering Committees Chair: Security & Privacy Officer Staff: GRC, Privacy Governance of Information Risk Reporting & Funding Authority 10
11 Source: Microsoft Ignite 11
12 What my mom thinks I do. What my friends think I do. What my wife thinks I do. What I think I do. 12 What I REALLY do.
13 Think Frictionless! Security Not a is Barrier an Enabler 13
14 The Characteristics of an Effective Security Leader Technical Communication Presentation Collaboration Leader of Leaders Understanding Healthcare Process & issues Financial Accumen Business Leadership Capital And, occasionally walking on 14 water!
15 15
16 Taking the Necessary Steps TRUST PEOPLE TAKE FEEDBACK GIVE FEEDBACK AFFIRM POTENTIAL INSPIRE ACTION ESTABLISH VISION 16
17 Do you Need a CISO? Consider the size of the organization (e.g. system vs. single hospital) All organizations need a privacy and security function regardless of size 17
18 Key Ingredients for Effective Governance 18
19 Security Operations 19
20 Key Relationships to Nurture CEO CFO CMO CNO Facility CEOs CMIO CNIO and their main business units. LEGAL COMPLIANCE PRIVACY 20
21 Oversight Best-Practices Risk Assessment & Management Patch & Vulnerability Management Data Inventory Data Classification Identity Management Third-Party Assessment 21
22 Oversight Best-Practices GOVERNANCE & RISK MANAGEMENT Policy Procedure SecOps/Incident Response Sec Architecture Education Awareness GRC & Shared Services 22
23 Effectively Communicate Your Program 23
24 Effectively Communicate Your Program Instill and bake in common metrics Monthly 1:1 meetings (key stakeholders) Participate in other governance to assist in drawing the line 24
25 25
26 Questions Karl J. West, Intermountain Eric Decker, The University of Chicago 26
Operationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results
Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec
More informationStrategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare
Strategy is Key: How to Successfully Defend and Protect Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare 1 Speaker Introduction Karl West Chief Information Security Officer Intermountain
More informationMANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors
Page 1 of 6 Applies to: faculty staff students student employees visitors contractors Effective Date of This Revision: June 1, 2018 Contact for More Information: HIPAA Privacy Officer Board Policy Administrative
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationa publication of the health care compliance association MARCH 2018
hcca-info.org Compliance TODAY a publication of the health care compliance association MARCH 2018 On improv and improving communication an interview with Alan Alda This article, published in Compliance
More informationCYBERSECURITY AND THE MIDDLE MARKET
CYBERSECURITY AND THE MIDDLE MARKET The Importance of Cybersecurity and How Middle Market Companies Manage Cyber Risks IN COLLABORATION WITH 2 Concerns about cybersecurity are not matched by plans. IMPORTANCE
More informationContinuity of Operations During Disasters: Electronic Systems and Medical Records
Idaho Health Care Association Continuity of Operations During Disasters: Electronic Systems and Medical Records Philip Niemer, MBA, MS, HEM Director Operational Continuity & Emergency Management Children
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationCYBER RISK MANAGEMENT
CYBER RISK MANAGEMENT AND BEST PRACTICES Heather Fields, JD, CHC, CCEP (414) 298-8166 hfields@reinhartlaw.com 1000 North Water Street, Suite 1700, Milwaukee, WI 53202 www.reinhartlaw.com 0 Agenda Role
More informationBirmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018
1.0 Executive Summary Birmingham Community Healthcare NHS Foundation Trust 2017/17 Data Security and Protection Requirements March 2018 The Trust has received a request from NHS Improvement (NHSI) to self-assess
More informationThe Deloitte-NASCIO Cybersecurity Study Insights from
The Deloitte-NASCIO Cybersecurity Study Insights from 2010-2016 August 21, 2018 Srini Subramanian State Government Sector Leader Deloitte Erik Avakian CISO Pennsylvania Michael Roling CISO Missouri Meredith
More informationThe Next Frontier in Medical Device Security
The Next Frontier in Medical Device Security Session #76, February 21, 2017 Denise Anderson, President, NH-ISAC Dr. Dale Nordenberg, Executive Director, MDISS 1 Speaker Introduction Denise Anderson, MBA
More informationEvaluating Cybersecurity Coverage A Maturity Model. Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium
Discussion on: Evaluating Cybersecurity Coverage A Maturity Model Presented to: ISACA Charlotte Chapter Vision for IT Audit 2020 Symposium By: Eric C. Lovell PricewaterhouseCoopers LLP ( PwC ) March 24,
More informationCybersecurity and Hospitals: A Board Perspective
Cybersecurity and Hospitals: A Board Perspective Cybersecurity is an important issue for both the public and private sector. At a time when so many of our activities depend on information systems and technology,
More informationEngaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,
Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager, Deloitte & Touche LLP 1 Speaker Introduction Sanjeev
More informationDynamic Transformation of the Energy Industry JUNE 25-27, 2019 COEUR D ALENE, IDAHO REGISTRATION
9 th ANNUAL A select group of C-suite panelists and key stakeholders will engage participants in dynamic discussion and debate about the transformational change taking place in today s energy industry.
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationThe Role of the CMIO in Advancing Cybersecurity
The Role of the CMIO in Advancing Cybersecurity AMDIS 2017 Brian Clay, MD Chief Medical Information Officer, Inpatient and Hospital Affiliations UC San Diego Health Disclosures None University of California,
More informationMARCH 2016 ONE BILLION COALITION FOR RESILIENCE
MARCH 2016 ONE BILLION COALITION FOR RESILIENCE AN URGENT CHALLENGE DISASTERS AND COMPLEX EMERGENCIES are becoming more frequent and more severe ASKING FOR MORE MONEY to respond to more crises is not the
More informationMemorandum of Understanding between the Central LHIN and the Toronto Central LHIN to establish a Joint ehealth Program
Memorandum of Understanding between the Central LHIN and the Toronto Central LHIN to establish a Joint ehealth Program Purpose This Memorandum of Understanding (MOU) defines the terms of a joint ehealth
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate
More informationThe National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne
The National Medical Device Information Sharing & Analysis Organization (MD-ISAO) Initiative Session 2, February 19, 2017 Moderator: Suzanne Schwartz, Assoc. Dir., CDRH, FDA Denise Anderson, MBA, President,
More informationSystem Chief Business Officer - B. J. Crain The Texas A&M University System Position Description--January 13, 2010
System Chief Business Officer - B. J. Crain Position Description--January 13, 2010 Dual reporting to the Chancellor and President of Texas A&M University with consideration to an executive oversight committee*
More informationUpdates to the NIST Cybersecurity Framework
Updates to the NIST Cybersecurity Framework NIST Cybersecurity Framework Overview and Other Documentation October 2016 Agenda: Overview of NIST Cybersecurity Framework Updates to the NIST Cybersecurity
More informationMNsure Privacy Program Strategic Plan FY
MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term
More informationChief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m.
Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m. Increased use of technologies such as mobile devices, social media and cloud computing has increased
More informationVice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security
Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Thursday, February 22 3:45 p.m. 4:45 p.m. With recent high-profile data breaches, cybersecurity
More informationCERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS
CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS Good IT governance is a key element of a well-performing enterprise. Enterprises need qualified information
More informationMembership Categories and Benefits
Membership Categories and Benefits As a participant in ISASecure, you are working with thought leaders who are taking action to improve our world. ISASecure promotes and certifies robust and secure technology
More informationDigital Service Management (DSM)
Digital Service Management (DSM) A Proactive, Collaborative and Balanced Approach for Managing, Improving and Securing an Enterprise Digital Service Portfolio itsm003 v.3.0 Agenda and Objectives What is
More informationPULSE TAKING THE PHYSICIAN S
TAKING THE PHYSICIAN S PULSE TACKLING CYBER THREATS IN HEALTHCARE Accenture and the American Medical Association (AMA) surveyed U.S. physicians regarding their experiences and attitudes toward cybersecurity.
More informationAvanade s Approach to Client Data Protection
White Paper Avanade s Approach to Client Data Protection White Paper The Threat Landscape Businesses today face many risks and emerging threats to their IT systems and data. To achieve sustainable success
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationehealth in Southwestern Ontario
ehealth in Southwestern Ontario Adding Value to the Healthcare System November 2, 2016 Prepared by: Michael Barrett, CEO, South West LHIN at the request of Ed Clark Page 1 Table of Contents Table of Contents
More informationHealth Information Technology - Supporting Joint Readiness
Health Information Technology - Supporting Joint Readiness Session # 104, March 7, 2018 Mr. T. Pat Flanders, DADIO/J-6, CIO Kevin P. Seeley, Deputy CIO, Colonel, USAF, MSC 1 Speaker Introduction Pat Flanders
More informationKansas City s Metropolitan Emergency Information System (MEIS)
Information- Sharing Interagency Cooperation Resources Management Law Enforcement Fire Emergency Medical Services Public Health Private Sector Kansas City s Metropolitan Emergency Information System (MEIS)
More informationHIPAA Compliance is not a Cybersecurity Strategy
HIPAA Compliance is not a Cybersecurity Strategy Presented by: Hector Rodriguez, WW Health CISO, Microsoft Jay Trinckes, Director, Coalfire Speaker Introductions Hector Rodriguez, WW Health CISO, Microsoft
More informationBored with Your Board s Involvement with Privacy/Security Program?
Bored with Your Board s Involvement with Privacy/Security Program? Marti Arvin, Cynergistek Joseph A. Dickinson, Tucker Ellis March 28, 2017 1 Initial Exercise: CISO Board Update Board of Directors/Trustees
More informationGDPR: The Day After. Pierre-Luc REFALO
GDPR: The Day After Pierre-Luc REFALO The speaker: Pierre-Luc REFALO Global Head of Strategic Cybersecurity Consulting 25+ years in Information & Cyber Security consultancy CISO for SFR & Vivendi Universal
More informationSALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually
SALARY $49.72 - $72.54 Hourly $3,977.88 - $5,803.27 Biweekly $8,618.75 - $12,573.75 Monthly $103,425.00 - $150,885.00 Annually ISSUE DATE: 03/21/18 THE POSITION DIRECTOR OF CYBER SECURITY OPEN TO THE PUBLIC
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationTraining and Certifying Security Testers Beyond Penetration Testing
Training and Certifying Security Testers Beyond Penetration Testing Randall W. Rice, CTAL (Full), CTAL-SEC Director, ASTQB Board of Directors www.astqb.org Most organizations do not know the true status
More informationAchieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)
Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs) Florida Hospital Association Welcome! John Wilgis Director, Emergency Management Services Florida Hospital Association
More informationREAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY
SEPTEMBER 11 13, 2017 BOSTON, MA REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY HealthcareSecurityForum.com/Boston/2017 #HITsecurity Brian Selfridge Partner, Meditology Services https://www.meditologyservices.com/
More informationConvergence of BCM and Information Security at Direct Energy
Convergence of BCM and Information Security at Direct Energy Karen Kemp Direct Energy Session ID: GRC-403 Session Classification: Advanced About Direct Energy Direct Energy was acquired by Centrica Plc
More informationBuild Your Cybersecurity Team: Create a Strong Cybersecurity Workforce Using Best Practices in Development
Build Your Cybersecurity Team: Create a Strong Cybersecurity Workforce Using Best Practices in Development Noel Kyle, Program Manager Department of Homeland Security (DHS) National Cybersecurity Education
More informationForging a Stronger Approach for the Cybersecurity Challenge. Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health
Forging a Stronger Approach for the Cybersecurity Challenge Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health 1 Speaker Introduction Tom Stafford, Vice President & CIO Education: Bachelors
More informationDOD Medical Device Cybersecurity Considerations
Enedina Guerrero, Acting Chief, Incident Mgmt. Section, Cyber Security Ops Branch 2015 Defense Health Information Technology Symposium DOD Medical Device Cybersecurity Considerations 1 DHA Vision A joint,
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More informationHCISPP HealthCare Information Security and Privacy Practitioner
HCISPP HealthCare Information Security and Privacy Practitioner William Buddy Gillespie, HCISPP Global Academic Instructor (ISC)² Former Healthcare CIO Chair Advocacy Committee, CPAHIMSS budgill@aol.com
More informationHealthcare Security Success Story
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Healthcare Security Success Story
More informationVII. GUIDE TO AGENCY PROGRAMS
VII. GUIDE TO AGENCY PROGRAMS Executive Offices and Centers David L. Lakey, M.D., Commissioner Kirk Cole, Associate Commissioner Luanne Southern, Deputy Commissioner FTEs: 71.1 Commissioner FTEs: 1.5 The
More informationNERC Staff Organization Chart Budget 2018
NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationPOSITION DESCRIPTION
POSITION DESCRIPTION Engagement Manager Unit/Branch, Directorate: Location: Outreach & Engagement, Information Assurance and Cyber Security Directorate Auckland Salary range: H $77,711 - $116,567 Purpose
More informationDHS Overview of Sustainability and Environmental Programs. Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs
DHS Overview of Sustainability and Environmental Programs Dr. Teresa R. Pohlman Executive Director, Sustainability and Environmental Programs DHS Mission DHS Organization Getting to Know DHS Mission: Secure
More informationThe Customer Relationship:
View the Replay on YouTube The Customer Relationship: Behind the Scenes with Managed Privacy Services September 10 th 2015 Executive Series Webinar Today s Speakers Ann Marie Harvey Privacy Manager Baptist
More informationMission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS
Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS Stephanie Poe, DNP, RN-BC CNIO, The Johns Hopkins Hospital and Health System Discussion Topics The Age of Acceleration Cyber
More informationCloud Communications for Healthcare
Cloud Communications for Healthcare Today, many powerful business communication challenges face everyone in the healthcare chain including clinics, hospitals, insurance providers and any other organization
More informationVice President, Chief Technology Officer at Methodist Le Bonheur Healthcare
Gene Fernandez Vice President, Chief Technology Officer at Methodist Le Bonheur Healthcare gene.fernandez@mlh.org Summary Gene Fernandez is a credentialed senior-level healthcare IT executive with extensive
More informationFDA & Medical Device Cybersecurity
FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US
More informationThe HITRUST CSF. A Revolutionary Way to Protect Electronic Health Information
The HITRUST CSF A Revolutionary Way to Protect Electronic Health Information June 2015 The HITRUST CSF 2 Organizations in the healthcare industry are under immense pressure to improve quality, reduce complexity,
More informationMapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective
Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better
More informationInformation Technology (CCHIT): Report on Activities and Progress
Certification Commission for Healthcare Information Technology Certification Commission for Healthcare Information Technology (CCHIT): Report on Activities and Progress Mark Leavitt, MD, PhD Chair, CCHIT
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationMemorial Hermann Health System Eases Encryption with Zix
/ CASE STUDY Memorial Hermann Health System Eases Email Encryption with Zix Learn how Memorial Hermann uses ZixEncrypt to easily secure protected health information and other sensitive data Memorial Hermann
More informationAAPA Smart Ports. Cyber Management for Ports Panel. Small Port Cyber Security Workshops. March 6, 2018
AAPA Smart Ports Cyber Management for Ports Panel Small Port Cyber Security Workshops March 6, 2018 1200 New Jersey Ave., SE Washington DC 20590 w w w. d o t. g o v Port Infrastructure Development More
More informationAMCs and. Does the new law apply to my organization?
AMCs and Does the new law apply to my organization? Panelists: David Holtzman VP Compliance Strategies, CynergisTek Karen Pagliaro-Meyer Chief Privacy Officer, Columbia University Medical Center Lynn Rohland
More informationAudit and Compliance Committee - Agenda
Audit and Compliance Committee - Agenda Board of Trustees Audit and Compliance Committee April 17, 2018, 1:30 2:30 p.m. President s Board Room Conference Call-In Phone #1-800-442-5794, passcode 463796
More informationPAST PRESENTATIONS Healthcare Information Security Discussion, Cleveland ISSA Chapter, Brecksville, OH, May 12, 2016
Past Presentations PAST PRESENTATIONS 2016 Healthcare Information Security Discussion, Cleveland ISSA Chapter, Brecksville, OH, May 12, 2016 Current Healthcare Information Security Trends and Challenges,
More informationOrganizational Privacy Transformation: A case study from Critical Issues to Award Winning Success
Organizational Privacy Transformation: A case study from Critical Issues to Award Winning Success Norine Primeau-Menzies VP Customer Services, Chief Privacy Officer May 2012 Agenda Overview of OTN Setting
More informationStephanie Zierten Associate Counsel Federal Reserve Bank of Boston
Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation
More informationInvestor Presentation
Investor Presentation October 2017 NYSE MKT: CTEK CynergisTek won the 2017 Best in KLAS Award for Cyber Security Advisory Services CynergisTek was recognized in the 2016 KLAS Security Advisory Services
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationCybersecurity Cheat Sheet for the Board of Directors
International Global ehealth Executive Council Cybersecurity Cheat Sheet for the Board of Directors What You Need to Know: A Starter Guide to Find and Fulfil Your Role in Cybersecurity Amidst health care
More informationVirginia State University Policies Manual. Title: Information Security Program Policy: 6110
Purpose Virginia State University (VSU) uses information to perform the business services and functions necessary to fulfill its mission. VSU information is contained in many different mediums including
More informationEnsuring Privacy and Security of Health Information Exchange in Pennsylvania
Ensuring Privacy and Security of Health Information Exchange in Pennsylvania The Pennsylvania ehealth Initiative in collaboration with the Pennsylvania ehealth Partnership Authority Introduction The Pennsylvania
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationUncovering the Risk of SAP Cyber Breaches
Uncovering the Risk of SAP Cyber Breaches Research sponsored by Onapsis Independently Conducted by Ponemon Institute LLC February 2016 1 Part 1. Introduction Uncovering the Risks of SAP Cyber Breaches
More informationTransforming Care: Leveraging Healthcare Technology To Improve Health For The Pediatric And Adolescent Population. Albert Oriol, CIO Rady Children s
Transforming Care: Leveraging Healthcare Technology To Improve Health For The Pediatric And Adolescent Population Albert Oriol, CIO Rady Children s Agenda Context: Rady Children s Hospital San Diego The
More information2017 LEGISLATIVE recommendations cyber security
2017 LEGISLATIVE recommendations cyber security Cyber security risk is a policy-level issue to be handled at the elected and appointed official level, not just administratively at an agency or within information
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More information2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification
2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification Presenters Jared Hamilton CISSP CCSK, CCSFP, MCSE:S Healthcare Cybersecurity Leader, Crowe Horwath Erika Del Giudice CISA, CRISC,
More informationPLEASE NOTE. - Text the phrase MICHAELBERWA428 to the number /23/2016 1
PLEASE NOTE This is an interactive panel, and we will be conducting voting throughout. To make voting easy, please register NOW, before the panel starts. To register: - Text the phrase MICHAELBERWA428
More informationTelehealth Workforce Offers Unique Competencies & Opportunities #245, February 23, 2017 Jay Weems, Vice-President, Operations, Avera ecare
Telehealth Workforce Offers Unique Competencies & Opportunities #245, February 23, 2017 Jay Weems, Vice-President, Operations, Avera ecare 1 Speaker Introduction Jay Weems Vice-President, Operations Avera
More informationAugust Objectives. Agenda. Promoting Your Professional Development with ACMPE. Describe the foundation and value of certification and fellowship
Promoting Your Professional Development with ACMPE 2015 MGMA-Louisiana Annual Conference August 19-21, 2015 Objectives Describe the foundation and value of certification and fellowship Explain the steps
More informationWELCOME. October 19, 2017 The Mandarin Oriental Washington, DC
WELCOME October 19, 2017 The Mandarin Oriental Washington, DC Schedule of Events 5:30 7:00 pm Cocktail Reception 6:40 7:10 pm Music USPHS Brass Ensemble 7:00 8:00 pm Welcome Remarks Master of Ceremonies
More informationDigital Service Management (DSM)
Digital Service Management (DSM) A Proactive, Collaborative and Balanced Approach for Securing, Managing and Improving the Online Services that Drive the Digital Enterprise itsm003 v.3.0 Agenda and Objectives
More informationAuditing and Monitoring for HIPAA Compliance. HCCA COMPLIANCE INSTITUTE 2003 April, Presented by: Suzie Draper Sheryl Vacca, CHC
Auditing and Monitoring for HIPAA Compliance HCCA COMPLIANCE INSTITUTE 2003 April, 2003 Presented by: Suzie Draper Sheryl Vacca, CHC 1 The Elements of Corporate Compliance Program There are seven key elements
More informationNATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium
NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium Securing Cyber Space & America s Cyber Assets: Threats, Strategies & Opportunities September 10, 2009, Crystal Gateway Marriott, Arlington,
More informationPutting It All Together:
Putting It All Together: The Interplay of Privacy & Security Regina Verde, MS, MBA, CHC Chief Corporate Compliance & Privacy Officer University of Virginia Health System 2017 ISPRO Conference October 24,
More informationSCHEME OF DELEGATION (Based on the model produced to the National Governors Association)
SCHEME OF DELEGATION (Based on the model produced to the National Association) THE PURPOSE OF A SCHEME OF DELEGATION: A scheme of delegation (SoD) is the key document defining which functions have been
More informationIncident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles
Incident Response Lessons From the Front Lines Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles 1 Conflict of Interest Nolan Garrett Has no real or apparent conflicts of
More informationKey Findings from the Global State of Information Security Survey 2017 Indonesian Insights
www.pwc.com/id Key Findings from the State of Information Security Survey 2017 n Insights Key Findings from the State of Information Security Survey 2017 n Insights By now, the numbers have become numbing.
More informationBringing Cybersecurity to the Boardroom Bret Arsenault
SESSION ID: CXO-T11 Bringing Cybersecurity to the Boardroom Bret Arsenault Corporate Vice President & CISO Microsoft Security has Transcended from to a an 3 How Microsoft Approaches Security Reinventproductivity
More informationAPCD Advisory Group Meeting June 4, 2015
APCD Advisory Group Meeting June 4, 2015 1 Presentation Overview Approval of March 4, 2015 Minutes Introduce New APCD Advisory Group Member CEO/ED Updates Communicate Health Presentation: Overview of APCD
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More informationPlenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.
Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m. Cybersecurity is a top priority for the financial services industry. Firms dedicate significant resources every
More information