Monday, June 3

8:45-9:00 am Welcome

Jennifer Anderson (NCHICA) & Lee Olson (Mayo Clinic)


10:45 am – 12:00 pm Concurrent Sessions

Achieving Better Privacy and Cybersecurity Through Data Classification and Rights Management

Stephanie Crabb (Immersive), Alex Nisenbaum (PepperHamilton) & Richard Wyckoff (University of Vermont Health Network)

Case Studies: Addressing Identity & Security in Healthcare at the University of Kansas Health System & Integris Health

James Beeson (University of Kansas Health System), Chris Lloyd (Oxford Computer Group), James Landers (Integris Health)

Exploring Opportunities and Challenges in Creating Learning Health Systems

Holt Anderson (Learning Health Strategies) & Ed Hammond (Duke Center for Health Informatics)


1:00-2:15 pm Concurrent Sessions

Implementing an Effective Auditing and Monitoring Program with a New EMR: Two AMCs + One Healthcare System = OHCA

Karen Pagliaro-Meyer (Columbia University) & Tanisha Raiford (Weill Cornell Medicine)

Back to Basics: How to Create Effective Information Security Policies

Chuck Kesler ( & Steve Cardinal (Medical University of South Carolina)

Overcoming Barriers that Keep You from Building a Secure Mobile App that People Actually Use

Jeff Kramer (MD Interconnect), Allie Lindahl (Transitions LifeCare, formerly with WakeMed) & Peter Nelson (Stern Security)


2:45-4:00 pm Concurrent Sessions

Roundtable Discussion on First Question – Whose Risk Is It Anyway?

Shelly Epps (Duke Health), Susan Hayden, JD (Duke University School of Medicine) & Dennis Schmidt (UNC Health Care)

Three Keys to Mature Vendor Security Risk Management Programs

Stephen Dunkle (Geisinger Health System) & Cliff Baker (CORL Technologies)

Blockchain and Healthcare: Better Health Information Sharing

Ken Mortenson (InterSystems), Shay Hassidim (SEMA-4)


Tuesday, June 4


10:45 am -12:00 pm Concurrent Sessions

Beyond California: State Standards for Privacy and Cybersecurity

David Behinfar (UNC Health Care), Katherine Georger (Duke Health), David Holtzman (CynergisTek) & Campbell Tucker (Novant Health)

Collaborative Security: How Information Sharing Can Add to Your Team

Denise Anderson (H-ISAC), TJ Bean (HCA) & Taylor Lehmann (Wellforce & Tufts Medical Center)

IoT in Healthcare

Rosemary Herhold (Duke Health) & Lee Olson (Mayo Clinic)


1:00-2:15 pm Concurrent Sessions

Impact of the European Union’s General Data Protection Regulation on U.S. Academic Medical Centers and Other Healthcare Facilities

Dina Marty (Wake Forest Baptist Health) & David Peloquin (Ropes & Gray LLP)

How to Build a Comprehensive Risk Management Program

Robert Babin (Saint Peter’s Healthcare System), Gerry Blass (ComplyAssistant) & Anurag Shankar (Indiana University)

Great Efficiencies or More Risk? Changes to the Common Rule Pose Increased Data Privacy and Security Risks

Marti Arvin (CynergisTek) & Holly Benton (Duke Health)


2:45-4:00 pm Concurrent Sessions

A Journey to Cloud Security & Compliance

Rob Sarkis (American Hospital Assn.), Bryan McGowan (Burwood Group), Bill Schultz (Vanderbilt University) & David Clevenger (Coalfire)

Healthcare Security Project Strategies

Kirk Davis & Jerry Hare (Vidant Health), Jon Sternstein (Stern Security)

Roundtable Discussion on Medical Device Cybersecurity

George Reed & Emily Mengel (WakeMed); LeahAnn Clemens (Mayo Clinic)

Best conference in the US in terms of content and affordability; excellent interaction capabilities between panels and the audience.

—2018 Conference Attendee

Click here to see the speaker bios.