Gerald Auger, PhD
Information Security Architect, MUSC
Gerry is passionate about information security and believes there is an appropriate, tailored information security program for every organization. At the Medical University of South Carolina he’s responsible for setting the information security strategy and designing solutions to realize it. He holds a PhD in Cyber Operations.
Robert Babin, MS, CISA, CISM
Director, Strategic Initiatives & CISO, Saint Peter’s Healthcare System
Robert has over 35 years of experience in manufacturing, financial and healthcare technology. As CISO, he oversees information security efforts around regulatory and audit compliance, policy development, technology risk mitigation, vulnerability management and administering the information security program at St. Peters. He holds three Masters of Science degrees in business and technology management, and has earned CISA and CISM certifications.
Sr. Director, Information Systems & CISO, UCI Health
Sriram has over 25 years of Information Management Systems experience in multiple industries including healthcare. Sri has held many leadership positions in health plans. Prior to his current work at UCI, he consulted with Integrated Delivery Networks around ACO, HIE and clinical integration.
President & CEO, ComplyAssistant
Gerry brings over 35 years of experience in healthcare IT. Prior to ComplyAssistant, he was the Chief Information Security Officer for a major healthcare system in New Jersey, where he built the HIPAA Privacy and Security programs and chaired their multidisciplinary governance team. In 2002 Gerry founded ComplyAssistant to provide software and service solutions for HIPAA and IT strategic planning. He currently chairs the NJ HIMSS Privacy, Security and Compliance Committee.
Privacy Risk Strategist, NIST
Kaitlin works to advance international privacy standards, develops privacy risk management guidance, and manages the Privacy Engineering Collaboration Space. She helped develop the NIST Privacy Framework, served on the joint task force working group for the NIST Guide for Applying the Risk Management Framework to Federal Information Systems, worked to implement the National Strategy for Trusted Identities in Cyberspace, and contributed to the NIST Digital Identity Guidelines.
Director (National Programs), Edith Cowan University
Nathalie has worked in both the corporate and academic side of Higher Education, and in domestic and international markets. She has qualifications in philosophy, marketing, electronic communications and information management. She is currently the director of ECU’s Melbourne and Sydney locations. Her area of expertise is authenticity and its value in interactions between people, especially in a business context, usually in management and marketing.
Alex Everett, CISSP, SABSA
IT Security Architect, UNC Chapel Hil
Alex started his cybersecurity journey as an undergraduate in the Department of Electrical and Computer Engineering at Oklahoma State University. While there he worked on intrusion detection and prevention, digital forensics, penetration testing, and device encryption. Arriving at UNC-CH in 2007, he has spent the last decade operating network security devices, handling incidents, and working with customers on projects. Alex holds both CISSP and SABSA certifications.
Karen Greenhalgh, HCISPP, CHC, CHPC
Managing Principal & Founder, Cyber Tygr
Karen has extensive experience managing HIPAA and NIST-CSF requirements within medical centers and is an ISC2 certified Healthcare Information Security & Privacy Practitioner (HCISPP). She has combined this knowledge with her successful entrepreneurial history to establish Cyber Tygr, a corporation focused on providing economical healthcare cybersecurity and privacy solutions.
Ty Greenhalgh, HCISPP
CEO, Cyber Tygr
Ty has dedicated over 30 years to the health technology industry. He is an ISC2-certified healthcare information security and privacy practitioner (HCISPP) and cybersecurity officer. He has a strong background providing support to executive boards to meet their business, technology, cyber-risk and information protection objectives while maximizing the value of their information assets.
Senior Information Security Analyst, Mayo Clinic
Kurt co-leads the evaluation and implementation of Mayo’s recent Medical Device and IoT Security solution. Kurt remains a Mayo Clinic subject matter expert on medical device security and the integration of security technologies into their ecosystem. His career has focused on Auditing and Security Management of Information Technology since 1999. He previously served as Mayo’s IT/IS Audit leader for eight years. He is a member of the HHS 405(d) and H-ISAC’s Medical Device Security Information Sharing Council Group.
Bill Hagestad, MS
Senior Principal Product Cyber Security Engineer, Medtronic
Bill teaches on cyber intelligence, counterintelligence and protecting industrial control systems at the National Security Agency Cybersecurity Center of Excellence. He serves as an executive board advisor for DEFCON’s BioHacking Village and is an internationally registered white hat hacker. He is an authority on the People’s Republic of China’s use of computer and information network systems as a weapon, and has written numerous books and speaks internationally on the subject. He holds three MS degrees: in Military Strategy, Security Technologies and Management of Technology. He is a retired Lieutenant Colonel from the US Marine Corps.
Michael Hancock, CISSP, CISA, PMP, CRISC
Information Security Analyst, Duke Health Technology Solutions
Michael has over 20 years of experience in Cybersecurity. His security and privacy specialties include healthcare applications and mobile devices. As Information Security Manager for a local municipality, his responsibilities included balancing the Public’s need to know verse the very real need for information protection. As the Director of Compliance at one of the ‘Baby Bell’ telecom companies, his team managed to wade through the complex maze of regulatory requirements to provide successful outcomes for their customers. For the past three years, he has applied technical and common sense controls to the unique challenges in healthcare at Duke Health.
Executive Advisor, CynergisTek
Clyde brings more than 30 years of executive leadership experience in cybersecurity to his position with CynergisTek. His responsibilities include being the senior security advisor and client executive, thought leader and developer of strategic direction for information and cybersecurity services, nationwide business development lead for security services, and contributor to CynergisTek’s industry outreach and educational events.
Angel Hoffman, DNP
Owner/Principal, Advanced Partners in Health Care Compliance
Angel has served as Chief Compliance and Ethics Officer, Chief Privacy Officer and Quality/Risk Officer for several organizations. She contracts and collaborates with other experts throughout the health care industry. She is also a Registered Nurse with more than 30 years of experience in clinical operations and over 15 years in the Compliance, Ethics and Risk Management areas. She currently serves as adjunct faculty for Duquesne University and the Community College of Allegheny County. She earned her BSN and MSN from LaRoche College and Doctor of Nursing Practice from Duquesne University.
Information Security Architect, MUSC
Matt started in IT as an application developer and database administrator almost 20 years ago, but has spent the last 14 years in Information Security. He joined MUSC in 2012 as the second member of the Information Security team. He holds BS degrees in Business Management and Management Science from the University of South Carolina.
Chuck has over 30 years of IT and information security experience. Prior to joining Pendo.io in late 2018, he served as CISO for Duke Health for seven years. His prior experience also includes serving as the senior manager for Symantec’s Security Advisory Services consulting practice in the US. Chuck received an MBA and B.S. in Physics from NC State University, and has multiple industry certifications, including CISSP, CISM, PMP, and ITIL. He is also a graduate of Carnegie Mellon’s CISO Certificate Program.
John Mack, MBA, MS
Assistant Vice Chancellor for Infrastructure and Operations, UNC-Chapel Hill
John has over 20 years of experience in leading IT organizations in academic, private and military organizations. He previously worked as a member of the Infrastructure senior leadership team while at the University of Michigan. He earned an MBA and MS in Computer Information Systems from Bellevue University, and a BS in Management Studies from the University of Maryland-University College. John holds ITIL and Lean Six Sigma certifications and served as a Signal Officer in the U.S. Army.
Jill McCormack, MHA, M.Ed
VP, Chief Compliance & Privacy Officer, VCU Health System
Prior to serving in this role, Jill spent ten years in Compliance Services at VCUHS. Her professional areas of interest are patient privacy, physician engagement, and organizational dynamics and change. Prior to coming to the health system, Jill worked in the sports medicine profession as a certified athletic trainer for ten years. She earned her MS in Health Administration from Medical College of Virginia, Masters of Education from Auburn University, and BA in Sports Sciences from UNC. She also holds a certification in Healthcare Compliance.
Devi Mehta, JD, MPH
Dawn Morgenstern, MBA, CHPC
Senior Principal Consultant & Chief Privacy Officer, Clearwater
Dawn provides professional consulting services related to the development of HIPAA policies and procedures, HIPAA compliance and/or security controls gap remediation, Business Associate management,etc. She has experience in health care systems, including hospitals. She earned her BA in Business Administration from Columbia College and MBA from Webster University, and maintains certification in Healthcare Privacy Compliance (CHPC).
Tom Mustac, DIA
Senior Director, Biomedical Cybersecurity, Mount Sinai Health System
Tom is responsible for the cybersecurity of medical internet of things (MIoT) devices across The Mount Sinai Health System’s facilities including the Icahn School of Medicine at Mount Sinai, eight hospital campuses and more than 400 ambulatory practices. He collaborates with medical device manufacturers, leading medical institutions and government agencies to promote the adoption of standards, industry best practices and building consensus to promote patient safety across all audiences. He earned his Doctor of Information Assurance from the University of Fairfax, and holds two MBA degrees from Iona College. He holds numerous certifications, including CISO, CRISC, CISSP, CISM and CISA.
Information Security Architect, OSU Wexner Medical Center
Jamie Nelson is an information security enthusiast with more than 20 years of experience in access management, auditing, compliance, incident response, risk assessment and risk management. She is currently focused on building a security education and awareness program to carry the message that security is part of great patient care to more than 25K medical center students and staff.
Nancia Odom, MSN, RN-BC
Nursing Informatics Systems Specialist III, Team Lead, Duke Health Technology Solutions
Nancia has 17 years of nursing informatics and project management experience in a corporate healthcare environment. She also has over six years of healthcare management, patient flow and hospital operations experience. She earned her BSN from NC Central University and MS in Nursing Informatics from UNC Chapel Hill.
Karen Pagliaro-Meyer, CHC, CHPC
Chief Privacy Officer, Columbia University Medical Center
Karen has over 25 years of experience in healthcare privacy, research, compliance, regulatory affairs, safety and quality improvement at large academic medical centers. She previously served as Director of Corporate Compliance & Privacy Officer at New York-Presbyterian Hospital.
Tanisha Raiford, JD
Chief Privacy Officer & Senior Billing Compliance Officer, Weill Cornell Medicine
Tanisha has over 15 years of experience in healthcare operations, privacy, research, compliance, regulatory affairs, quality improvement, and managed care in both physician practices and large academic medical centers. She previously served as Vice President of a Health Care Management firm where she was responsible for compliance, privacy, medical malpractice, internal audit, revenue cycle, and operations. She holds a JD and MPA, with CIPP, CHRC, CHPC, CCEP, CHC and CHPC certifications.
Dennis Schmidt, MS, CISSP
Chief Information Security Officer, UNC Chapel Hill
Dennis has over 25 years of experience leading IT teams in academic and military organizations. He previously served as UNC’s Assistant Vice Chancellor for I&O, the School of Medicine Assistant Dean for IT, and HIPAA Security Officer. He is a Certified Information Systems Security Professional (CISSP) and holds a BS in Electrical Engineering and an MS in Computer Science. Dennis is also a retired naval officer with 24 years of service as a pilot of the P-3C Orion aircraft.
Security Architect, Vanderbilt University Medical Center
Bill is security architect who has worked in the Information Technology field for over 15 years, with a focus on Enterprise Architecture, Security Architecture, Risk Management & Compliance. He has built security programs, risk management programs, and developed strategic architectures and technical system architectures. Bill has led risk management & security architecture initiatives to build secure systems that comply with Federal, Healthcare, or PCI Standards.
Anurag Shankar, PhD
Senior Security Analyst, Indiana University
Anurag has nearly 20 years of experience developing, delivering, and managing IU’s central research cyberinfrastructure. He is a member of IU’s Center for Applied Cybersecurity Research and has expertise in regulatory compliance and cybersecurity risk management. He earned his PhD in Astronomy from the University of Illinois at Urbana-Champaign.
Greg Singleton, MS
Director, Health Sector Cybersecurity Coordination Center, U.S. Department of Health and Human Services
The Health Sector Cybersecurity Coordination Center (HC3) is a U.S. HHS group working to improve cybersecurity in the healthcare and public health sector. Greg previously worked at the Department of Energy as a Senior Advisor on power grid cybersecurity, critical infrastructure protection, and grid resilience. He holds a BS in Systems Engineering from the University of Virginia, and MS degrees in Political Science and Technology & Policy from the Massachusetts Institute of Technology.
Chief Information Security Officer, OSU Wexner Medical Center
Tre leads the security team’s efforts to combat the emerging threats of targeted attacks, cyber-crime and hacktavism against OSUWMC. His team operates a balanced portfolio of technology, process and education control tactics that address an ever-increasing range of new challenges resulting from regulatory enforcement, adoption of consumer technologies in the workplace and a mobile workforce. Before joining OSUWMC in 2003, he was a Software Engineer for Eastman Kodak. He earned a BS in Computer Science from the University of Michigan-Flint and MSA in Information Resource Management from Central Michigan University.
Principal, Stern Security
Jon is the author of the Cisco Press course titled Security Penetration Testing (The Art of Hacking) Live Lessons. He co-chairs the Privacy and Security Workgroup at NCHICA. Jon graduated with a B.A. in Computer Science and holds many security certifications including: GIAC Penetration Tester, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker. He has been a featured Cyber Security Expert on ABC News, WRAL News, and Business North Carolina Magazine.
Director, Duke Health Technology Solutions
Jeff has twenty years of experience in the technology sector, focusing on solutions in a Health context. From medical research to clinical practices and hospitals, Jeff’s team delivers the IT services that enable collaboration between staff, patients and stakeholders internationally. He regularly speaks at industry conferences discussing stakeholder and project management in endeavors including significant technology layers.
Vice President, Coalfire Labs
Mike’s team provides Penetration Testing, Vulnerability Assessment, Incident Response and Forensics, and Application Security services for Coalfire clients. Since starting at Coalfire as Managing Director of Labs in 2011, Mike has helped to expand service offerings to focus on security services that address emerging technologies and to provide a deep evaluation and testing of enterprise security programs. He holds CRSC, CISA, RHCE, CISSP, CCNA and MCSE certifications.
Cyber Engagement Lead, HHS Health Sector Cybersecurity Coordination Center
Prior to joining HC3, William was the HHS Healthcare Threat Operations Center Lead, managing cyber information sharing and collaboration across the Federal healthcare and public health partners. He served in the U.S. Air Force from 2006-2014, where he was selected as one of the initial cadre for the Air Force cyber career field. He graduated from Western Governors University with a Bachelor’s degree in Information Technology.
Click here to read the session descriptions.