IT Manager, Quality & Risk Management, Wake Forest Baptist Health
Michelle oversees risk management, audit and control programs, Epic integrated testing, and has HIPAA/ePHI privacy oversight. She has over 12 years of experience in IT management for hospital systems, with the last four years focused on data security risk management. She holds certifications in ITIL Foundations, CompTia A+, Microsoft Certified Professional and Six Sigma Green Belt.
Marti Arvin, JD
VP of Audit Strategy, CynergisTek
Marti is a well-known healthcare compliance professional with extensive experience and expertise. She has focused her career primarily on compliance issues associated with academic medicine. She has been a chief compliance and privacy officer at four academic medical centers and a for-profit hospital system. She has also served as an expert witness for privacy and information security cases. She earned her law degree from Indiana University and holds CHC-F, CHPC, CCEP-F and CHRC certifications.
Jennings Aske, JD, CISSP, CIPP
SVP-Chief Information Security Officer, NewYork-Presbyterian
Prior to joining NYP, Jennings served as CISO for Nuance Communications, Partners HealthCare, and the Commonwealth of Massachusetts’s Executive Office of Health and Human Services. He earned his law degree from Boston University School of Law and is a licensed attorney in the Commonwealth of Massachusetts.
Program Manager, NIST
Matt has spent the last 20+ years of his career serving as an executive, a Fortune 100 consultant, and a federal employee. He is currently the Program Manager for the NIST Cybersecurity Framework, where he leads the program through planning, team oversight and coordination, and outreach to industry and federal organizations.
Chief Information Security Officer, MCNC
Chris is responsible for directing efforts to secure MCNC’s assets, and for developing security services that will benefit MCNC’s constituents in North Carolina. He has worked as an information security professional for nearly 20 years. During that time he’s worn many different hats including system and network administrator, developer, customer support, engineer, consultant, architect, and manager, but he’s always been focused on securing information assets.
Holly Benton, JD, CHPC
University Privacy Officer, Duke University
Holly and her team facilitate compliance with federal, state and global privacy laws and regulations, manage privacy incident assessments and training, and provide guidance to campus stakeholders on privacy related matters that impact the university. Prior to Duke, Holly was the Interim Chief Privacy Officer at UNC Chapel Hill and practiced commercial litigation and employment law. She earned her JD from the University of Washington School of Law.
Director, Information Systems & CISO, UC Irvine Health
Sri has over 25 years of Information Management Systems experience in multiple industries including healthcare. Prior to joining UC Irvine Health, he consulted with Integrated Delivery Network around ACO, HIE and population health management. Sri has expertise in Applications Development, Enterprise-wide IT Infrastructure and Operations, and is a member of the HIMSS National Public Policy Committee. He earned his MS in Strategic Business Management from the Manchester Metropolitan University.
Sayee Balaji Chandrasekara, MS
Sr. Security and Privacy Engineer, Allscripts
Sayee has experience in security development lifecycle, privacy and security by design and threat modeling. Prior to joining Allscripts, he earned his Masters in Information Security from Johns Hopkins University, focusing on health and medical security. He currently serves as Vice Chair of the Electronic Health Record Association Privacy and Security Workgroup. He earned his MS in Computer and Information Systems Security/Information Assurance from Johns Hopkins University.
Assistant Director, Duke Health Computer & Security Incident Response Team
Mike has been with Duke Health for the past six years, where he is responsible for incident response for security incidents and major IT incidents. Prior to this, he spent almost 14 years at Cisco Systems. He served on the Board of FIRST.org, co-authored a book on Incident Response, and helped to found the Internet Consortium for the Advancement of Security on the Internet (ICASI).
Tara Cho, JD, CIPP
Attorney, Wyrick Robbins
Tara’s practice focuses on privacy and data security issues across multiple industry sectors, with an emphasis on compliance risks and regulatory requirements for hospitals, nursing homes and home health providers, physician practices, pharmacies, device manufacturers, clinical research organizations, and other clients in the health care and pharmaceutical industries. She received her law degree from the New England School of Law.
Carlos Cruz, JD, MHA
SVP & Chief Compliance Officer, Tri-City Healthcare
Carlos has extensive experience as a compliance professional with oversight in a number of areas of compliance, including research, fraud and abuse, HIPAA Privacy, and billing compliance. Prior to joining Tri-City, he served as the Chief Integrity Officer at Sinai Health System, Director of Compliance and Risk Management at Stanford Health, and Compliance Officer at University of Washington Physicians. He earned a JD from the University of Florida and a MHA from Seton Hall University.
Rich Curtiss, CISSP, ITIL
Chief Information Security Officer, Clearwater Compliance
Rich has over 35 years of executive IT experience with the U.S. Navy, Welkin Associates, Scitor Corporation and SRA International. Before joining Clearwater, he served as CISO of Memorial Health and CIO of St. Peter’s Hospital. He earned his BS in Computer Information Systems Management from Colorado Christian University.
VP of IT and CIO, FirstHealth of the Carolinas
David is responsible for both Information Systems and Biomedical Engineering for the FirstHealth system. He has 44 years of finance and IT experience, 33 of them in health care. Prior to joining FirstHealth, he served as Vice President of Information Systems & CIO of Cape Fear Valley Health System for 17 years. He earned his BS in Business Administration from Miami University.
Information Security Officer and VP, Cincinnati Insurance Companies
Mike manages a security team in support of security and privacy, insurance claims investigation, and cyber underwriting. His 36 years in the security field include a tour with the U.S. Air Force and fourteen years as a Special Agent with the Defense Investigative Service. He authored several forensics tools for processing electronic evidence. He earned his bachelor’s degree in Business Administration from the University of Nebraska at Omaha.
Shane Eaker, MBA
Director, Information Security Risk and Compliance, Encompass Health Corporation
Shane oversees patch and vulnerability management, risk management, third party risk, information security programs and cybersecurity policy. He previously worked for Southern Company and was a Captain in the USAF Reserve for nine years. He earned his MBA from the University of Alabama at Birmingham.
Leanne Field, PhD
Director, Health Informatics and Health IT Program, University of Texas at Austin
Leanne is also a Distinguished Senior Lecturer in the College of Natural Sciences and Department of Molecular Biosciences and Adjunct Associate Professor of Public Health at the UT Health Sciences Center. She teaches courses in human infectious diseases and emerging and re-emerging infectious diseases, and carries out applied public health and public health informatics research in partnership with members of local and state public health practice agencies.
Mike Gregory, CISSP, CHP
Director of Information Security and Privacy & ISO, Community Healthcare System
Mike has served as a Director of IT for 18 years, 13 of them in health care. His duties includes oversight of the IT security program, Privacy program and applications security teams, as well as implementation of security perimeter controls. He also manages the incident response team and chairs several security and privacy steering committees for the organization. He has a BS from the University of Puerto Rico – Mayaguez.
Kiren Gurai, JD
Deputy Chief Privacy Officer, Sutter Health
Kiren provides direction and oversight of the privacy program in the valley area at Sutter Health. Prior to joining Sutter, she worked in privacy roles at Humana and Blue Shield of California. Kiren earned her law degree from University of the Pacific, McGeorge School of Law and holds CHPC and CIPP/US certifications.
Chief Technology Officer, sema4
Shay has more than 20 years of experience in technical management and leadership. He has been involved with large scale projects in different verticals including financial services, telecom, healthcare, e-commerce, travel, logistics and homeland security. Prior to joining Sema4, he worked for GigaSpaces Technologies, Versant and Sirius Technologies. He holds a BSC in Electrical and Computer Engineering from Ben-Gurion University of the Negev.
Clyde Hewitt, CISSP, CHS
VP of Security Strategy, CynergisTek
Clyde has over 30 years of executive leadership experience in cybersecurity. He retired from the US Air Force after serving in various senior IT technology positions, later working in the private sector in various information security management roles. Most recently, he was the Vice President & Chief Security Officer for Allscripts Healthcare, where he implemented a global ISO 27001 Information Security Management System. He also holds ISO 27001 Lead Auditor and Level III Program Manager credentials.
David Holtzman, JD, CIPP
VP for Compliance Strategies, CynergisTek
Chuck Kesler, MBA, CISSP, CISM
Chief Information Security Officer, Duke Health
Chuck has over 30 years of IT and security experience in a variety of industries. Prior to joining Duke Health in 2011, he served as the senior manager for Symantec’s Security Advisory Services consulting practice in the US. He received his MBA in Physics from NC State University, is a graduate of Carnegie Mellon’s CISO Certificate Program, and holds PMP and ITIL certifications.
David Kuraguntla, DO
CEO, GraftWorx, LLC
David was preparing to begin a surgical residency when he was confronted with the need for an implantable device. This led him to form GraftWorx, a biotechnology company developing implantable technology for integrated remote patient monitoring. He earned his DO from the West Virginia School of Osteopathic Medicine.
Director, Security Development Lifecycle, Allscripts
Monty has 20 years of software development experience, including ten years at Microsoft working in Windows, Automotive, Surface, Xbox and Trustworthy Computing (core security). His focus areas include end-to-end cybersecurity, “operationalization”, cloud computing and software development. He earned his BS in Computer Science from East Michigan University.
Co-founder & CEO, Protenus
Robert co-founded Protenus along with another medical school student to protect patient privacy in electronic health records. He is an expert in the fields of artificial intelligence, cybersecurity, healthcare analytics, and data privacy. Before co-founding Protenus, he was an MD candidate at the Johns Hopkins University School of Medicine.
Dominic Madigan, JD
Partner, Williams Mullen
Dominic focuses his practice on providing transactional and regulatory representation to health care clients, including hospital systems, long-term care providers and physicians and physician practice groups. Prior to joining Williams Mullen, he was an attorney with McCandlish Holton for 16 years. He earned his law degree from the University of Virginia School of Law.
Information Security Analyst, Duke Health
Tom is the Team Lead for Security Applications at Duke Health, including Endpoint Protection Platforms, Vulnerability Management and Data Loss Prevention. He has ten years of experience in IT, including Security Incident Response and EHR Systems Administration. He earned his BS in Computer Science from SUNY Buffalo and is certified in ITIL Foundations.
Dominic Messer, CISSP
Cybersecurity Engineer, WakeMed Health and Hospitals
Dominic has over 20 years of IT experience, with ten of those years serving in the healthcare industry. He has led several initiatives such as multifactor authentication for remote access and controlled substance prescriptions, application whitelisting, and a cybersecurity awareness program. He has earned 18 industry certifications over the years and holds a BS in Information Technology from WGU-North Carolina.
VP of Engineering & Security, Carolina Advanced Digital, Inc.
Jennifer leads strategic research and consulting for government, education, and Fortune 100 & 500 corporations. In addition to her normal roles, she is a published author, consultant, and internationally-recognized speaker. She also serves as Vice Chair of the Board of (ISC)2 and on the faculty of IANS.
John Nye, CISSP, CPT
VP, Cybersecurity Strategy, CynergisTek
John has spent nearly a decade in information security which includes time with the U.S. Army, CSG International, Peter Kiewit and Sons, First Data Corp, and KPMG LLP before joining CynergisTek. John has been working exclusively as a professional penetration tester for the last four years and has presented at numerous local conferences for developers and other IT professionals. His certifications include Certified Ethical Hacker.
Lee Olson, CISSP, CISM
Senior Analyst, Mayo Clinic
Lee works in Mayo Clinic’s information security group with primary responsibilities in the areas of policy and identity and access management. He has over 35 years of general experience in the information security field and previously worked for the Defense Investigative Service as an industrial security specialist and regional computer security specialist.
Karen Pagliaro-Meyer, CHC, CHPC
Chief Privacy Officer, Columbia University Medical Center
Karen has over 25 years of experience in healthcare privacy, research, compliance, regulatory affairs, safety and quality improvement at large academic medical centers. She previously served as Director of Corporate Compliance & Privacy Officer at New York-Presbyterian Hospital.
Sr. Manager, Clinical Applications Technical Services, Duke Health Technology Solutions
Felipe is a technologist with over 30 years of experience in development, management and coaching enterprises on Information Technology. He is a strong believer in Software Development Life Cycle and DevOps and has been preaching the concepts of continuous and repeatable processes for many years. He is now in the “Exposure” stage of implementing DevOps at Duke. He previously worked for Symantec and IBM.
Randy Regimbal, CISSP
Director of Infrastructure Architecture, Mayo Clinic
Randy serves as Director of Infrastructure Architecture and Engineering Core Cybersecurity Services in the Office of Information Security. He has worked at Mayo Clinic for over 32 years in a variety of roles: analyst programmer, multiple network engineer roles, network manager, and information security director.
Lynn Rohland, MPA
Partner, Data and Analytics Solutions, RGP
Lynn is a data privacy and cybersecurity risk and compliance strategist with 25 years of experience leading IT strategies, developing approaches for large-scale risk assessments, GDPR compliance-readiness reviews, internal audits, and implementing IA remediation and mitigation plans. Prior to RGP, she worked for Deloitte, Booz Allen Hamilton and HP. She earned her MPA from George Mason University.
Suzanne Schwartz, MD, MBA
Associate Director for Science & Strategic Partnerships, Center for Devices and Radiological Health, US FDA
Suzanne chairs the Cybersecurity Working Group, which is tasked with formulating policy on medical device cybersecurity. She also serves as co-chair of the Government Coordinating Council for the Healthcare and Public Health Critical Infrastructure Sector, focusing on healthcare cybersecurity initiatives. She earned her MD from Albert Einstein College of Medicine of Yeshiva University and MBA from NYU Stern School of Business.
Sara Schweitzer , MBA
Senior Information Security Analyst, Mayo Clinic
Sara works within Identity and Access Management, part of the department of Information Security at Mayo Clinic. She has been involved in the implementation of multifactor authentication for remote access, internal phishing campaigns, and vulnerability testing and information security education. She is currently mapping, conducting gap analysis and developing the policies, procedures and guidelines for the NIST 800-63 implementation. She earned her MBA from Cardinal Stritch University.
Anurag Shankar, PhD
Senior Security Analyst, Indiana University
Anurag has nearly 20 years of experience developing, delivering, and managing IU’s central research cyberinfrastructure. He is a member of IU’s Center for Applied Cybersecurity Research and has expertise in regulatory compliance and cybersecurity risk management. He earned his PhD in Astronomy from the University of Illinois at Urbana-Champaign.
Steve Snyder, JD
Attorney & CISO, Smith Moore Leatherwood LLP
Steve is a member of the firm’s Cybersecurity and Data Breach team where he advises clients on prevention measures, liability protection, data breach response and mitigation, and interaction with regulatory agencies and law enforcement. He also serves as the firm’s Chief Information Security Officer. He earned his law degree from New York University School of Law, MS in Structural Engineering from Lehigh University, and is CIPP/US certified.
Lauren Steinfeld, JD
Chief Privacy Officer, Penn Medicine
Lauren leads and oversees the HIPAA compliance program and other privacy initiatives for Penn’s five hospitals, over 200 physician practices, and the School of Medicine research program. Prior to joining Penn, she was Associate Chief Counselor for Privacy at the Office of Management and Budget, and served as Attorney Advisor to the Federal Trade Commissioner. She earned her law degree from New York University School of Law.
Jay Stewart, MBA
CORL Leader - Accounts, Markets, & Partners, CORL Technologies
Jay assists clients with their vendor security risk management programs. His clients include more than 70 health organizations including 45 hospital systems, academic medical centers and health plans. Before joining CORL, he was a sales representative for Barco, a medical device company. He earned his MBA from Mercer University.
Robert Van Arnam, JD
Partner, Williams Mullen
Rob is an intellectual property lawyer Rob is an experienced intellectual property lawyer who focuses his practice on litigation involving patents, trademarks, copyrights and trade secrets. He also counsels clients on data protection, privacy and cybersecurity policies. He is chair of the firm’s Intellectual Property Section and its Data Protection & Cybersecurity Practice. Prior to joining the firm, he worked for Hunton & Williams and the U.S. Department of Justice. He earned his law degree from UNC-Chapel Hill School of Law.
Director of Research in Computer Forensics, University of Alabama at Birmingham
Gary concentrates on research that will help law enforcement and other security professionals to identify and convict those committing cybercrime. He has over two decades of experience in computer forensics, including developing advanced techniques in identifying cybercriminals, anti-malware and anti-phishing techniques. He also serves as Chief Threat Scientist at PhishMe. He earned his BS in Computer Science from UAB.
Robert Webster, JD
Data Privacy Attorney, LabCorp
Robert is a data privacy attorney within LabCorp’s Global Compliance workgroup where he provides guidance on data privacy and cyber security matters to the company’s global business units. Prior to this role, he served as an attorney in LabCorp’s Legal Department where he provided guidance on IT and data related matters. He earned his law degree from Elon University.
Click here to read the session descriptions.