Speakers

Michelle Allar

Michelle Allar

IT Manager, Quality & Risk Management, Wake Forest Baptist Health

Michelle oversees risk management, audit and control programs, Epic integrated testing, and has HIPAA/ePHI privacy oversight. She has over 12 years of experience in IT management for hospital systems, with the last four years focused on data security risk management. She holds certifications in ITIL Foundations, CompTia A+, Microsoft Certified Professional and Six Sigma Green Belt.

Marti Arvin, JD

Marti Arvin, JD

VP of Audit Strategy, CynergisTek

Marti is a well-known healthcare compliance professional with extensive experience and expertise. She has focused her career primarily on compliance issues associated with academic medicine. She has been a chief compliance and privacy officer at four academic medical centers and a for-profit hospital system. She has also served as an expert witness for privacy and information security cases. She earned her law degree from Indiana University and holds CHC-F, CHPC, CCEP-F and CHRC certifications.

Jennings Aske, JD, CISSP, CIPP

Jennings Aske, JD, CISSP, CIPP

SVP-Chief Information Security Officer, NewYork-Presbyterian

Prior to joining NYP, Jennings served as CISO for Nuance Communications, Partners HealthCare, and the Commonwealth of Massachusetts’s Executive Office of Health and Human Services. He earned his law degree from Boston University School of Law and is a licensed attorney in the Commonwealth of Massachusetts.

Matt Barrett

Matt Barrett

Program Manager, NIST

Matt has spent the last 20+ years of his career serving as an executive, a Fortune 100 consultant, and a federal employee. He is currently the Program Manager for the NIST Cybersecurity Framework, where he leads the program through planning, team oversight and coordination, and outreach to industry and federal organizations.

Chris Beal

Chris Beal

Chief Information Security Officer, MCNC

Chris is responsible for directing efforts to secure MCNC’s assets, and for developing security services that will benefit MCNC’s constituents in North Carolina. He has worked as an information security professional for nearly 20 years. During that time he’s worn many different hats including system and network administrator, developer, customer support, engineer, consultant, architect, and manager, but he’s always been focused on securing information assets.

Holly Benton, JD, CHPC

Holly Benton, JD, CHPC

University Privacy Officer, Duke University

Holly and her team facilitate compliance with federal, state and global privacy laws and regulations, manage privacy incident assessments and training, and provide guidance to campus stakeholders on privacy related matters that impact the university. Prior to Duke, Holly was the Interim Chief Privacy Officer at UNC Chapel Hill and practiced commercial litigation and employment law. She earned her JD from the University of Washington School of Law.

Sri Bharadwaj

Sri Bharadwaj

Director, Information Systems & CISO, UC Irvine Health

Sri has over 25 years of Information Management Systems experience in multiple industries including healthcare. Prior to joining UC Irvine Health, he consulted with Integrated Delivery Network around ACO, HIE and population health management. Sri has expertise in Applications Development, Enterprise-wide IT Infrastructure and Operations, and is a member of the HIMSS National Public Policy Committee. He earned his MS in Strategic Business Management from the Manchester Metropolitan University.

Sayee Balaji Chandrasekara, MS

Sayee Balaji Chandrasekara, MS

Sr. Security and Privacy Engineer, Allscripts

Sayee has experience in security development lifecycle, privacy and security by design and threat modeling. Prior to joining Allscripts, he earned his Masters in Information Security from Johns Hopkins University, focusing on health and medical security. He currently serves as Vice Chair of the Electronic Health Record Association Privacy and Security Workgroup. He earned his MS in Computer and Information Systems Security/Information Assurance from Johns Hopkins University.

Mike Caudill

Mike Caudill

Assistant Director, Duke Health Computer & Security Incident Response Team

Mike has been with Duke Health for the past six years, where he is responsible for incident response for security incidents and major IT incidents.  Prior to this, he spent almost 14 years at Cisco Systems. He served on the Board of FIRST.org, co-authored a book on Incident Response, and helped to found the Internet Consortium for the Advancement of Security on the Internet (ICASI).

 

Tara Cho, JD, CIPP

Tara Cho, JD, CIPP

Attorney, Wyrick Robbins

Tara’s practice focuses on privacy and data security issues across multiple industry sectors, with an emphasis on compliance risks and regulatory requirements for hospitals, nursing homes and home health providers, physician practices, pharmacies, device manufacturers, clinical research organizations, and other clients in the health care and pharmaceutical industries. She received her law degree from the New England School of Law.

Carlos Cruz, JD, MHA

Carlos Cruz, JD, MHA

SVP & Chief Compliance Officer, Tri-City Healthcare

Carlos has extensive experience as a compliance professional with oversight in a number of areas of compliance, including research, fraud and abuse, HIPAA Privacy, and billing compliance. Prior to joining Tri-City, he served as the Chief Integrity Officer at Sinai Health System, Director of Compliance and Risk Management at Stanford Health, and Compliance Officer at University of Washington Physicians. He earned a JD from the University of Florida and a MHA from Seton Hall University.

Rich Curtiss, CISSP, ITIL

Rich Curtiss, CISSP, ITIL

Chief Information Security Officer, Clearwater Compliance

Rich has over 35 years of executive IT experience with the U.S. Navy, Welkin Associates, Scitor Corporation and SRA International. Before joining Clearwater, he served as CISO of Memorial Health and CIO of St. Peter’s Hospital. He earned his BS in Computer Information Systems Management from Colorado Christian University.

David Dillehunt

David Dillehunt

VP of IT and CIO, FirstHealth of the Carolinas

David is responsible for both Information Systems and Biomedical Engineering for the FirstHealth system. He has 44 years of finance and IT experience, 33 of them in health care. Prior to joining FirstHealth, he served as Vice President of Information Systems & CIO of Cape Fear Valley Health System for 17 years. He earned his BS in Business Administration from Miami University.

Mike Dockery

Mike Dockery

Information Security Officer and VP, Cincinnati Insurance Companies

Mike manages a security team in support of security and privacy, insurance claims investigation, and cyber underwriting. His 36 years in the security field include a tour with the U.S. Air Force and fourteen years as a Special Agent with the Defense Investigative Service. He authored several forensics tools for processing electronic evidence. He earned his bachelor’s degree in Business Administration from the University of Nebraska at Omaha.

Shane Eaker, MBA

Shane Eaker, MBA

Director, Information Security Risk and Compliance, Encompass Health Corporation

Shane oversees patch and vulnerability management, risk management, third party risk, information security programs and cybersecurity policy. He previously worked for Southern Company and was a Captain in the USAF Reserve for nine years. He earned his MBA from the University of Alabama at Birmingham.

Leanne Field, PhD

Leanne Field, PhD

Director, Health Informatics and Health IT Program, University of Texas at Austin

Leanne is also a Distinguished Senior Lecturer in the College of Natural Sciences and Department of Molecular Biosciences and Adjunct Associate Professor of Public Health at the UT Health Sciences Center. She teaches courses in human infectious diseases and emerging and re-emerging infectious diseases, and carries out applied public health and public health informatics research in partnership with members of local and state public health practice agencies.

Mike Gregory, CISSP, CHP

Mike Gregory, CISSP, CHP

Director of Information Security and Privacy & ISO, Community Healthcare System

Mike has served as a Director of IT for 18 years, 13 of them in health care. His duties includes oversight of the IT security program, Privacy program and applications security teams, as well as implementation of security perimeter controls. He also manages the incident response team and chairs several security and privacy steering committees for the organization. He has a BS from the University of Puerto Rico – Mayaguez.

Kiren Gurai, JD

Kiren Gurai, JD

Deputy Chief Privacy Officer, Sutter Health

Kiren provides direction and oversight of the privacy program in the valley area at Sutter Health. Prior to joining Sutter, she worked in privacy roles at Humana and Blue Shield of California. Kiren earned her law degree from University of the Pacific, McGeorge School of Law and holds CHPC and CIPP/US certifications.

 

Shay Hassidim

Shay Hassidim

Chief Technology Officer, sema4

Shay has more than 20 years of experience in technical management and leadership. He has been involved with large scale projects in different verticals including financial services, telecom, healthcare, e-commerce, travel, logistics and homeland security. Prior to joining Sema4, he worked for GigaSpaces Technologies, Versant and Sirius Technologies. He holds a BSC in Electrical and Computer Engineering from Ben-Gurion University of the Negev.

Clyde Hewitt, CISSP, CHS

Clyde Hewitt, CISSP, CHS

VP of Security Strategy, CynergisTek

Clyde has over 30 years of executive leadership experience in cybersecurity. He retired from the US Air Force after serving in various senior IT technology positions, later working in the private sector in various information security management roles. Most recently, he was the Vice President & Chief Security Officer for Allscripts Healthcare, where he implemented a global ISO 27001 Information Security Management System. He also holds ISO 27001 Lead Auditor and Level III Program Manager credentials.

David Holtzman, JD, CIPP

David Holtzman, JD, CIPP

VP for Compliance Strategies, CynergisTek

David is considered a subject matter expert in health information privacy policy and compliance issues involving the HIPAA Privacy, Security and Breach Notification Rules. Prior to CynergisTek, he served on the health information privacy team at the Department of Health & Human Services, Office for Civil Rights (OCR/HHS), where he led many OCR initiatives including the effort to integrate the administration and enforcement of the HIPAA Security Rule, and health information technology policies. He earned his law degree from Western New England College of Law.

Chuck Kesler, MBA, CISSP, CISM

Chuck Kesler, MBA, CISSP, CISM

Chief Information Security Officer, Duke Health

Chuck has over 30 years of IT and security experience in a variety of industries. Prior to joining Duke Health in 2011, he served as the senior manager for Symantec’s Security Advisory Services consulting practice in the US. He received his MBA in Physics from NC State University, is a graduate of Carnegie Mellon’s CISO Certificate Program, and holds PMP and ITIL certifications.

David Kuraguntla, DO

David Kuraguntla, DO

CEO, GraftWorx, LLC

David was preparing to begin a surgical residency when he was confronted with the need for an implantable device. This led him to form GraftWorx, a biotechnology company developing implantable technology for integrated remote patient monitoring. He earned his DO from the West Virginia School of Osteopathic Medicine.

Monty LaRue

Monty LaRue

Director, Security Development Lifecycle, Allscripts

Monty has 20 years of software development experience, including ten years at Microsoft working in Windows, Automotive, Surface, Xbox and Trustworthy Computing (core security). His focus areas include end-to-end cybersecurity, “operationalization”, cloud computing and software development. He earned his BS in Computer Science from East Michigan University.

Robert Lord

Robert Lord

Co-founder & CEO, Protenus

Robert co-founded Protenus along with another medical school student to protect patient privacy in electronic health records. He is an expert in the fields of artificial intelligence, cybersecurity, healthcare analytics, and data privacy. Before co-founding Protenus, he was an MD candidate at the Johns Hopkins University School of Medicine.

Dominic Madigan, JD

Dominic Madigan, JD

Partner, Williams Mullen

Dominic focuses his practice on providing transactional and regulatory representation to health care clients, including hospital systems, long-term care providers and physicians and physician practice groups. Prior to joining Williams Mullen, he was an attorney with McCandlish Holton for 16 years. He earned his law degree from the University of Virginia School of Law.

Tom Maniaci

Tom Maniaci

Information Security Analyst, Duke Health

Tom is the Team Lead for Security Applications at Duke Health, including Endpoint Protection Platforms, Vulnerability Management and Data Loss Prevention. He has ten years of experience in IT, including Security Incident Response and EHR Systems Administration. He earned his BS in Computer Science from SUNY Buffalo and is certified in ITIL Foundations.

Dominic Messer, CISSP

Dominic Messer, CISSP

Cybersecurity Engineer, WakeMed Health and Hospitals

Dominic has over 20 years of IT experience, with ten of those years serving in the healthcare industry. He has led several initiatives such as multifactor authentication for remote access and controlled substance prescriptions, application whitelisting, and a cybersecurity awareness program. He has earned 18 industry certifications over the years and holds a BS in Information Technology from WGU-North Carolina.

Jennifer Minella

Jennifer Minella

VP of Engineering & Security, Carolina Advanced Digital, Inc.

Jennifer leads strategic research and consulting for government, education, and Fortune 100 & 500 corporations. In addition to her normal roles, she is a published author, consultant, and internationally-recognized speaker. She also serves as Vice Chair of the Board of (ISC)2 and on the faculty of IANS.

John Nye, CISSP, CPT

John Nye, CISSP, CPT

VP, Cybersecurity Strategy, CynergisTek

John has spent nearly a decade in information security which includes time with the U.S. Army, CSG International, Peter Kiewit and Sons, First Data Corp, and KPMG LLP before joining CynergisTek. John has been working exclusively as a professional penetration tester for the last four years and has presented at numerous local conferences for developers and other IT professionals. His certifications include Certified Ethical Hacker.

Lee Olson, CISSP, CISM

Lee Olson, CISSP, CISM

Senior Analyst, Mayo Clinic

Lee works in Mayo Clinic’s information security group with primary responsibilities in the areas of policy and identity and access management. He has over 35 years of general experience in the information security field and previously worked for the Defense Investigative Service as an industrial security specialist and regional computer security specialist.

Karen Pagliaro-Meyer, CHC, CHPC

Karen Pagliaro-Meyer, CHC, CHPC

Chief Privacy Officer, Columbia University Medical Center

Karen has over 25 years of experience in healthcare privacy, research, compliance, regulatory affairs, safety and quality improvement at large academic medical centers. She previously served as Director of Corporate Compliance & Privacy Officer at New York-Presbyterian Hospital.

Felipe Polo-Wood

Felipe Polo-Wood

Sr. Manager, Clinical Applications Technical Services, Duke Health Technology Solutions

Felipe is a technologist with over 30 years of experience in development, management and coaching enterprises on Information Technology.  He is a strong believer in Software Development Life Cycle and DevOps and has been preaching the concepts of continuous and repeatable processes for many years. He is now in the “Exposure” stage of implementing DevOps at Duke. He previously worked for Symantec and IBM.

Randy Regimbal, CISSP

Randy Regimbal, CISSP

Director of Infrastructure Architecture, Mayo Clinic

Randy serves as Director of Infrastructure Architecture and Engineering Core Cybersecurity Services in the Office of Information Security. He has worked at Mayo Clinic for over 32 years in a variety of roles: analyst programmer, multiple network engineer roles, network manager, and information security director.

Lynn Rohland, MPA

Partner, Data and Analytics Solutions, RGP

Lynn is a data privacy and cybersecurity risk and compliance strategist with 25 years of experience leading IT strategies, developing approaches for large-scale risk assessments, GDPR compliance-readiness reviews, internal audits, and implementing IA remediation and mitigation plans. Prior to RGP, she worked for Deloitte, Booz Allen Hamilton and HP. She earned her MPA from George Mason University.

Suzanne Schwartz, MD, MBA

Suzanne Schwartz, MD, MBA

Associate Director for Science & Strategic Partnerships, Center for Devices and Radiological Health, US FDA

Suzanne chairs the Cybersecurity Working Group, which is tasked with formulating policy on medical device cybersecurity. She also serves as co-chair of the Government Coordinating Council for the Healthcare and Public Health Critical Infrastructure Sector, focusing on healthcare cybersecurity initiatives. She earned her MD from Albert Einstein College of Medicine of Yeshiva University and MBA from NYU Stern School of Business.

Sara Schweitzer , MBA

Senior Information Security Analyst, Mayo Clinic

Sara works within Identity and Access Management, part of the department of Information Security at Mayo Clinic. She has been involved in the implementation of multifactor authentication for remote access, internal phishing campaigns, and vulnerability testing and information security education. She is currently mapping, conducting gap analysis and developing the policies, procedures and guidelines for the NIST 800-63 implementation. She earned her MBA from Cardinal Stritch University.

Anurag Shankar, PhD

Anurag Shankar, PhD

Senior Security Analyst, Indiana University

Anurag has nearly 20 years of experience developing, delivering, and managing IU’s central research cyberinfrastructure. He is a member of IU’s Center for Applied Cybersecurity Research and has expertise in regulatory compliance and cybersecurity risk management. He earned his PhD in Astronomy from the University of Illinois at Urbana-Champaign.

Steve Snyder, JD

Steve Snyder, JD

Attorney & CISO, Smith Moore Leatherwood LLP

Steve is a member of the firm’s Cybersecurity and Data Breach team where he advises clients on prevention measures, liability protection, data breach response and mitigation, and interaction with regulatory agencies and law enforcement. He also serves as the firm’s Chief Information Security Officer. He earned his law degree from New York University School of Law, MS in Structural Engineering from Lehigh University, and is CIPP/US certified.

Lauren Steinfeld, JD

Lauren Steinfeld, JD

Chief Privacy Officer, Penn Medicine

Lauren leads and oversees the HIPAA compliance program and other privacy initiatives for Penn’s five hospitals, over 200 physician practices, and the School of Medicine research program. Prior to joining Penn, she was Associate Chief Counselor for Privacy at the Office of Management and Budget, and served as Attorney Advisor to the Federal Trade Commissioner. She earned her law degree from New York University School of Law.

Jay Stewart, MBA

Jay Stewart, MBA

CORL Leader - Accounts, Markets, & Partners, CORL Technologies

Jay assists clients with their vendor security risk management programs. His clients include more than 70 health organizations including 45 hospital systems, academic medical centers and health plans. Before joining CORL, he was a sales representative for Barco, a medical device company. He earned his MBA from Mercer University.

 

Robert Van Arnam, JD

Robert Van Arnam, JD

Partner, Williams Mullen

Rob is an intellectual property lawyer Rob is an experienced intellectual property lawyer who focuses his practice on litigation involving patents, trademarks, copyrights and trade secrets. He also counsels clients on data protection, privacy and cybersecurity policies. He is chair of the firm’s Intellectual Property Section and its Data Protection & Cybersecurity Practice. Prior to joining the firm, he worked for Hunton & Williams and the U.S. Department of Justice. He earned his law degree from UNC-Chapel Hill School of Law.

Gary Warner

Gary Warner

Director of Research in Computer Forensics, University of Alabama at Birmingham

Gary concentrates on research that will help law enforcement and other security professionals to identify and convict those committing cybercrime. He has over two decades of experience in computer forensics, including developing advanced techniques in identifying cybercriminals, anti-malware and anti-phishing techniques. He also serves as Chief Threat Scientist at PhishMe. He earned his BS in Computer Science from UAB.

Robert Webster, JD

Robert Webster, JD

Data Privacy Attorney, LabCorp

Robert is a data privacy attorney within LabCorp’s Global Compliance workgroup where he provides guidance on data privacy and cyber security matters to the company’s global business units. Prior to this role, he served as an attorney in LabCorp’s Legal Department where he provided guidance on IT and data related matters. He earned his law degree from Elon University.

This continues to be an excellent conference, well planned and implemented. Great value, great information, and great networking.

—2014 Conference Attendee

Click here to read the session descriptions.