<< Back

Spring 2017 Cybersecurity Agenda

06/15/2017

MONDAY, June 12th

1:00 – 1:30 p.m.

Meeting Registration and Check-In

1:30 – 1:45 p.m.

Meeting Overview and Introduction

Welcome to the Cybersecurity Collaborative’s first meeting of Year Two! This opening session will review the meeting agenda, recap past meeting highlights, and provide updates on The Academy Collaboratives.

James Garcia, Vice President, The Health Management Academy
Jenny Huang, Program Coordinator & Research Analyst, The Health Management Academy

1:45 – 3:00 p.m.

Making Cybersecurity a Priority in Mergers & Acquisitions

As health systems continue to consolidate and grow, the acquiring organization must take on the risks and security environment of other organizations. Proper due diligence and standardized cybersecurity approaches are critical before, during and after integration. This kickoff session will discuss Northwell Health’s standardized cybersecurity approach to Mergers & Acquisitions. Additionally, the group will discuss the cyber risks associated with different levels of partnerships, collaborations and integration with community hospitals and physicians.

Kathy Hughes, VP and Chief Information Security Officer, Northwell Health

3:15 – 5:00 p.m.

Breakout Groups: Rapid Insights Instructions: Each health system will have the opportunity to pose ANY cybersecurity question or challenge to the group. Slides are optional, but data and background information is helpful. Feel free to have subtopics or supporting questions to guide the discussion in the preferred direction as well.

Objective: Gather feedback from the group on a challenge your organization is currently facing or plans to address. This is the perfect opportunity to leverage the groups' knowledge and address your challenge by providing immediate insights on effective cybersecurity approaches and strategies.

James Garcia, Vice President, The Health Management Academy
Lou Dignam, Director of Information Security, Virtua

6:00 – 9:00 p.m.

The Academy Reception, Fireside Chat and Peer-Networking Dinner

The Academy is pleased to host Ira “Gus” Hunt, former chief technology officer for the CIA, as our fireside chat. Gus retired from the CIA in 2013 after a 28-year career. As CTO, he set the CIA’s information technology strategic direction, accelerated adoption of new technology and led the agency’s implementation of the Amazon cloud.

Gus Hunt, Former CTO of CIA and current Managing Director of Cybersecurity, Accenture
Gary Bisbee, Ph.D., Chairman and CEO, The Health Management Academy

TUESDAY, June 13th

8:00 – 9:15 a.m.

Benchmarking Cybersecurity Postures

The first session of the day will highlight the results of a recent Academy Benchmarking Survey on key Cybersecurity measures across Leading Health Systems. Following a strong interest from the board, C-suite, and collaborative members, the objective is to provide an opportunity to compare an organization’s cybersecurity posture relative to other health systems. Topics identified include governance, cyber framework, spending, and board engagement.

Monique Hart, Executive Director, Information Security, Piedmont Healthcare

9:30 – 10:45 a.m.

PHI in the Cloud

This interactive session will provide both a legal and vendor perspective on placing PHI in the cloud. Mike Overly, Esq., and Partner at Foley & Lardner, will share best practices and insights on assessing and selecting the appropriate cloud based solutions.

Additionally, Hector Rodriguez, Microsoft’s Worldwide Health Chief Information Security Officer, will share their experience in assisting health systems with their secure & compliant data migration into the cloud, as well as use case examples and lessons learned as industry leaders.

Michael Overly, Esq., Partner, Outsourcing and Information Technology Group, Foley & Lardner LLP Hector Rodriguez, Chief Information Security Officer, Microsoft’s Worldwide Health

11:00 –12:15 p.m.

OCR Audits: Provider Insights and Legal Overview

In this timely session, Kotrina O’Neal and Tracy Griffin from Bon Secours Health System will share their insights and lessons learned from experiences and knowledge with OCR Audit and conducting self audits.

Additionally, from a legal perspective, Jennifer Rathburn, a privacy and security attorney at Foley & Lardner, will cover strategies and best practices to help organizations address common compliance challenges.

Kotrina O’Neal, J.D., Chief Privacy Officer, Bon Secours Health System
Tracy Griffin, Information Security Application Audit Manager, Bon Secours Health System
Jennifer Rathburn, Esq., Partner, Foley & Lardner LLP

12:15 – 1:15 p.m.

Networking Lunch

1:15 – 3:15 p.m.

Rapid Insights

Instructions: Each health system will have the opportunity to pose ANY cybersecurity question or challenge to the group. Slides are optional, but data and background information is helpful. Feel free to have subtopics or supporting questions to guide the discussion in the preferred direction as well.

Objective: Gather feedback from the group on a challenge your organization is currently facing or plans to address. This is the perfect opportunity to leverage the groups' knowledge and address your challenge by providing immediate insights on effective cybersecurity approaches and strategies.

James Garcia, Vice President, The Health Management Academy
Lou Dignam, Director of Information Security, Virtua

3:30 – 4:15 p.m.

Addressing Security Challenges: PCI Compliance

“Having Your PCI Cake & Eating It Too”

This will discuss the challenges of Maintaining PCI Compliance within Epic MyChart and MyChart Mobile.

Mike Pinch, Chief Information Security Officer, University of Rochester/Medical Center
Jonathan Maurer, Chief Information Security Officer, Aurora Health

4:15 – 4:30 p.m.

All Member Debrief In this session, members will discuss key takeaways from sessions and draw on ideas for future agenda topics.

6:00 – 9:00 p.m.

The Academy Reception & Peer-Networking Dinner

WEDNESDAY, June 14th

8:00 – 8:30 a.m.

The Academy TruStar Information Exchange Platform

This breakfast session will update the group on the pilot of our collaborative’s information exchange program. Members from The Academy and TruStar team will gather feedback on shaping the platform to the needs of our group.

Patrick Coughlin, Co-Founder, TruSTAR Technology

8:30 – 9:30 a.m.

Medical Device Security Panel Discussion

This breakfast panel discussion will bring a group of Cybersecurity specialists together to discuss current challenges in medical device cybersecurity, highlight present and future collaborative efforts in advancing medical device security, and share their expertise and experience.

Eugene Bransfield, CEO, WarCollar Industries, LLC
Robert Weiss, Principal Security Engineer, WarCollar Industries; Founder of PWCrack
Joshua Corman, Director, Cyber Statecraft Initiative at Atlantic Council; Founder of I am The Cavalry
Ricky Hill, SCADA Security Manager, Amazon Web Services
Leo Fox, Founder & CEO, Vector Consulting

9:45 – 10:45 a.m.

Role of Blockchain in Healthcare

Does blockchain technology have a place in healthcare? This closing session will be led by Philips Healthcare who will discuss blockchain initiatives at the Philips Research. Additionally, they will address the buzz behind this technology and discuss its current vs. future state, as well as applicability in healthcare.

Mark Hennessy, Principal Architect, Philips Research

10:45 – 11:00 a.m.

Report Back & Closing Comments