Register with Brownie.Bokelman@LitigationConferences.com / 484.324.2755 x212

Program Leaders

Conference Mission

Banner

“Health and medical regulators are promising audits and tougher enforcement while law enforcement warns that health data is under attack. Meanwhile, there is no shortage of ‘solutions’ promising to protect data and prevent breaches, but not enough resources or even time in the day to review all the options. Of course, cyber security is not just an IT problem. It is a risk management problem that requires an interdisciplinary team approach. And that’s what inspired the mission for this event.” –Ben Goodman, 4A Security & Compliance

Ben Goodman

Lisa Clark

4A Healthcare Data Security & Privacy Symposium 2015

Developed in collaboration with

V11

Chairs & Speakers

Ben Goodman CEO 4A Security & Compliance

Pamela E. Clarke Dir. Member Services & Policy HealthShare Exchange of Southeastern Pennsylvania

Lisa W. Clark Partner, Head of Firm’s mHealth Interdisciplinary Group Duane Morris LLP

Patricia Q. Connolly Executive Director Center for Corporate Governance Drexel University LeBow College of

Dr. Tama Copeman Founder & CEO Alcyone*7

Alcyone*7

Register with Brownie.Bokelman@LitigationConferences.com / 484.324.2755 x212

Noelle P. Conners Hospital Compliance Officer St. Christopher’s Hospital for Children

Samantha Billy Senior Professional Risk Broker Aon Risk Solutions

Barbara Holland Regional Manager Office for Civil Rights U.S. Department of Health & Human Services

John M. Neclerio Partner Duane Morris LLP

Winston Krone Managing Director KIVU Consulting Inc.

Jay Orler Vice President Infrastructure & Security Lightbeam Health Solutions

Dave Snyder Chief Information Security Leader, Director of Information Security & Risk Management Offices Independence Blue Cross

Colin Morgan Global Information Security Manager & Information Security Officer Johnson & Johnson

Speakers

Ben Stone Supervisory Special Agent Federal Bureau of Investigation

Adrian Talapan Co-Founder and CEO Haystack Informatics A CHOP & DreamIt Ventures Company

Jaime L. Sheller Product Manager for the Breach Coach® Cyber Portal & Privacy Ethics Consultant NetDiligence®

Steve Alderfer Director, IT Security Audit 4A Security

J. Mark Eggleston Vice President, CISO & Privacy Officer Health Partners Plans

Josh Ladeau Practice Lead – Privacy & Network Security Allied World Assurance Co.

Nikhil Thakur Regulatory Policy Advisor Food & Drug Administration

Agenda

Register with Brownie.Bokelman@LitigationConferences.com / 484.324.2755 x212

09:00

Time Topic Speakers

Big Data & Population Health: Security & Privacy Challenges & Solutions Big data and population health are critical to the success of the “Federal Health IT Strategic Plan 2015-2020,” and yet, there are major security and privacy challenges that are only beginning to be addressed. This panel will consider how big data is being used and some of the key security and privacy implications for population health as well as some of the solutions that address them. than their value?

10:00

Barbara Holland Office of Civil Rights

U.S. Department of Health & Human Services

12:00

11:00 Break

07:30 Registration & Breakfast

Opening Remarks Ben Goodman 4A Security & Compliance

08:45

11:15

Lisa Clark, moderator Duane Morris

Dave Snyder Independence Blue Cross

Jay Orler

Lightbeam Health Solutions

Pamela Clarke HealthShare Exchange of

Southeastern Pennsylvania

HHS Office of National Coordinator for Health Information - Pending confirmation

Law Enforcement Update: Cybercrime & Healthcare Ten months before Anthem disclosed it was breached, the FBI warned the healthcare industry that they were under heightened risk of being the target of cyber attacks. This update from law enforcement will cover the most important past and current cybercrime activity from the law enforcement perspective.

Ben Stone Federal Bureau of Investigation

Health & Human Services: Office of Civil Rights Update HHS OCR has seen significant change and a great deal of activity since the HIPAA Omnibus Final Rule came into effect. This year, pre-audit screening surveys were sent out to 350 covered entities and 50 business associates as part of Phase 2 of the HIPAA Audit Program. This session will provide an update on recent activity and what’s on the horizon, and will explain impacts to Covered Entities, Business Associates and other stakeholders. n their value?

Lunch

Register with Brownie.Bokelman@LitigationConferences.com / 484.324.2755 x212

01:00

Time Topic Speakers

02:00

03:00 Break

Agenda

03:15

Mobile Health, Apps & HIT Innovation: Security & Privacy by Design With $7B invested in healthcare IT ventures last year, innovation in mobile health, healthcare apps & healthcare IT is burgeoning. Too often data security and privacy is an afterthought, as the FDA’s Safety Communication concerning cybersecurity vulnerabilities in the Symbiq Infusion System illustrates. Speakers will discuss how they are innovating & protecting data at the same time. These are models for innovation & product development that every investor should insist upon.

Winston Krone Kivu Consulting

Dr. Tama Copeman

Alcyone*7

Adrian Talapan Haystack Informatics

Nikhil Thakur

Food & Drug Administration

Ben Goodman, moderator 4A Security

Noelle Conners St. Christopher’s Hospital for Children

Mark Eggleston Health Partners Plans

Colin Morgan Johnson & Johnson

Steve Alderfer 4A Security

Security & Privacy Controls: Implementation in the Real World On paper, security plans can be compelling, but the reality of constrained resources and the “human factor” makes implementing and maintaining the required controls a challenge. This is especially true when you factor in company culture, human resource policy, training and issues of employment law. This panel discusses real world solutions that bridge the gap between security and privacy plans and how they are implemented in the real world.

CIOs & Healthcare Cyber Risk Management: Another New Cyber Liability Insurance Frontier “CIOs generally should expect to be sued in increasing numbers over cybersecurity issues,” says an attorney quoted in a recent Wall Street Journal article. How do cyber liability insurance solutions respond? Do they fill in for D&O exclusions? This panel discussion between insurance carriers, attorneys and brokers will discuss these and other important new questions healthcare organizations and their CIO’s should be asking.

Josh Ladeau Allied World Assurance Company

John Neclerio

Duane Morris LLP

Samantha Billy Aon Risk Solutions

Register with Brownie.Bokelman@LitigationConferences.com / 484.324.2755 x212

Time Topic Speakers

Live Tabletop Exercise: Healthcare Data Security Incident Response t This final panel of the day will step through an Incident Response Tabletop Exercise, based on a healthcare data security / privacy incident scenario. The interactive exercise will engage the audience in the process and challenge the panel members as they run through the decision-making process as a security / privacy incident unfolds. Attendees will have the chance to ask questions as participants make decisions based on imperfect information and identify areas of concern for organizations dealing with protected healthcare information.

Ben Goodman, moderator 4A Security & Compliance

Lisa Clark

Duane Morris

Winston Krone Kivu Consulting

Patricia Connolly

LeBow College of Business

Jamie L. Sheller NetDiligence

Mark Eggleston

Health Partners Plans

04:00

05:01 Reception

Agenda

05:00 Adjourn

4A & HB wishes to thank the sponsors and hosts!