Industry Spotlight: HICP - Health Industry Cybersecurity Practices

Managing Threats and Protecting Patients

  • Event Date:
  • Event Time: 1 p.m. Central

Learn more about the voluntary, consensus-based, industry-led and -developed cybersecurity practices for the health care industry. We will discuss how a 150-member-driven task force, facilitated by the Department of Health and Human Services, identified five cyber threats to health care and the 10 practices to help mitigate them.

What You Will Learn:

  • Details behind the public-private partnership model developed between the Healthcare Sector Coordinating Council and the Government Coordinating Council.
  • The five cybersecurity threats the industry feels are most critical to manage.
  • How to identify the 10 cybersecurity practices to mitigate these threats, and their sub-practices.
  • How to prioritize the threats for your organization, and subsequently the implementation of practices to mitigate those threats.

« View All Events

Thought Leaders

John Riggi
Senior Advisor for Cybersecurity and Risk
American Hospital Association (AHA)
John Riggi image
+Bio

John Riggi, having spent nearly 30 years as a highly decorated veteran of the FBI, serves as the Senior Advisor for Cybersecurity and Risk for the American Hospital Association (AHA) and their 5000+ member hospitals. In this role John serves as a resource nationally to assist members identify and combat cyber and other sources of risk to their organizations. Additionally, John will support the AHA’s policy efforts and Federal agency relations on cyber and other risk related issues. Previously, John led BDO Advisory’s Cybersecurity and Financial Crimes Practice. While at the FBI, John served as a representative to the White House Cyber Response Group. He also led the FBI Cyber national program to develop mission critical partnerships with the health care and other critical infrastructure sectors for the investigation and exchange of information related to national security and criminal-related cyber threats.

Erik Decker
Chief Security and Privacy Officer
University of Chicago Medicine
Erik Decker image
+Bio

Erik Decker is the Chief Security and Privacy Officer for the University of Chicago Medicine, and is responsible for its Cyber Security, Identity and Access Management and HIPAA Privacy Programs.  Erik has 18 years of experience within Information Technology, with 12 years focused on Information Security.  The majority of his career has been focused on Academic Medical Centers; establishing two information security programs and an identity and access management program. Erik is the current Chair of the Association for Executives in Healthcare Information Security (AEHIS) Board. This association focuses on educating over 900 CISOs and providing cybersecurity resources within the Healthcare sector, as well as advocating for Healthcare Information Security needs in both regulatory affairs and legislative affairs capacities.

Julie Anne Chua
Branch Chief for Risk Management
Department of Health and Human Services (HHS)
Julie Anne Chua image
+Bio

Julie joined the Governance, Risk Management and Compliance (GRC) Division within the Department of Health and Human Services (HHS) Office of Information Security (OIS) in October 2015.  As the Branch Chief for Risk Management, Julie is responsible for establishing a Department-wide enterprise risk management program.  Julie also leads and oversees high visibility initiatives including the identification and protection of HHS’ most critical high value assets and the HHS FedRAMP and Cloud Security Program, which is a standardized approach to security assessments, authorizations, and continuous monitoring of cloud service providers.  Julie is a regular speaker at conferences and at HHS CISO leadership council meetings where she briefs executive leadership across all HHS Operating Divisions on upcoming risk management initiatives.

Julie is also the Federal Lead for the implementation of the Cybersecurity Act (CISA) of 2015, Section 405(d): Aligning Healthcare Cybersecurity Approaches.  This public-private partnership effort is one of many HHS cybersecurity initiatives to help push forward the cybersecurity and resiliency of the HPH sector.

On Demand Button