May 18 21, 2015 Gaylord Texan Resort, Dallas/Fort Worth

Transcription

1 May 18 21, 2015 Gaylord Texan Resort, Dallas/Fort Worth

2 HITRUST 2015 is the only event dedicated to exploring all aspects of healthcare information protection and utilization of the HITRUST CSF and CSF Assurance Program. Gaylord Texas Resort & Convention Center 1501 Gaylord Trail, Grapevine, Texas (817) How to Register Click here to register. A booking link for the Gaylord Texan will be sent in your registration confirmation . For more information on the conference, you can also visit: CPE Credit Information Attendees can receive proof of attendance upon request for 16 hours of CPE credit. Pricing and Payment Conference Only - Staying at the Gaylord $1, Conference Only - Staying Elsewhere $1, Conference + Cloud Security Summit - Staying at the Gaylord $1, Conference + Cloud Security Summit - Staying Elsewhere $1, Cloud Security Summit Only $ If booked by April 14, 2015, and by mentioning HITRUST, conference attendees can receive a room rate at the Gaylord Texan of $179/night. Participants can pay via credit card or check and registration is tentative until payment is received.

3 Preconference In association with HITRUST 2015, we are offering a one-day preconference event to focus on the rapidly evolving Cloud environment. It will be conducted in an educational format with tracks organized around the key areas organizations are most interested in, including presentations and panels on private and public Clouds, as well as relevant discussions on Cloud compliance and assessment. The event will be underwritten by leading organizations in the healthcare cloud market, including managed service providers and leading Cloud technology suppliers. Organizations Include: Who Should Attend? Annual Conference: Anyone responsible for the protection of health information including CIOs, CISO, CPOs, CTOs. Health Cloud Security Summit: CIOs, CTO, CISO s and others with strategic or operations responsibility for the protection of health information combined with an interest in understanding the ramifications of embracing rapidly developing Cloud technologies. Reasons to Attend Attend the Health Cloud Security Summit to Hear how to safeguard health information in the cloud. Better understand emerging Cloud solutions for data security Learn about compliance issues introduced and resolved by Cloud Compare various Cloud delivery models Examine alternatives for Cloud service delivery Gain insight into contracting and migrating to the Cloud Attend HITRUST 2015 to Learn from leading CISOs on their changing roles and responsibilities. Learn how to leverage the CSF to support an OCR audit. Learn why and how to get started implementing the CSF for security and privacy. Gain insight to why privacy was incorporated in the CSF Learn how the CSF will change in the future and provide input. Learn how to leverage the new HITRUST DE-ID Framework Hear lessons learned from CSF Certified organizations. See how privacy and security can have a successful partnership. Gain visibility into the healthcare industry cyber threat landscape and threat intel sharing Learn about how to build a cybersecurity operations center. Learn how to assess medical device cyber risks. Learn about cybersecurity preparedness and how to participate in CyberRX 2.0 exercise. Better engage end users in information protection. Learn better ways to prevent data loss. Gain new insights regarding mobile device security. Better manage third party compliance. Use the CSF to support SSAE 16, HIPAA, NIST and EU Safe Harbor.

4 Monday, May 18: Pre-Conference 7:45 9:00 a.m. Breakfast 9:00 9:15 a.m. Welcome Dan Nutkis, CEO, HITRUST Alliance 9:15 10:30 a.m. Opening Keynote: Achieving Security and Privacy with Multi-Cloud Technology; The Future of Cloud Based Application Delivery Vincent Campitelli, Vice President, IT Risk Management, McKesson Corporation Jeff Schilling, Chief Security Officer, FireHost Blake Sutherland, Vice President, Enterprise Business, Trend Micro Sol Cates, Chief Security Officer, Vormetric Laura Lemire, Privacy Attorney, Microsoft Jerry Breaud, Infrastructure Alliance Manager, VMware 10:30 11:00 a.m. Break Refreshments and Snacks 11:00 12:00 p.m. Breakout Sessions: Why Leverage the Cloud? 12:00 1:15 p.m. Lunch Trend Micro: Cloud Security Roundtable How to Keep Healthcare Information Safe Throughout the Journey to the Cloud William Crank, MEDHOST Blake Sutherland. VP Enterprise Business, Trend Micro McKesson: McKesson s Approach for Assessing Cloud Services and Service Providers Vincent Campitelli, Vice President, IT Risk Management, McKesson Corporation VMware: Compliance and the Software Defined Data Center Jerry Breaud, Infrastructure Alliance Manager, VMware 1:15 2:15 p.m. Breakout Sessions: Effective Cloud Use FireHost: How to Leverage IOC for Threat Intelligence in Cyber Threat Exchange Jeff Schilling, Chief Security Officer, FireHost Dr. Chase Cunningham, PhD, Threat Intelligent Lead, FireHost VMware: Architecting a Hybrid Cloud with a Focus on Security & Compliance Jerry Breaud, Infrastructure Alliance Manager, VMware Vormetric: Safeguarding Data in the Cloud Sol Cates, Chief Security Officer, Vormetric

5 Monday, May 18: Pre-Conference (cont d) 2:30 3:30 p.m. Breakout Sessions: Cloud Security, Compliance and Assessment FireHost: The Impact of Cloud on Assessing Compliance; How Different Cloud Models Present Different Challenges to Compliance Kurt Hagerman, CISO, FireHost Trend Micro: Patient Portals: Benefits, Incentives, and Ensuring Cloud Security and Compliance Brian Selfridge, Partner, Meditology Services, Trend Micro Blake Sutherland, VP Enterprise Business, Trend Micro Vormetric: Simplifying Compliance with HIPAA and HITECH Security and Privacy Rules Sol Cates, Chief Security Officer, Vormetric 3:30 4:00 p.m. Break Refreshments and Snacks 4:00 5:00 p.m. Main Tent Closing Panel: The Future of Healthcare Organizations in a Secure and Compliant Cloud Christopher Pitts, Staff Vice President, Anthem Laura Lemire, Private Attorney, Microsoft Mark Ford, Principal, Healthcare Cyber Risk Services Executive Consultant, Deloitte Prenston Gale, Director, Strategic Accounts, Veris Group Sol Cates, Chief Security Officer, Vormetric 5:15 7:00 p.m. Cocktail Reception

6 Tuesday, May 19: HITRUST :30 8:30 a.m. Breakfast 8:30 9:00 a.m. Session Welcome and HITRUST Roadmap Daniel Nutkis, CEO, HITRUST 9:00 10:15 a.m. Anatomy of a Targeted APT: Lessons Learned from the Trenches Roy Mellinger, Vice President & Chief Information Security Officer, Anthem 10:15 10:45 a.m. Cyber Security in the Healthcare Industry and Information Sharing Richard Harris, Policy, Plans and Strategy, Office of Cybersecurity and Communications, U.S. Department of Homeland Security 10:45 12:00 p.m. Cyber Security Operations Center: Building or Outsourcing Jeff Schilling, CSO, FireHost Wesley Snell, Director, Computer Security Incident Response Center, Department of Health & Human Services Stephen Moore, Director, Information Security, Anthem 12:00 1:00 p.m. Lunch 1:00 1:30 p.m. Keynote Speaker Congressman John Ratcliffe, U.S. House of Representatives 1:30 2:30 p.m. Breakout Sessions (two tracks select one) Privilege Access Management in a Healthcare Setting? Sudhakar Gummadi, VP, IT and CISO, Molina Healthcare 2015 Health Industry Threat Landscape Adam Meyers, CrowdStrike

7 Tuesday, May 19: HITRUST 2015 (cont d) 2:30 4:00 p.m. Breakout Sessions (two tracks select one) HITRUST De-ID framework: Achieving World Peace Kim Gray, Chief Privacy Officer, Global, IMS Health Khaled El Emam, CEO, Privacy Analytics Third Party Compliance and Risk Management How CSF Assurance Can Help Damon Stokes, Senior Manager, Blue Cross Blue Shield of Michigan Bryan Sheehan, Director, Information Risk Management, UnitedHealthGroup Mike Wood, Information Security Officer, Integris Health Raj Mehta, Partner, Deloitte & Touche 4:00 5:30 p.m. Emerging Security Technologies and Practices Vikram Phatak, Chief Executive Officer, NSS Labs Wael Mohamed, Chief Operating Officer, Trend Micro Rick Howard, Chief Security Office, Trend Micro Ryan Witt, Vice President of Healthcare, Fortinet Jason Brvenik, Principal Engineer, Security Business Group, Cisco 6:00 9:00 p.m. Reception Mission Plaza Sponsored by Coalfire

8 Wednesday, May 20: HITRUST :30 8:30 a.m. Breakfast 8:30 10:00 a.m. The Evolving Information Security Organization in a Cyber World: Strategies, Challenges and Successes Erick Rudiak, Vice President & Chief Information Security Officer, Express Scripts Jonathan Moore, Chief Information Security Officer, Humana Kevin Charest, PhD, VP, Global Cyber Defense Operations, United Heath Group Michael Pinch, Chief Information Security Officer, University of Rochester Medical Center 10:00 10:15 a.m. Break Refreshments 10:15 11:30 a.m. The Data Breach Nightmare: What s the Plan? Having a Plan, Roles and Responsibilities Roy Mellinger, Vice President, IT Security and Chief Information Security Officer, Anthem Leo Dittemore, Director, Info Security & Privacy, Healthcare Partners 11:30 12:30 p.m. Lunch 12:30 1:00 p.m. Breakout Sessions (two tracks select one) Security Awareness: Approaches to Educating and Influencing the Weakest Link in Information Protection Jennifer Inserro, Director, Health Care Services Corporation Role of Government in Cyber Awareness, Preparedness and Response in a Public/Private Partnership Don Good, Deputy Assistant Director, Cyber Division, Federal Bureau of Investigation

9 Wednesday, May 20: HITRUST 2015 (cont d) 1:00 2:30 p.m. Breakout Sessions (two tracks select one) Community-Driven Cyber Threat Intelligence Platform for the Healthcare Industry: HITRUST Cyber Threat XChange (CTX) Dennis Palmer, Senior Assurance Associate, HITRUST Colby DeRodeff, Chief Strategy Officer, ThreatStream Tom Baltis, Chief Information Security Officer, Blue Cross Blue Shield of Michigan Ronald Weiss, Senior Incident Responder, Information Security Threat Response Team, Health Care Services Corp. Information Protection Challenges of a Combined Payor and Provider Organization Omar Khawaja, Vice President and Chief Information Security Officer, Highmark Chuck Deaton, Deputy Chief Information Security Officer, Humana Zan Calhoun, Executive Vice President, CIO & Chief IT Strategist, Healthcare Partners 2:30 2:45 p.m. Break Refreshments and Snacks 2:45 4:00 p.m. Cybersecurity Preparedness Mark Ford, Principal, Cyber Risk Services, Deloitte Consulting Kevin Charest, PhD, VP, Global Cyber Defense Operations, United Heath Group 4:00 5:00 p.m. The Evolving World of Privacy and Security: What s it Mean to You? Michael Parisi, PricewaterhouseCoopers Kirk Nahra, Attorney, Wiley Rein, LLP Caroline Budde, Esp., Chief Privacy Officer, Walgreen Co.

10 Thursday, May 21: HITRUST :30 8:30 a.m. Breakfast 8:30 9:00 a.m. Privacy and Security in a Single Controls Framework A Model for Success Adrian Christie, Manager, PricewaterhouseCoopers Michael Parisi, PricewaterhouseCoopers 9:00 11:00 a.m. Breakout Sessions (two tracks select one) HITRUST CSF: Getting Started through Getting Assessed with the CSF Lessons Learned and Justification Brenda Calloway, Director, HCSC Tom Glaser, Healthcare Consultant, Coalfire HITRUST CSF: One Framework Leveraging the HITRUST CSF to Support ISO, HIPAA, NIST Implementation and Compliance and SSAE 16 SOC Reports Ken Vander Wal, Chief Compliance Officer, HITRUST Bryan Cline, Senior Advisor, HITRUST Chris Halterman, Executive Director, Ernst & Young CSF Roadmap for 2016 and Beyond Steve Penn, CSF Development and Education Programs, HITRUST Bryan Cline, Senior Advisor, HITRUST SecureTexas: Health Information Privacy and Security Certification A Model Nationally? Tony Gilman, CEO, Texas Health Services Authority Pamela Arora, Senior Vice President and Chief Information Officer, Children s Health George Gooch, Director of Policy and Planning, Texas Health Services Authority 11:00 11:15 a.m. Break Refreshments and Snacks 11:15 12:15 p.m. Role of Cyber Situational Awareness Vikram Phatak, Chief Executive Officer, NSS Labs 11:00 3:00 p.m. CyberRX: HP Exercise QA and Response Plan Best Practices (Confirmed Attendees Only) 12:15 p.m. Lunch and Closing Remarks