Date

October 4 - 5, 2016

Location

Drexel LeBow Hall, Philadelphia

Speakers

Over 40 Speakers

Credits

CLE and CPE Eligible

Plan to attend / Earn CLEs and CPEs

The revolutionary changes underway in healthcare rely on a foundation of data. From mobile medical solutions to population health and big data, health IT is critical to maintaining balance between an expanding population that requires healthcare services and an infrastructure struggling to keep pace. At the same time, protecting the privacy and security of every individuals’ healthcare data are matters of quality of care and patient safety.

Join with innovators and industry leaders for a day-and-a-half of practical insights into important security and privacy issues facing our healthcare infrastructure. Our faculty includes a broad range of experts from medical app and big data developers, investors, population health service providers, HHS OCR and FDA regulators, legal and insurance carriers, to providers, health systems, health plans and educational institutions.  The Symposium is structured with ample opportunities for interaction and engaging discussion.  Program tracks include Mobile Health, Big Health Data, Cyber Security, Privacy & Compliance, Governance & Risk Management, and Legal & Regulatory.

Register for the Pre-Conference Executive Seminars for intensive, in-depth discussions with industry experts. Pre-conference Executive Seminars are limited enrollment and will accept registrations on a first come, first served basis.

Register

4A Symposium / Faculty

Kevin Stine

Chief of the Applied Cybersecurity Division

NIST Information Technology Laboratory

Anahi Santiago

Chief Information Security Officer

Christiana Care Health System

Barbara Holland

Mid-Atlantic Regional Manager

Department of Health & Human Services, Office for Civil Rights

Praveen Chopra

EVP, Chief Information & Transformative Innovative Environment Officer

Thomas Jefferson University & Jefferson Health System

Lisa Clark

Partner

Duane Morris

David Snyder

Chief Information Security Leader

Independence Blue Cross

Cora Han

Senior Attorney, Division of Privacy and Identity Protection

Federal Trade Commission

Neeraj Sahni

Senior Vice President, Cyber Risk Insurance

Willis

Ellen Canan Grady

Member

Cozen O'Connor

Colin Morgan

Global Product Security, Sr. Manager

Johnson & Johnson

Kimberly Holmes

Senior Vice President & Counsel

ID Experts

Pamela E. Clarke

Senior Director of Member Services and Chief Policy Officer

HealthShare Exchange of Southeasetern Pennsylvania

Gerald Bessette

Associate Director

Navigant

Olivier Kagan

Managing Consultant

NSF Avarent

Omar Mencin

Director of Investments, Information Technology

Ben Franklin Technology Partners

Bob Kuller

Chief Commercial Officer

Haystack Informatics

Patricia Connolly

Executive Director

Drexel University Center for Corporate Governance

Rick Kam

President and Co-founder

ID Experts

Elisa Zygmunt

Director of Projects and Analytics

Benefits Data Trust

Donald Good

Director, Information Security & Investigations Practice

Navigant

Dr. Pramod Abichandani

Assistant Clinical Professor

Drexel LeBow Decision Sciences

Joshua Ladeau

Senior Vice President, Cyber Liability

Aspen Insurance

Anna Koulas

Director of Business Development

Corporate Relations and Executive Education, Drexel LeBow College of Business

Rebecca Gwilt

Partner

Nixon Law Group

Alex Krutov

President

Navigation Advisors

Dr. Steven Weber

Director

Isaac L. Auerbach Cybersecurity Institute

Debbie Buchwald

Executive Director for Corporate Relations

Drexel University

Mark Eggleston

Vice President, Chief Information Security Officer and Privacy Officer

Health Partners Plans

Patrick Armor

Special Agent

FBI Cyber Squad

Rick Rasansky

Founder & Chief Executive Officer

Yorn

Kevin E. Leninger

Co-Founder & Chief Executive Officer

IntegriChain

Aaron Nickles

CEO

iCentralApps

John Neclerio

Partner

Duane Morris

Ben Goodman

CEO & Founder

4A Security & Compliance

Jay Orler

Vice President, Infrastructure & Security

Lightbeam Health Solutions

Nicholas Economidis

Professional Liability Underwriter

Beazley

Charles Sacco

Assistant Dean of Strategic Initiatives for the Close School, and Director of the Baiada Institute

Close School of Entrepreneurship, Drexel University

Patrick Florer

Principal

Risk Centric Security

Steve Alderfer

Sr. Director, IT Security & Compliance

4A Security & Compliance

Ryan Blaney

Member

Cozen O'Connor

Gregory Fliszar

Member

Cozen O'Connor

Charlie Lyons

Principal

Shelly Lyons Public Affairs and Communications

4A Healthcare Data Security & Privacy Symposium Agenda / view schedule

"HIPAA Breach Response - 5 Critical Actions"

Just like any other emergency situation, in the heat of the moment, cool heads must prevail. Knowing the first five things an organization MUST do when a breach occurs is critical to minimizing the impact and speeding recovery. This session covers the first five critical tasks a breach response team leader should do when a breach is discovered. And they're probably not what you think.

"Had a Breach? How Law Enforcement Can Help"

Who can you call if you’ve been breached? The FBI can help. This session will review when to contact law enforcement and how the FBI can help organizations that have experienced a breach. Special Agent Patrick Armor will also cover some dos and don'ts in order to minimize the impact of a breach and better enable law enforcement to do its job

"Breach Notification & Crisis Management"

There are several aspects to evaluate regarding breach notification. In the first half of this session, Rick Kam, President and Co-founder of ID Experts will cover issues concerning compliance with HIPAA Breach Notification requirements as well as considerations for notifying stakeholders and protecting breach victims from medical identity theft. Rick's presentation will be followed by Charlie Lyons, Vice President of Shelly Lyons Public Affairs and Communications. Charlie will discuss when and how to handle media notification requirements as well as critical elements of breach response strategies such as staying ahead of the news cycle and how to protect the brand and customer good will.

"The View from HHS OCR - The HIPAA Enforcers' Perspective"

Barbara Holland, Mid-Atlantic Regional Manager at the Department of Health & Human Services, Office for Civil Rights will review case studies and cover the breach response process from the agency's perspective. She will also provide an update on the HIPAA Audits of Covered Entities and Business Associates that are now underway. HHS OCR is responsible for HIPAA enforcement.

"The Industry's #1 Threat"

This session is will start with a look at the interdisciplinary requirements for successful Healthcare Data Security & Privacy programs. The session will include a review of industry threat data regarding recent and emerging critical threats to healthcare data privacy and security.
Tackling these challenges requires a highly skilled workforce. There is surprising consensus around one singular threat facing the industry: The lack of qualified personnel with the expertise to complete critical security and privacy functions.
Debbie Buchwald, Executive Director for Corporate Relations describes Drexel University's collaborative engagement with strategic partners in the region that is helping to shrink the gap.

"Executive Seminar Tech Session #1: Big Health Data, Security and Privacy"

Moderated by Dr. Pramod Abichandani, this session will systematically peel the layers of big data security and privacy related business pain points in the health sector. The panel will include executives who lead data technology teams with a focus on Big Health Data privacy and governance. Topics covered will include privacy and security challenges specific to big health data, technology frameworks that enable security while ensuring system performance and compliance. A discussion of best practices (and some not-so-best practices) at each organization will conclude this session.

"Executive Seminar Tech Session #2: The View from the CISO's Office"

Our daily workplace environment looks a bit different to the people who are tasked with preventing our data from walking out the door or our systems from becoming unavailable. That's the world when viewed through the lens of a CISO, and this session will be a candid conversation with some of the top CISO's in the industry.

"Executive Seminar - Coffee Break"

Mingle with Executive Seminar attendees and recharge with coffee, beverages, fruit and snacks.

"Executive Seminar Tech Session #2: Mobile Health, Telemedicine, Security and Privacy"

This conversation, led by Dave Snyder will focus on practical, real-world measures required for protecting critical mobile devices and the infrastructure they depend on. Mobile medicine is advancing at a rapid pace, as are mobile device vulnerabilities and exploits. This Seminar is moderately technical. Some familiarity with mobile computing concepts, mobile-to-cloud communications and telemedicine will be useful.

"Cyber Insurance Modeling: Recent Advances and Challenges"

Insurance pricing requires risk assessment, which in turn relies upon risk models. We summarize some of the recent academic literature on cyber insurance modeling, highlighting both the useful advances that have been made and the challenges that remain.

"Executive Seminars Networking Reception"

Meet with the Senior Executives, Board Members and industry experts who make up the Executive Seminars Faculty and attendees, while enjoying complimentary beverages and hors d'oeuvres on The Terrace.

"The Industry's #1 Threat"

This session is will start with a look at the interdisciplinary requirements for successful Healthcare Data Security & Privacy programs. The session will include a review of industry threat data regarding recent and emerging critical threats to healthcare data privacy and security.
Tackling these challenges requires a highly skilled workforce. There is surprising consensus around one singular threat facing the industry: The lack of qualified personnel with the expertise to complete critical security and privacy functions.
Debbie Buchwald, Executive Director for Corporate Relations describes Drexel University's collaborative engagement with strategic partners in the region that is helping to shrink the gap.

"Cyber Risk Management for the Board and C-Suite"

This non-technical session is designed for current and future executives, board members and professionals with cyber risk management responsibility to provide the knowledge and tools that will help ensure your organization meets or exceeds the leading information security and compliance practices of your industry peers.

"Insuring Against the Inevitable Breach - Board & C-Suite Focus on Cyber Risk"

Cyber insurance experts will discuss strategies for managing enterprise risk and ensuring the right risk exposures are included in the coverage. Given the rapidly changing healthcare threat landscape, understanding this critical risk management tool is more critical than ever.

"Executive Seminar - Coffee Break"

Mingle with Executive Seminar attendees and recharge with coffee, beverages, fruit and snacks.

"Cyber Risk Governance for the Board and C-Suite"

Establishing the right cyber risk governance structure is a critical component in establishing a successful cyber risk management program. This session will begin with a discussion of board committee structure and move through the governance issues at the C-Suite and management levels.

"Cyber Risk Governance: Enterprise Architecture, Investment Planning, Human Capital Management"

Praveen Chopra will lead this discussion with CISOs and CPOs concerning the real-world governance and cyber risk management challenges they face, as well as both successful and unsuccessful approaches they have taken at large, complex organizations.

"Cyber Insurance Modeling: Recent Advances and Challenges"

Insurance pricing requires risk assessment, which in turn relies upon risk models. We summarize some of the recent academic literature on cyber insurance modeling, highlighting both the useful advances that have been made and the challenges that remain.

"Executive Seminars Networking Reception"

Meet with the Senior Executives, Board Members and industry experts who make up the Executive Seminars Faculty and attendees, while enjoying complimentary beverages and hors d'oeuvres on The Terrace.

"The Industry's #1 Threat"

This session is will start with a look at the interdisciplinary requirements for successful Healthcare Data Security & Privacy programs. The session will include a review of industry threat data regarding recent and emerging critical threats to healthcare data privacy and security.
Tackling these challenges requires a highly skilled workforce. There is surprising consensus around one singular threat facing the industry: The lack of qualified personnel with the expertise to complete critical security and privacy functions.
Debbie Buchwald, Executive Director for Corporate Relations describes Drexel University's collaborative engagement with strategic partners in the region that is helping to shrink the gap.

"Executive Seminar Legal & Regulatory Session #1: Regulatory Compliance"

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS OCR), the US Food and Drug Administration (FDA) and the Federal Trade Commission (FTC) have been most active in regulating and enforcing regulations covering various aspects of the Healthcare Data Security and Privacy landscape. This session will include updates from OCR and the FTC as well as a discussion of the key legal and regulatory developments impacting healthcare IT and the compliance frameworks we work within.

"Executive Seminar - Coffee Break"

Mingle with Executive Seminar attendees and recharge with coffee, beverages, fruit and snacks.

"Executive Seminar Legal & Regulatory Session #2: Healthcare Data Compliance"

The sharing of healthcare data is an essential activity for the healthcare industry today. From treatment and operations to performance measurement, quality improvement, compensation and research, the use and analysis of healthcare data by a healthcare entity, and the disclosure of healthcare data to third parties is fundamental. This session will cover several of the most critical concerns regarding the use and disclosure of healthcare data, focusing on privacy and security. Data sharing agreements between the parties as well as resolving issues such as the proper use of data; breaches; indemnification; and ownership of the data will also be covered.

"Cyber Insurance Modeling: Recent Advances and Challenges"

Insurance pricing requires risk assessment, which in turn relies upon risk models. We summarize some of the recent academic literature on cyber insurance modeling, highlighting both the useful advances that have been made and the challenges that remain.

"Executive Seminars Networking Reception"

Meet with the Senior Executives, Board Members and industry experts who make up the Executive Seminars Faculty and attendees, while enjoying complimentary beverages and hors d'oeuvres on The Terrace.

"Keynote Address: Collaborative Approaches to Cybersecurity in Healthcare"

Kevin Stine - Chief of the Applied Cybersecurity Division at NIST Information Technology Laboratory Mr. Stine will discuss case studies of collaborative approaches to cybersecurity and highlight some current collaborative efforts to improve cybersecurity in the healthcare community. These examples include the Cybersecurity Framework, NIST's healthcare portfolio at the National Cybersecurity Center of Excellence, other relevant guides, and the Commission on Enhancing National Cybersecurity.

"Keynote Dialogue: Real vs. Ideal - Cybersecurity Frameworks in the Healthcare Environment"

CISOs and CPOs from leading healthcare organizations will engage in a lively dialogue with keynote speaker Kevin Stine about the challenges they face when implementing security frameworks and guidelines in the ever-changing healthcare threat environment.

"A.M. Coffee Break"

This is a short break to refresh, mingle or grab some more nourishment. Coffee and light snacks will be served on the Terrace. It's also another chance to see what our carefully selected exhibitors have to show.

"Interdisciplinary Super Panel #1 - Mobile Health Security & Privacy Challenges & Solutions"

Successful data security and privacy programs require an interdisciplinary approach. This "Mobile Health Super Panel" consists of an all-star team including Health IT, privacy, security, risk management, compliance, governance and legal. The group will wrestle with the toughest challenges facing organizations developing and deploying mobile health solutions, not least of which is how to balance the competing demands placed on each of these related disciplines. The panelists will respond to real-world scenarios and will also include lively interaction with pre-submitted and live audience questions.

"Healthcare Cyber Risk Assessment: Is Cyber Risk Quantification within Reach?"

Quantitative approaches to cyber risk assessment remain a challenge few organizations have successfully met. This panel consists of experts who spend their time developing and working with complex dynamic cyber security risk models. The session will cover some of the modeling challenges as well how they apply to the healthcare environment. The session is designed to be accessible to all.

"Lunch - Round Table Discussions"

Six discussion topics will be hosted by a faculty member during lunch on Wednesday. The topics are: Mobile Health & Big Health Data Privacy & Cyber Risk; Security & Privacy for HIT Start-ups; Healthcare Privacy & Security Legal/Regulatory Challenges; Governance & Cyber Risk Management; Post-Breach Crisis Management; Insights from the Breach Frontier.

"Investors and Covered Entity Due Diligence for HIT Start-ups and Innovators"

Healthcare institutions are always on the look-out for innovative solutions, but start-ups and entrepreneurs are facing increased scrutiny over security and privacy concerns. This panel includes Health IT start-ups, entrepreneurs, investors, and those responsible for due diligence and compliance at covered entities.

"Healthcare Data Security & Privacy Innovators"

At the Close School for Entrepreneurship, Drexel takes innovation to heart. This session presents a selection of innovative healthcare IT companies and related services that incorporate data security and privacy at the core of their offering. These founders and company leaders who will speak about their innovations and how they are specifically designed to address the needs of the healthcare industry.

"PM Coffee Break"

This is a short break to refresh, mingle or grab some more nourishment. Coffee and deserts will be served on the Terrace. It's also another chance to see what innovations our carefully selected exhibitors are showing.

"Cyber Risk Management: Insuring Against the Inevitable Healthcare Breach"

Whether its ransomware, hacking or lost laptops, healthcare breaches are rampant. The onslaught of cyber attacks against healthcare organizations is an indication that hackers have recognized the value of healthcare data. Insurance carriers deem healthcare a high risk industry and have raised prices accordingly. Some have simply stopped underwriting healthcare all together. This panel will examine both the insurance carrier's and the healthcare organization's perspectives in order to reveal opportunities to maximize the effectiveness of cyber liability insurance as a risk management tool.

"Interdisciplinary Super Panel #2 - Big Health Data Security & Privacy Challenges & Solutions"

The formal conference concludes with this "Interdisciplinary Super Panel" session which looks at the present challenges and future direction of big data in healthcare. The all-star team will share insights and provide feedback on the ideas generated during the day and a half of Symposium sessions. This final session is structured to incorporate dynamic, but efficient audience engagement.

"Symposium Networking Reception"

Meet with the Symposium Faculty and other attendees while enjoying complimentary wine and cheese on The Terrace.

Event Sponsors / Sponsorship Opportunities

Testimonials / See What People Say About Last Year's Event!

Event Price list / registration fee options

OCT 4

Pre-conference Pass
Breach Workshop & Executive Seminars

$495
 Non-Profit & Gov't Rates
 Academic Scholarships
 Group Discounts Available

Oct 5

One Day Conference Pass Plenary Sessions & Events

$695
 Non-Profit & Gov't Rates
 Academic Scholarships
 Group Discounts Available

CLE's and CPE's / Get the credit you deserve

This 2nd Annual 4A Healthcare Data Security & Privacy Symposium is produced in conjunction with Drexel LeBow School of Business, Corporate and Executive Education as well as the Drexel Cybersecurity Insitute. Attendees who wish to receive CLE's or CPE's must select that option on their Registration Form and sign in and out of the conference sessions. Instructions will also be provided at the Symposium. 

Learn More

Event FAQS / find your answers

Drexel LeBow is conveniently located in the University City district of Philadelphia. There are several easy ways to get to Philadelphia, Drexel LeBow, and to the many historic sites nearby.

Drexel's Gerri C. LeBow Hall is just 2 blocks from the 30th Street Amtrak Station which is a hub for travel between major cities across the U.S.

Philadelphia International Airport (8500 Essington Avenue) is a short cab or train ride from Drexel, with direct and connecting flights all over the U.S. and the world.

Greyhound (1001 Filbert Street) Economical travel from Philadelphia to all over the country.

BoltBus and Megabus (John F. Kennedy Boulevard and 30th Street) Providing low-cost transportation between Philadelphia, New York City, Boston, Washington, D.C., Pittsburgh, and other locations.

For directions, click here

There are several hotels in the area to choose from. For a special Drexel Symposium Discount, please reserve your room through the following links:

Complementary meals and snacks are provided for registered attendees. A Pre-conference Cocktail Reception will be available for Executive Seminar Attendees on October 4th. A Cocktail Reception will also be held after the main conference on October 5th. Food will be served as follows:

October 4
5:20 pm – 6:30 pm
Pre-Conference
Executive Seminars
Reception and Cocktail Party

October 5
7:30 am – 8:30 am Breakfast/Registration

11:00 am – 11:15 am Vendor Expo/Coffee

12:00 pm - 1:00 pm Luncheon and Discussion

2:45 pm – 3:10 pm Vendor Expo/Coffee

5:00 pm – 6:30 pm Cocktail Party and Prizes

We request presentation slides from speakers and we upload them to the conference website. We do not receive slides from every speaker, and soem speakers to not allow distribution of their slides. This is at the discretion of the individual speaker.







Yes! The 4A Healthcare Data Security and Privacy Symposium is approved to earn CLE and CPE credit through Drexel University, Corporate and Executive Education.

Health IT Developers

Privacy Officers

Information Security Professionals

Insurance Professionals

Legal Counsel

Risk Officers

Big Data Scientists

Investors

The 4A Healthcare Security & Privacy Symposium does not offer refunds. If you cannot attend, you may request a credit for a future event or you may transfer your registration to another person.











SEPTA is Philadelphia's public transportation system that utilizes subways, trains, buses, and trolleys to take you wherever you want to go in the city and surrounding suburbs. The fare is $2.25 in cash around the city, or you can purchase tokens ahead of time from the vending machine at the Creese Information Desk, at some SEPTA stops, and at some stores. Fares to the suburbs are higher and vary by zone.

Market-Frankford Line – Partially following Market Street east-west, it goes from Frankford Transportation Center (east) to 69th Street (west) with stops near campus (34th and Market Streets and 30th Street Station). The El signs are blue.

Broad Street Line – Following Broad Street north-south, it goes from Fern Rock Station (north) to AT&T Station (south). The Subway signs are orange.

Trolleys – There are five numbered trolley routes that begin and end at 13th and Market Streets and that pass Drexel (33rd and Market Streets and 30th Street Station). Signs are green.

Buses – The bus routes go through every neighborhood in the city. Routes 21, 30, 31, 42, and the LUCY loops are convenient to Drexel's campus. More routes are available from 30th Street Station. Route signs are posted on poles near street corners.

Regional Rail – The Regional Rail trains provide service to the surrounding suburbs from 30th Street Station, University City, Suburban Station, and Market East. The Airport Line has trains to and from Center City every half hour.

The 4A Healthcare Data Security and Privacy Symposium is designed to stimulate dialog among professionals who see this as an interdisciplinary field and who want to learn from each other.

Information Security Professionals

Privacy Professionals

Hospitals & other Healthcare Providers

Health Law Attorneys

Big Data Scientists

Academics

Federal & State Policy Makers

Physicians

Managed Care Professionals

Risk Management Professionals

Insurance Professionals

Health IT Developers

Health IT Investors

Pharmaceutical, Biotechnology and Medical Device Manufacturers

Mobile Health Professionals

Medical Group Managers

State, Regional & Community-Based Health Information Organizations

A lot! Food, art, music, entertainment, history, sports - and Philadelphia is a very accessible city. It's a beautiful time of year too. Bring your partner and make a holiday of it. Check out the Visit Philly website to see what's happening while you're here or to plan your trip in advance.