Information Security and Privacy in Healthcare

Navigating New Challenges of HITECH, BYOD, HIPAA and the Need for Information Sharing Between Patients, Providers, and Payers


Day 1 | Day 2 | Workshop | Download Brochure 

Monday, April 28

7:00 am - 6:00 pm Registration

7:00 Morning Coffee


8:00 Organizer’s Welcome and Chairperson’s Remarks

MicahLiebermanMicah Lieberman, Executive Director, Conferences, Cambridge Healthtech Institute (CHI) and Medical Informatics World

SusanDentzerSusan Dentzer, Senior Policy Adviser, Robert Wood Johnson Foundation

8:10 Health Delivery Reform and the Future of Health IT-Enabled Quality Improvement

JacobReiderJacob Reider, M.D., Acting Principle Deputy National Coordinator, Office of the National Coordinator for Health Information Technology (ONC), U.S. Department of Health and Human Services

How can we use health IT to provide the best possible care for all Americans? Health Information Technology is critical to the success of delivery reforms that aspire to transform the nation’s health care system to focus increasingly on the quality of care provided, rather than the quantity. Only health IT can provide the kind of smart data and analytics that organizations such as Accountable Care Organizations need to succeed.

8:40 Healthcare IT Innovations that are Connecting Patients, Providers, and Payers

JohnHalamkaJohn Halamka, M.D., MS, CIO, Beth Israel Deaconess Medical Center

This year includes some of the most challenging healthcare IT go lives of the past decade - ICD10, Meaningful Use Stage 2, the HIPAA Omnibus Rule and the new automation required to support the Affordable Care Act. Healthcare IT organizations are straining to support the needs of the business. Given the demands of day to day operations, how do we innovate to incorporate big data, genomics, cloud computing, patient/family engagement, and world class security into our IT strategy? In this presentation, the speaker will reflect on the healthcare IT innovations that are improving quality, safety and efficiency in an era of declining reimbursement and increasing user demands.

9:10 Three Patients: How Health Information Technology Will Enable the Pharmaceutical Industry to Improve Patient Care

JainSachinSachin Jain, M.D., MBA, Vice President and Chief Medical Information & Innovation
Officer, Merck & Co.

Dr. Jain will discuss three patient vignettes and how appropriate use of health information technology can drive improvements in medication use and efficacy.

SusanDentzer9:40 Keynote Panel: Deploying Information Technology to Enable Innovation within the Future State of Care

Susan Dentzer, Senior Policy Adviser, Robert Wood Johnson Foundation


10:10 Coffee Break in the Exhibit Hall with Poster Viewing


10:55 Chairperson’s Remarks

RalphPerfetto Ralph Perfetto, Ph.D., Vice President, Provider Solutions, Optum







11:00 Patient Privacy and Security: What Recent Benchmarks of Healthcare Providers Revealed

LarryPonemonLarry Ponemon, Chairman and Founder, Ponemon Institute

This presentation will summarize recent benchmark research focused on the privacy and data protection practices of leading healthcare providers located throughout the United States. The presenter will discuss major trends observed over the past four years, including the impact of disruptive technologies and emerging healthcare regulations on the sanctity of confidential patient information. The presentation will conclude by summarizing best and worst practices actually observed and documented by the researcher.

11:25 Fair Information Practice for Cyber ID

AdrianGropperAdrian Gropper, M.D., CTO, Patient Privacy Rights

Fair information practice for cyber ID means engineering for transparency, oversight and accountability in our relationship locator services. It requires a smooth transition from in-person relationships with our physician, to online relationship with our health records resulting from in-person relationships and finally to online relationship to RLS data brokers that have no in-person relationship to the individual. Fair information practice for Cyber ID needs to respect the sovereignty of the individual by minimizing privacy risk when possible and maximizing transparency and accountability when operating relationship locator services.

11:50 Should I Trust You With My Patient’s Data?

RickMooreRick Moore, CIO, National Committee for Quality Assurance (NCQA)

As the demand to share/exchange digital healthcare data increases, so too do the numbers of various business associates a covered entity must engage to accomplish its mission. Although the HITECH regulations extend the reach of HIPAA directly to business associates, it is still incumbent upon covered entities to ascertain the information security posture of its business partners.

12:15 pm Sponsored Presentation (Opportunity Available)

12:40 Luncheon Presentation (Sponsorship Opportunity Available) or Lunch on Your Own


1:55 pm Chairperson’s Remarks

Keith BatchelderKeith Batchelder, M.D., CEO and Founder, Genomic Healthcare Strategies

2:00 A Practical Look at the HITECH Proposed Regulations and Federal Information Transparency Policies: The Payer Perspective

MarylandZigmundMarilyn Zigmund Luke, Senior Counsel and Compliance Officer, America’s Health Insurance Plans (AHIP)

This session will focus a discussion on the pending regulations from the U.S. Department of Health and Human Services, Office for Civil Rights and similar federal policy proposals to increase information transparency within the health care system. The presenter will explore the practical effects on affected entities. Current trends within the industry will also be discussed.

2:25 Omnibus HIPAA Rulemaking and a New Era of Privacy and Security: Don't be an Ostrich

Lassaad FridhiLassaad Fridhi, Information Privacy & Security Officer, Commonwealth Care Alliance

For years, HIPAA was a document that collected dust. With the boom of technology, the rise of interest in health information for criminal acts, and consumer rights and protections, HIPAA has been dusted off and revitalized, and is being enforced more than ever. As healthcare IT professionals, We are expected to determine the risks, threats, and vulnerabilities and mitigate them before they materialize.

3:05 Refreshment Break in the Exhibit Hall with Poster Viewing


3:45 Can PHI and the Cloud Coexist?

PaulConnellyPaul Connelly, Vice President, CISO, Hospital Corporation of America (HCA)

The typical initial reaction to the thought of putting PHI into a Cloud system is, “No way!” But is that really the case? With careful analysis and a few key actions, perhaps PHI can exist in the Cloud. Even more, the Cloud may actually improve the protection of the data.

4:10 U Mass Lowell & U Mass Medical College-NIH Case Study: A Privacy Solution for Sharing and Analyzing Healthcare Data

Luvai MotiwallaLuvai Motiwalla, Ph.D., Professor, Operations and Information Systems (OIS), Manning School of Business, U Mass Lowell

While healthcare organizations are conscientious in protecting their patient data in their databases, very few organizations take enough precautions to protect data that is shared with known third party organizations for research or big-data analysis. Our NIH/U Mass Medical College project is developing a data-masking system that can protect individual patient data without removing sensitive attributes necessary for secondary data analysis. The project allows high quality data analysis with the masked data. Dataset-level properties and statistics remain approximately the same after data masking; however, individual record-level values are altered to prevent privacy disclosure.


4:35 BYOD: Job Security for Privacy and Information Security Professionals

MartiArvinMarti Arvin, Chief Compliance Officer, David Geffen School of Medicine, UCLA Health System

This discussion will address the complexities of allowing BYOD. It will include the need to balance privacy and security of devices and data against the desire to have flexibility. It will also address some mitigation ideas and why the risk cannot likely ever be fully mitigated.

5:00 - 6:00 Networking Reception in the Exhibit Hall with Poster Viewing

6:15 – 8:45 PM DINNER WORKSHOP*: Advancing the Use of EHR/EMR for Clinical Research and Drug Development: A Platform that Reuses EHRs across Hospitals to Support Clinical Research supported by Sustainability Measures

DipakKalraDipak Kalra, Professor, Health Informatics, University College London

AndreasSchmidtAndreas Schmidt, eStrategy Project Leader, Pharma Development, F. Hoffmann–La Roche AG

DavidVoetsDavid Voets, Project Manager, Custodix NV, Belgium

*Separate registration required

Day 1 | Day 2 | Workshop | Download Brochure 


Japan-Flag Korea-Flag China-Simplified-Flag China-Traditional-Flag 

Final Weeks to Register! 


Bio IT World held in conjunction with logo 



Download 2014 Brochure


HIT Brochure Icon 

Premier Sponsors

EMC Isilon 





Right Arrow HIT View All Sponsors 

Official Media Partners

Bio-IT World 

Clinical Informatics News 

Official PR Partner

PAN Communications 

Right Arrow HIT View Media Partners  

Add to Calendar