4A HEALTHCARE DATA SECURITY & PRIVACY SYMPOSIUM

In Partnership with Drexel LeBow 2nd Annual

4A HEALTHCARE DATA SECURITY & PRIVACY SYMPOSIUM

SPONSORS

Drexel LeBow College of Business Gerri C. LeBow Hall

October 4-5, 2016 Philadelphia, PA

CONFERENCE OVERVIEW Board of Advisors THANK YOU for volunteering to serve on the 4A Symposium Board of Advisors. The extra time you found to support this endeavor is greatly appreciated. We have benefited from the unique insights each of you has provided and your contributions have been invaluable. It has been a privilege and an honor to work with each of you.

Lisa Clark

Patricia Connolly

Partner, Duane Morris

Mark Eggleston

Executive Director, Drexel University Center for Corporate Governance

Joshua Ladeau

Dave Snyder

Senior Vice President, Cyber Liability, Aspen Insurance

Anna Koulas

CISO & CPO, Health Partners Plans

Chief Information Security Leader, Independence Blue Cross

Director of Business Development Corporate Relations and Executive Education, Drexel LeBow College of Business

Steve Weber

Director, Isaac L. Auerbach Cybersecurity Institute, Professor Drexel Department of ECE

Special thanks to the Drexel team: • • •

Alyssa Abbott Pramod Abichandani Debbie Buchwald

• • •

Patricia Connelly Anna Koulas Perrie Prince

• • •

Kristin Risi Chuck Sacco Steve Weber

How You Can Participate in the 2nd Annual 4A Healthcare Data Security & Privacy Symposium: On-Site

Symposium Live Webcast

Conference Content Subscription

Join us in person to hear the presentations, participate in the discussions and network with the faculty and the other attendees.

Join us online as the Symposium occurs in real time. (Please note that some presenters may not allow their sessions to be webcast). Register at: www.4asecurity. com/product/live-webcast (Each user will be provided with a logon and password to gain access).

Access to all archived content (for all available video, audio, and speaker’s presentations) 24/7 for six months. Register at: www.4asecurity.com/product/attendeessubscription/ (You must be a registered attendee in order to purchase a subscription to the 4A Symposium Portal for this additional access).

CLE’S AND CPE’S / Get the Credit You Deserve! The 2nd Annual 4A Healthcare Data Security & Privacy Symposium is produced in conjunction with the Drexel LeBow School of Business, Corporate Relations and Executive Education and the Drexel Cybersecurity Institute. Viewers of the Symposium Webcast may also register for CLE’s. Attendees who wish to receive Continuing Legal Education (CLE’s) or Continuing Professional Education (CPE’s) credits must select that option on their Registration Form and make sure they sign in and out of each conference session they attend. Instructions will also be provided at the Symposium. You will also receive a Certificate of Attendance at the end of the event. If you neglected to select the option when you registered and wish to register on the day of the event, be sure to mention that to the 4A personnel when you register and pick up your badge. Presentations and Videos Available Online Videos and presentations will be made available on the 4A Symposium Portal after the conclusion of the event. Subscribers will be notified as videos and presentations become available. Please note that speakers have the option to “opt-out” of having their sessions recorded on video and making their presentations available for download. In some cases, their organizations do not allow the distribution of their materials. Subscribers to the 4A Symposium Portal will have access to all available materials for a period of 6 months from the time they are made available or the start of the subscription, whichever is longer.

2

WELCOME Welcome to the 2nd Annual 4A Healthcare Data Security & Privacy Symposium at Drexel LeBow! On behalf of 4A Security & Compliance, our hosts at Drexel University, our faculty and our sponsors, I am delighted to welcome you to the 2nd Annual 4A Healthcare Data Security & Privacy Symposium. We are proud to build on the success of last year’s event with a more comprehensive program and additional opportunities for dialogue with experts, industry leaders and healthcare professionals who face similar issues on a daily basis. We are all aware of the many challenges to our healthcare infrastructure, from the ever-present security threats that continue to make headlines far too often, to the difficult decisions we face regarding patient privacy, compliance, ethics, risk management and resource management. While enhancing organizational resiliency is crucial, accepting this state of affairs as status quo is not acceptable. Today as more health systems are hacked back to paper for weeks at a time, as research and intellectual property is stolen with ease and little fear of retribution, as PHI is bought and sold on dark net markets and as the integrity of our data is brought into question, we are no longer just engaging in “tech-geek talk” or arguing arcane legal questions. Today, we are actually talking about systemic health and safety issues that impact our entire healthcare infrastructure. So what can we do about it? The healthcare industry is broad and multifaceted (accounting for nearly 18% of US GDP), and as our Keynote Speaker Kevin Stine will remind us, these problems demand an interdisciplinary, collaborative approach. Our goals during these sessions are to expand our understanding of the issues by bringing together the range of perspectives that are critical to defining and addressing the problems. Our mission for the Symposium is to create a space for deeper listening and more effective dialogue to take place between practitioners from across the disciplines, so we may align to find new ways to collaborate on the creation of innovative and meaningful solutions. With these objectives in mind, we have designed the 2016 Symposium to foster an environment where you can find many opportunities to add your voice, engage in the conversation and help us all to advance our thinking in the process. From the Keynote Dialogue and Plenary Sessions, Executive Seminars, Round Table Lunch Discussions and the Networking Receptions, we look forward to sharing productive and enjoyable conversations with you and our exceptional faculty. I urge you to introduce yourself to me, to our 4A team, our faculty and your colleagues at the Symposium. Please do not hesitate to let us know the issues that are paramount for you and your organization. I am confident we will all benefit by this collaboration. Welcome to the Symposium!

Ben Goodman Ben Goodman / Founder and CEO, 4A Security & Compliance About 4A Security & Compliance: Our Mission is to strengthen America’s critical infrastructure by helping organizations become cyber-resilient and by improving their ability to identify, manage and mitigate cyber risk.

4A provides breach prevention and response services that help organizations improve their security posture and organizational resilience. When 4A gets called in to a post-breach situation, we work with the organizations’ leadership and response teams to quickly and effectively contain, respond and recover from the breach. 4A’s involvement has helped some organizations significantly reduce expected breach costs and associated fines. 4A provides critical services organizations need to meet compliance requirements and advance cybersecurity and privacy compliance program maturity. 4A Offerings Include: • HIPAA/HITECH, NIST CSF, FISMA (and more) Security & Compliance Consulting and Cyber Risk Assessment • Incident Response Planning and Breach Response Consulting Services • Security & Compliance Training: eLearning Modules, Webinars, Customized Onsite Seminars and Workshops • Incident Response Tabletop Exercises for Board Members, Executives and Operational Teams • Penetration Testing, Phishing & Social Engineering, Application Validation & Security Services • Security and Compliance Consulting including Planning, Policies and Procedures Development and Documentation Please visit us at www.4asecurity.com/solutions to learn more.

3

HIPAA Breach Response Workshop & Executive Seminars Tuesday, October 4, 2016 9:00 - 9:30 AM HIPAA Breach Response - 5 Critical Actions

Knowing what an organization MUST do when a breach occurs is critical to minimizing the impact and accelerating recovery. This session covers the first five critical tasks a breach response team should do when a breach is discovered. HIPAA Breach Response Workshop / 4A Security & Compliance

9:30 - 10:15 AM Had a Breach? How Law Enforcement Can Help

When to contact law enforcement and how the FBI can help organizations that experience a breach with some do’s and don’ts to minimize the impact of a breach and better enable law enforcement to do its job. Special Agent Patrick Armor / FBI, Cyber Squad

BREAK

10:15 - 10:30 AM: Coffee Break / Recharge and mingle 10:30 - 11:10 AM Breach Notification & Crisis Management

Compliance with HIPAA Breach Notification Rule requirements, considerations for notifying stakeholders and protecting breach victims from medical identity theft. When and how to handle media notification requirements, critical strategies such as staying ahead of the news cycle, protecting the brand and customer good will. Rick Kam / President & Co-founder, ID Experts Charlie Lyons / Vice President, Shelly Lyons Public Affairs & Communications

11:10 AM - 12:00 PM The View from HHS OCR - The HIPAA Enforcers’ Perspective

This session reviews case studies and the breach response process from the perspective of the Department of Health and Human Services, Office for Civil Rights and then an update on HIPAA Audits of Covered Entities and Business Associates that are underway is provided. HHS OCR is responsible for HIPAA enforcement. Barbara Holland / Mid-Atlantic Regional Manager, Department of Health and Human Services, Office for Civil Rights Diana Vincenzo / Investigator, Department of Health and Human Services, Office for Civil Rights

BREAK

12:00 PM - 1:00 PM 1:00 - 1:30 PM Executive Seminar: The Industry’s #1 Threat

A look at interdisciplinary requirements for successful Healthcare Data Security & Privacy programs and a review of industry threat data regarding recent and emerging critical threats. Tackling these challenges requires a highly skilled workforce, but the surprising consensus around one singular threat facing the industry is the lack of qualified personnel with the expertise to complete critical security and privacy functions. Drexel University’s collaborative engagement with strategic partners to help shrink the gap is described. MODERATOR: Ben Goodman / Founder and CEO, 4A Security & Compliance PANELISTS: Debbie Buchwald Executive Director Corporate Relations Drexel University

4

2016 4A HEALTHCARE DATA SECURITY & PRIVACY SYMPOSIUM

EXECUTIVE SEMINAR: Big Health Data & Mobile Health Security & Privacy Tuesday, October 4, 2016 1:40 - 2:20 PM Executive Seminar Tech Session # 1: Big Health Data Security and Privacy

This session systematically peels the layers of big data security and privacy related business pain points in the health sector. The panel includes executives who lead data technology teams with a focus on Big Health Data privacy and governance. Topics include privacy and security challenges specific to big health data, technology frameworks that enable security while ensuring system performance and compliance. A discussion of best practices (and some insufficient practices) conclude this session. MODERATOR: Dr. Pramod Abichandani / Director of Drexel Business Analytics Initiatives, Drexel LeBow College of Business PANELISTS: Kevin Leninger Jay Orler Co-Founder & CEO IntegriChain

VP, Infrastructure & Security Lightbeam Health Solutions

2:20 - 3:00 PM Executive Seminar Tech Session # 2: The View from the CISO’s Office

Our daily workplace environment looks a bit different to the people who are tasked with preventing our data from walking out the door or our systems from becoming unavailable. This session is a candid conversation with some of the top CISO’s in the industry. MODERATOR: Dr. Pramod Abichandani / Director of Drexel Business Analytics Initiatives, Drexel LeBow College of Business Anahi Santiago PANELISTS: Dave Snyder Mark Eggleston Chief Information Security Leader Independence Blue Cross

BREAK

VP, Chief Information Security Officer Chief Privacy Officer Health Partners Plans

Chief Information Security Officer Christiana Care Health System

3:00 - 3:10 PM: Coffee Break / Recharge and mingle 3:10 - 4:30 PM Executive Seminar Tech Session # 2: Mobile Health, Telemedicine, Security and Privacy

This conversation focuses on practical, real-world measures required for protecting critical mobile devices and the infrastructure they depend on. Mobile medicine is advancing at a rapid pace, as are mobile device vulnerabilities and exploits. Since this seminar is moderately technical, some familiarity with mobile computing concepts, mobile-to-cloud communications and telemedicine is useful. MODERATOR: Steve Alderfer / Senior Director, IT Security & Compliance, 4A Security & Compliance PANELISTS: Anahi Santiago Colin Morgan Rebecca Gwilt Chief Information Security Officer Christiana Care Health System

Global Product Security Senior Manager, Johnson & Johnson

Partner Nixon Law Group

4:30 - 5:00 PM Cyber Insurance Modeling: Recent Advances and Challenges

Insurance pricing requires risk assessment, which in turn relies upon risk models. We summarize some recent academic literature on cyber insurance modeling, highlighting both the useful advances that have been made and the challenges that remain. Steve Weber / Isaac L. Auerbach Cybersecurity Institute, and Professor in the Drexel Department of Electrical and Computer Engineering

RECEPTION

5:00 - 6:30 PM: Networking Reception / Cocktails and Hors d’oeuvres

5

EXECUTIVE SEMINAR: Cyber Risk Management & Governance Tuesday, October 4, 2016 1:40 - 2:20 PM Cyber Risk Management for the Board and C-Suite

This non-technical session is designed for current and future executives, board members and professionals with cyber risk management responsibility to provide the knowledge and tools that help ensure your organization meets or exceeds the leading information security and compliance practices of your industry peers. MODERATOR: Ben Goodman / Founder and CEO, 4A Security & Compliance PANELISTS: Patricia Connolly Praveen Chopra Executive Director Drexel University Center for Corporate Governance

EVP, Chief Information & Transformative Innovative Environment Office Jefferson University & Health Network

2:20 - 3:00 PM Insuring Against the Inevitable Breach - Board & C-Suite Focus on Cyber Risk

Cyber insurance experts discuss strategies for managing enterprise risk and ensuring the right risk exposures are included in the coverage. Given the rapidly changing healthcare threat landscape, understanding this critical risk management tool is more critical than ever. MODERATOR: Alex Krutov / President, Navigation Advisors PANELISTS: Nicholas Economidis Kimberly Holmes Professional Liability Underwriter Beazley

BREAK

SVP & Counsel ID Experts

Joshua Ladeau

SVP, Cyber Liability Aspen Insurance

3:00 - 3:10 PM: Coffee Break / Recharge and mingle 3:10 - 3:50 PM Cyber Risk Governance for the Board and C-Suite

Establishing the right cyber risk governance structure is a critical component in establishing a successful cyber risk management program. This session begins with a discussion of board committee structure and continues through the governance issues at the C-Suite and management levels. MODERATOR: Patricia Connolly / Executive Director, Drexel LeBow Center for Corporate Governance Ellen Grady PANELISTS: Partner Cozen O’Connor

3:50 - 4:30 PM Cyber Risk Governance: Enterprise Architecture, Investment Planning, Human Capital Management

This discussion with CISOs and CPOs is about the real-world governance and cyber risk management challenges they face, as well as successful and unsuccessful approaches they’ve taken at large, complex organizations. MODERATOR: Praveen Chopra / EVP and Chief Information & Transformative Innovative Environment Officer of Jefferson Health System PANELISTS: Dave Snyder Mark Eggleston

4:30 - 5:00 PM

Chief Information Security Leader Independence Blue Cross


Cyber Insurance Modeling: Recent Advances and Challenges

Insurance pricing requires risk assessment, which in turn relies upon risk models. We summarize some of the recent academic literature on cyber insurance modeling, highlighting both the useful advances that have been made and the challenges that remain. Steve Weber / Isaac L. Auerbach Cybersecurity Institute, and Professor in the Drexel Department of Electrical and Computer Engineering

6


EXECUTIVE SEMINAR: Legal & Regulatory Compliance Tuesday, October 4, 2016 1:40 - 3:00 PM Executive Seminar Legal and Regulatory Session #1: Regulatory Compliance

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS OCR), the U.S. Food and Drug Administration (FDA) and the Federal Trade Commission (FTC) have been most active in regulating and enforcing regulations covering various aspects of the Healthcare Data Security and Privacy landscape. This session includes updates from OCR and the FTC as well as a discussion of the key legal and regulatory developments impacting healthcare IT and compliance frameworks. MODERATOR: Lisa Clark / Partner, Duane Morris PANELISTS: Barbara Holland Mid-Atlantic Regional Manager, Dept. of Health and Human Services, Office for Civil Rights

BREAK

Cora Tung Han

Senior Attorney, Division of Privacy  & Identity Protection, Federal Trade Commission

Olivier Kagan

Managing Consultant NSF Avarent

3:00 - 3:10 PM: Coffee Break / Recharge and mingle 3:10 - 4:30 PM Executive Seminar Legal and Regulatory Session #2: Healthcare Data Compliance

Sharing healthcare data is an essential activity for the healthcare industry today. From treatment and operations to performance measurement, quality improvement, compensation and research, the use and analysis of healthcare data by a healthcare entity, and the disclosure of healthcare data to third parties is fundamental. This session covers the most critical concerns regarding the use and disclosure of healthcare data, focusing on privacy and security. Data sharing agreements between parties as well as resolving issues such as the proper use of data, breaches, indemnification and ownership of the data are also covered. MODERATOR: Lisa Clark / Partner, Duane Morris PANELISTS: Pamela E. Clarke Sr Director of Member Services and Chief Policy Officer Health Share Exchange of Southeastern PA

Elisa Zygmunt

Director of Projects and Analytics Benefits Data Trust

4:30 - 5:00 PM Cyber Insurance Modeling: Recent Advances and Challenges

Insurance pricing requires risk assessment, which in turn relies upon risk models. We summarize some of the recent academic literature on cyber insurance modeling, highlighting both the useful advances that have been made and the challenges that remain. Steve Weber / Isaac L. Auerbach Cybersecurity Institute, and Professor in the Drexel Department of Electrical and Computer Engineering

RECEPTION

5:00 - 6:30 PM: Networking Reception / Cocktails and Hors d’oeuvres Training Works: Research shows that effective and frequent training not only helps to reduce the number of successful cyber-attacks, but also minimizes damage when incidents do occur. 4A Security & Compliance helps organizations create a sustainable culture of compliance with comprehensive learning programs to enhance security measures, meet annual HIPAA training requirements, increase awareness and prepare your workforce to identify cyber threats and mitigate risk. 4A Educational offerings include: • eLearning portal with accessible, on-line, self-paced, training • Customized, onsite training, seminars and workshops • Incident response tabletop exercises for board members, executives and operational teams • Webinar series with industry experts address current issues and solutions • Learning Management System that documents user activities to meet compliance requirements Please visit us at www.4asecurity.com/e-learning to learn more.

7

Plenary Sessions - Morning Wednesday, October 5, 2016 REGISTRATION

7:30 AM - 8:45 AM: Registration / Breakfast Sponsored by iCentralApps 8:45 - 9:00 AM: Opening Remarks by Ben Goodman / CEO, 4A Security & Compliance 9:00 - 9:45 AM Keynote Address: Collaborative Approaches to Cybersecurity in Healthcare

Mr. Stine discusses case studies of collaborative approaches to cybersecurity and highlights current collaborative efforts to improve cybersecurity in the healthcare community, which include the Cybersecurity Framework, NIST’s healthcare portfolio at the National Cybersecurity Center of Excellence, other relevant guides, and the Commission on Enhancing National Cybersecurity. KEYNOTE SPEAKER: Kevin Stine / Chief of the Applied Cybersecurity Division at NIST Information Technology Laboratory

9:45 - 10:15 AM Keynote Dialogue: Real vs. Ideal - Cybersecurity Frameworks in the Healthcare Environment CISOs and CPOs from leading healthcare organizations engage in a lively dialogue with our keynote speaker about the challenges of implementing security frameworks and guidelines in the ever-changing healthcare threat environment.

KEYNOTE DIALOGUE: Kevin Stine / Chief of the Applied Cybersecurity Division at NIST Information Technology Laboratory Colin Morgan PANELISTS: Anahi Santiago Mark Eggleston Chief Information Security Officer Christiana Care Health System

BREAK


Global Product Security Senior Manager Johnson & Johnson

10:15 - 10:30 AM: Coffee Break Sponsored by Aspen Insurance 10:30 - 11:20 AM Interdisciplinary Super Panel: Mobile Health Security & Privacy Challenges & Solutions

Successful data security and privacy programs require an interdisciplinary approach. This all-star panel includes Health IT, privacy, security, risk management, compliance, governance and legal experts who wrestle with the toughest challenges facing organizations developing and deploying mobile health solutions, while balancing the competing demands placed on each of these related disciplines. The panelists respond to real-world scenarios and discuss pre-submitted and live audience questions. MODERATOR: Ben Goodman / Founder and CEO, 4A Security & Compliance PANELISTS: Steve Alderfer Ryan Blaney Senior Director, IT Security & Compliance 4A Security & Compliance

Colin Morgan

Member Cozen O’Connor

Global Product Security Senior Manager Johnson & Johnson

11:20 - 12:15 PM

Mark Eggleston


Anahi Santiago Chief Information Security Officer Christiana Care Health System

Healthcare Cyber Risk Assessment: Is Cyber Risk Quantification within Reach?

Quantitative approaches to cyber risk assessment remain a challenge that few organizations have met successfully. This panel consists of experts who develop and work with complex dynamic cyber security risk models. The session covers some of the modeling challenges and how they apply to the healthcare environment. The content is designed to be accessible for all. MODERATOR: Steve Weber / Isaac L. Auerbach Cybersecurity Institute, and Professor in the Drexel Department of Electrical and Computer Engineering PANELISTS: Nicholas Patrick Florer Alex Krutov Principal President Economidis Professional Liability Underwriter Beazley

8

Risk Centric Security


Navigation Advisors

Plenary Sessions - Afternoon Wednesday, October 5, 2016 LUNCH

12:15 - 1:15 PM: Lunch Sponsored by Shelly Lyons Public Affairs and Communications Round Table Discussions

In an effort to maximize the opportunities to converse with faculty and colleagues, we have structured lunch-time “Round Table Discussions” with facilitators prepared to lead discussions on topics that address the themes of the Symposium. By selecting a table, attendees may then choose to join a topic of conversation and share their own thoughts, stories and questions, or simply listen and learn from others at the table. The Round Table Topics and Discussion Leaders are: Mobile Health Privacy & Cyber Risk

Governance & Cyber Risk Management

Legal & Regulatory Challenges

Post-Breach Crisis Management

Big Health Data Privacy & Cyber Risk

Insights from the Breach Frontier

Security & Privacy for HIT Start-ups

Colin Morgan Anahi Santiago Ryan Blaney

Praveen Chopra Joshua Ladeau Patricia Connolly

Greg Fliszar

Charlie Lyons

Jay Orler Kevin Leninger

Donald Good

Chuck Sacco Rebecca Gwilt Robert B Kuller

1:15 - 2:00 PM Investors and Covered Entity Due Diligence for HIT Start-ups and Innovators

Healthcare institutions are always looking for innovative solutions, but start-ups and entrepreneurs are facing increased scrutiny over security and privacy concerns. This panel includes Health IT start-ups, entrepreneurs, investors, and those responsible for due diligence and compliance at covered entities. MODERATOR: Chuck Sacco / Assistant Dean of Strategic Initiatives for the Close School and Dir. of the Baiada Institute PANELISTS: Rebecca Gwilt Robert Kuller Omar Mencin Dave Snyder Partner Nixon Law Group

Chief Commercial Officer Haystack Informatics

Dir of Investments Information Tech. Ben Franklin Tech. Partners

Chief Information Security Leader Independence Blue Cross

2:00 - 2:45 PM Healthcare Data Security & Privacy Innovators

At the Close School for Entrepreneurship, Drexel takes innovation to heart. This session presents a selection of innovative healthcare IT companies and related services that incorporate data security and privacy at the core of their offering. These founders and company leaders speak about their innovations and how they are specifically designed to address the needs of the healthcare industry. MODERATOR: Chuck Sacco / Assistant Dean of Strategic Initiatives for the Close School and Dir. of the Baiada Institute PANELISTS: Rick Kam Aaron Nickles Robert Kuller Rick Rasansky President & Co-founder ID Experts

BREAK

Founder & Chief Executive Officer iCentralApps

Chief Commercial Officer Haystack Informatics

Chief Executive Officer Yorn

2:45 - 3:00 PM: Coffee Break Sponsored by Aspen Insurance 3:00 - 4:00 PM Cyber Risk Management: Insuring Against the Inevitable Healthcare Breach

Whether it’s ransomware, hacking or lost laptops, healthcare breaches are rampant. The onslaught of cyber attacks against healthcare organizations indicates hackers recognize the value of healthcare data. Insurance carriers deem healthcare a high risk industry and have raised prices accordingly, while some have simply stopped underwriting healthcare. This panel examines both the insurance carrier’s and the healthcare organization’s perspectives to reveal opportunities to maximize the effectiveness of cyber liability insurance as a risk management tool. MODERATOR: Neeraj Sahni / Senior Vice President, Cyber Risk Insurance, Willis PANELISTS: Nicholas Kimberly Holmes Alex Krutov Senior VP & President Economidis Professional Liability Underwriter Beazley

Counsel ID Experts

Navigation Advisors

Joshua Ladeau SVP, Cyber Liability, Aspen Insurance

9

Plenary Sessions - Afternoon Wednesday, October 5, 2016 4:00 - 5:00 PM Interdisciplinary Super Panel: Big Health Data Security & Privacy Challenges & Solutions

This final session looks at the present challenges and future direction of big data in healthcare. An all-star team of experts share insights and provide feedback on the ideas generated during the Symposium and engage the audience in dynamic discussion. MODERATOR: Dr. Pramod Abichandani / Director of Drexel Business Analytics Initiatives, Drexel LeBow College of Business PANELISTS:

Donald Good

Joshua Ladeau

Director, Information Security & Investigations Practice Navigant

Kevin Leninger

SVP, Cyber Liability Aspen Insurance

John Neclerio Partner Duane Morris

Co-Founder & CEO IntegriChain

Jay Orler

VP, Infrastructure & Security Lightbeam Health Solutions

5:00 PM - 7:00 PM Symposium Networking Reception

Meet with the Symposium Faculty and other attendees while enjoying complimentary wine and cheese on The Terrace.

DIRECTORS ACADEMY Corporate governance for new board members

New board members often face the challenge of moving from a hands-on executive to a strategist mindset. Directors Academy is a one and a half day corporate governance focused program for new board members. This program provides an intensive and highly-focused interactive dialogue between participants and leading executives, corporate directors, policy makers, legal and financial services experts on critical issues facing boards today. The small, targeted environment affords peer to peer exchange and the opportunity for participants to connect with sitting, seasoned board members.

Certificate in Director Education

Directors Academy is held twice annually in the fall and spring. Upon completion of two Directors Academy programs (equivalent to 24 credit hours), participants are awarded a Certificate in Director Education and walk away with an understanding of the increasingly complex and ever-changing role of a corporate board member prepared to contribute to discussions occurring in the boardroom. The next program will take place October 25-26, 2016 For more information or to register, contact Alyssa Abbott 215.895.2126 [email protected]

Collaborate and engage with LeBow to innovate and create better business solutions. Gain access to world-class research, high-caliber students, alumni and innovative programming: • Business Consulting • Research Collaboration • Innovation Acceleration • Center for Corporate Governance • Institute for Strategic Leadership • Business Solutions Centers

Engage with Us. lebow.drexel.edu/corporateservices

Do you know what your employees are doing?

Join us. Experience the next generation. www.haystackinformatics.com

800-520-2450

[email protected]

Your patients are your top priority so data security isn’t always on your mind. It’s always on ours.

484-858-0427 [email protected]

DUANE MORRIS IS A PROUD SPONSOR OF THE

4A HEALTHCARE DATA SECURITY & PRIVACY SYMPOSIUM

Duane Morris LLP, a law firm with more than 750 attorneys in offices across the United States and internationally, is asked by a broad array of clients to provide innovative solutions to today’s legal and business challenges. Duane Morris Healthcare Information Technology attorneys assist clients with the challenges of managing and protecting data in the changing healthcare industry. Duane Morris – Firm and Affiliate Offices | New York | London | Singapore | Philadelphia | Chicago | Washington, D.C. | San Francisco | Silicon Valley San Diego | Shanghai | Boston | Houston | Los Angeles | Hanoi | Ho Chi Minh City | Atlanta | Baltimore | Wilmington | Miami | Boca Raton | Pittsburgh Newark | Las Vegas | Cherry Hill | Lake Tahoe | Myanmar | Oman | Duane Morris LLP – A Delaware limited liability partnership

For more information, please contact: Lisa W. Clark, Partner P: 215.979.1833 | [email protected] John M. Neclerio, Partner P: 215.979.1382 | [email protected] www.duanemorris.com