Areas of Expertise
- Cybersecurity and privacy
- Critical infrastructure
Recent Press Coverage
- 37,800 people sent privacy breach notifications linked to N.L. cyberattack
- Hospitals on high alert for cyberattacks
- Could Russian Hackers Cripple U.S. Health Care Systems?
- Director, InfraGard Northern Capital Region
- Founding Member, Cyber Health Working Group
- Vice Chair, Policy Committee, American Bar Association Health Law Section
- Past Team Leader & Champion, US Department of Homeland Security Analytic Exchange Program
- National Visiting Committee member, National Cybersecurity Training and Education Center (appointed by National Science Foundation as healthcare representative)
- Advisory Board Member, SANS Securing the Human Healthcare
- US DHS National Cyber Incident Response Plan Working Group (Healthcare Representative)
- NIST Baldrige Cybersecurity Excellence Builder Workgroup member
- Past Vice Chair, eHealth Privacy and Security Interest Group, eSource, and Emerging Issues in Healthcare Law, American Bar Association
- Past member, US Government Advisory Council Executive Writers Bureau - (ISC)2
Areas of Interest
- Cybersecurity and information privacy (certified)
- Cybersecurity surveys for industry
- Critical infrastructure security
- Cybersecurity supply chain management
Points of View
I have a saying: protect the data, protect the patient. We have to view it that way. We rely on the safe functioning of technology. That technology runs on its data.
I enjoy learning new things and accepting new challenges. There is no such thing as “too much information.” I like to analyze things and learn how they work. But my two favorite things are developing insights and tackling the toughest challenges.
From a very early age, though, healthcare has always been very personal. I grew up within the walls of hospital systems. I saw with my own eyes that life can be very fragile. And I feel that we need to help those who need us the most.
Protecting patients’ data is incredibly important and so is taking care of their lives. We need to understand, though, that taking care of patients’ data involves far more than rendering excellent patient care. We must also take care of the technology infrastructure and invest in its health and well-being.
In today’s digital age, healthcare delivery cannot happen without the efficient cooperation of the technical parts. And the technology can only run correctly by implementing best practices and standards relevant to the operations, security and defense.
Effective cybersecurity defense can be achieved through information sharing of cyber threat indicators, mitigations and associated best practices. In other words, it pays to be situationally aware in an ever-changing environment of good versus evil.