PHI Security Risk Management: Are You Behind the Curve? - Aug. 28

Time: 10:00 AM


10 - 11 am


Complimentary for IHA members

Register Online

As the depth and breadth of protected health information (PHI) has increased, the healthcare industry has worked to prevent data breaches. Despite its best efforts, 477 healthcare organizations reported breaches in 2017 and 14.7 million consumers had their medical data breached, hacked or stolen, according to the U.S. Department of Health and Human Services’ Office of Civil Rights.

At the same time, hospital and health system IT staff are confronting significant challenges, including:

  • Changing regulations impacting many organizations’ ability to recover costs, which increases their exposure to fines and penalties and limits reimbursement revenues;
  • Aging technology platforms, with IT security dependent on replacing these systems; and
  • Competing priorities that often make it difficult to secure capital. Moving to an operation expense model is challenging to achieve given costs such as depreciation.

Join IHA Corporate Partner Satori Consulting, Inc. to learn how to create a three-year IT security and compliance roadmap that addresses challenges at your organization. Expert presenters will prepare you to leverage your existing HIPAA Security Risk Analysis and assess and prioritize identified gaps in people, technology, finance and operations. You’ll learn to address identified remediation gaps in a three-year plan (roadmap) and define a case for change within your organization. The expert presenters also will prepare you to put your plan into action by first communicating with key stakeholders.


At the conclusion of this program, participants will be able to:

  • Outline the risks and potential financial impact of the evolving healthcare IT security environment.
  • Prioritize identified gaps from the HIPAA Security Risk Analysis and other assessments.
  • Create a three-year roadmap that improves your IT security and compliance program and identifies a case for change.
  • Identify effective communication approaches that gain internal support for your security and compliance roadmap.

Who Should Attend

This program is designed for:

  • Administrators
  • Chief Information Officers and IT Directors
  • Chief Information Security Officers
  • Privacy Officers
  • Chief Financial Officers
  • Chief Operating Officers
  • Compliance Officers
  • Heads of risk management
  • Legal affairs


Dean Evans
Director, Satori Consulting
Evans focuses on IT planning, management, and delivery of strategic change and risk management. He has over 25 years’ experience successfully delivering technology initiatives to support operations. Evans specializes in IT optimization, security program development, system integration and change management. He facilitates roadmap development and helps leaders manage disparate teams and distributed stakeholders. A trusted advisor and established HIMSS member, Evans defines and delivers strategic transformation for clients. His work has spanned industries—healthcare, manufacturing and distribution, energy, and financial services.

Doug Kanney
Principal, Schellman & Company, LLC
Kanney leads his organization’s HITRUST and HIPAA service lines and assists with Service Organizations Control, Payment Card Industry Data Security Standards and ISO compliance projects. He has more than 12 years of audit experience in both public and private accounting and has provided professional services for multiple Global 1000, Fortune 500 and regional companies. Kanney currently holds the following certifications: HCISPP, HITRUST CSF Assessor, CISSP, CISA, CISM, CIA, PCI QSA, CCSK, CIPP/US, ISO 27001 and 9001 Lead Auditor, and Advanced SOC for Service Organizations Certified.

Tom McKowen
Executive Consultant, US Signal
McKowen is an executive-level consultant with a 25-year background supporting client IT strategies that drive transformational change. He works with chief information officers, chief technology officers, chief information security officers and their teams to establish a company’s vision and to ensure information assets and technologies are adequately protected, including disaster recovery to reduce an organization’s operational risks. As part of the US Signal team, McKowen supports the HIPAA Compliant IT and Network services, providing data management and security solutions to numerous healthcare systems throughout the Midwest and across the country.



Satori ConsultingSatori Consulting
Satori Consulting deploys small teams of highly experienced consultants practiced in the arts of flexibility, efficiency and collaboration. Our professionals work with you to manage programs and complex projects, refine business strategies and optimize processes, organization and technology. Our sensitivity to risk tolerance, healthcare culture and situational constraints leads to results that are adapted to your specific needs and that will generate lasting value. Our approach has proven over more than 15 years to provide smooth sailing to clients as they responded to increased competitive, economic and regulatory pressures.