2020 AEHIS Foundation Board Elections

Ken Bradberry is the Senior Vice President and Chief Technology Officer for The HCI Group.  Ken is the former CTO for Xerox Commercial Healthcare and serves as an innovation leader, focused on emerging technology and managed services solutions for healthcare.

As a seasoned healthcare technologist with 27+ years’ experience working with healthcare providers, payers, pharma and life sciences organizations, Ken is focused on creating and sustaining innovative healthcare IT operations, architectural and technical solutions and product offerings for healthcare.

Ken received his bachelor’s focus on Internetworking technologies from Strayer University and a Master of Science with a focus on CyberSecurity and Risk Management from Capella University.  Ken’s expertise ranges from Epic and Cerner architectures to diverse infrastructure solutions, Security Operations Centers (SOC), digital front door, 5G, automation, AI and Machine Learning technologies to the transformation of customer experience in healthcare.

Why would you like to serve on the Board?

As an AEHIS board member, I would work to ensure we support senior IT leadership that is relevant and aligned with the challenge’s IT Security leadership encounter in real healthcare IT and operation every day.  I would support policies and practices that embrace a wide range of security methodologies and issues related to healthcare IT education and innovation.

I would also advocate for the development of centers of excellence and programs that cultivate new ideas and access to insight and strategic thinking that will help our members and leadership gain new perspective on a very dynamic technology landscape.

As a board member I will champion providing educational opportunities to help IT leaders better understand the cybersecurity and risk management challenges and ways healthcare and other industries are addressing risk and the ever evolving threats to healthcare organizations.

Gregg is an experienced and accomplished Senior INFOSEC leader in the areas of Security Operations and Architecture, Governance, Risk, Compliance, Legal, Privacy, Merger & Acquisition, Data Security, Digital Forensics, Cloud Security and Cyber Threat Detection and Response, a published author and speaker. Combining 24 years of US Army service with civilian roles, he’s served in roles from principle advisor to C-level Executives and Boards to leading teams of 60+ in sustaining INFOSEC operations. Gregg is currently the Sr. Cyber Security Architect for Leidos Managed Digital Healthcare Solutions serving healthcare companies globally with current and emerging security architecture models. Previously to Leidos, Gregg served as the National Director, Threat Management, SOC/Incident Response & Forensics for Catholic Health Initiatives (CHI), the 3rd largest healthcare enterprise in the Nation; $15 billion in revenue spanning 18 states, 100 hospital campuses, 900 clinics and 100K+ employees. In this role Gregg serves as the principle advisor in all cyber incidents to 7 Regional CIOs, 7 Information Security Officers, 6 Privacy Officers, the CHI legal team, Corporate Responsibility, all CHI VPs and the CISO. Operationally, he oversaw the technical security and governance work of 12 direct reports. In 4 years he’s delivered an enterprise application, DevOps and network vulnerability assessment program across 350,000+ assets; designed, staffed, trained and implemented the CSIRT, Security Operation Center and Threat Intelligence capabilities; delivered on 10+ M&A technical assessments; architected and instituted an enterprise cyber hygiene program; designed, funded, and implemented a digital forensics and eDiscovery capability; and established KPIs and KRIs through a dedicated risk metrics model. He possesses a DoD TOP SECRET security clearance and is a retired Army Major. Put simply – Gregg is a diligent, insightful leader with a balanced blend of the qualities, capabilities and experience to “deliver” and serve an organization with distinction.         

Why would you like to serve on the Board?

I am grateful for the opportunity to serve with CHIME and give back to the Healthcare community with my passion for serving patients and their families through weaving principles and practices of cybersecurity into care support and delivery operations. I have spent the last 20+ years in the role of healthcare security in combination with 24yrs of active and reserve cyber security service in the US Army. Through the years I have developed a solid expertise across the information security domains and strive to give back to the cyber community through conference talks, authorship and social media blogs and posts.

Unlike most technology leaders in healthcare, I’ve been fortunate enough to walk the hallways of medical surgery floors, attend physician and nurse scrums, witness Da Vinci nano-assisted surgery, work with bed management and transport teams, sat with “fit pit” docs, become a certified hospice volunteer and curate personal relationships with hospital Presidents, CMOs, CNOs and “house supervisors”. Given this fortunate exposure to clinical operations, I view cybersecurity through a lens of finding synergies with IT and hospital operations to balance security and privacy with patient centered care delivery.

I would feel privileged to participate on the CHIME AEHIS board to learn and grown from other great thought leaders in shaping the next era of healthcare cyber. Employed as a Sr. Cyber Security Architect with Leidos, I can straddle both customer needs and CHIME AEHIS thought leadership to influence innovation that delivers modern and practical cyber capabilities while advancing, not hindering care delivery.

If elected I promise to serve honorably and fulfill all commitments with diligence and dedication. I will focus my efforts on helping bridge the operational care delivery gap between cyber, IT, and clinical/patient serving roles.

Dan L. Dodson serves as President of Fortified Health Security where he helps healthcare organizations effectively develop the best path forward for their security program based on their unique situation. Prior to joining Fortified, Dan served as Executive Vice President for Santa Rosa Consulting, a healthcare focused IT consulting firm, where he led various business units as well as the sales organization. He also served as Global Healthcare Strategy Lead for Dell Services (formally Perot Systems), where he was responsible for strategy, business planning and M&A initiatives for the company’s healthcare services business unit. Dan also held positions within other healthcare and insurance organizations including Covenant Health System, The Parker Group, and Hooper Holmes. A thought leader in the healthcare cybersecurity space, Dan has been featured in Becker’s Hospital Review, Healthcare Business Today, Healthcare Innovation News and other media outlets. In 2018, Dan was recognized as a rising healthcare leader under 40 by Becker’s Hospital Review. He has also spoken at industry-leading events and conferences including HIT Summits, CHIME and HIMSS events. He currently serves on the Southern Methodist University Cyber Security Advisory Board. Dan holds a M.B.A. in Health Organization Management and a B.S. in Accounting and Finance from Texas Tech University.

Why would you like to serve on the Board?

There are three main reasons why I would like to serve on the board of AEHIS. First and foremost, I believe in AEHIS and why AEHIS exists. I believe this organization is well positioned to execute its mission and better serve security executives in healthcare by providing a forum to learn from each other. This is very important as the industry must work together to get in front of cyber criminals. Secondly, I believe that I can bring perspective to the board which will in turn provide value to our members. Healthcare cybersecurity is all I do and, by leading one of the biggest healthcare-only cybersecurity firms, I have the honor of working with hundreds of healthcare organizations across the country. This gives me realtime insights into the challenge’s healthcare CISO’s face, and I will bring that perspective to the board. Leveraging this knowledge effectively should help develop and guide the direction of AEHIS to a place where every healthcare CISO finds value and engages with AEHIS. Third, I would like to give back. I believe that collaborating with AEHIS provides and avenue for me to give back to the industry that has given me so much.

What direction you envision for the AEHIS Foundation?

My vision for the AEHIS Foundation is that every security company that serves healthcare would join and actively participate in AEHIS. Furthermore, every CISO in healthcare would join AEHIS because they find significant value in the programs we offer. If we can get all the security firms and all the CISOs working together, sharing information and learning from each other, then we can have a major impact on the security posture of healthcare. AEHIS can be the glue that brings everyone together and I would love to a be a part of making that happen.

With 15 years of cybersecurity consulting experience, Jared currently leads Crowe’s healthcare cybersecurity practice, with specialized focus in cybersecurity controls assessments, HIPAA Compliance, and penetration testing. Jared assists clients with assessing cybersecurity risks and implementing cybersecurity controls to remediate issues and build enterprise cybersecurity programs to best protect healthcare organizations against today’s cybersecurity threats, privacy concerns, and meet compliance expectations. Additionally, he serves in an advisory role as the CISO for a health system. Jared holds several technical certifications and is a regular speaker on cybersecurity issues at national conferences.

Why would you like to serve on the Board?

I would like to serve on the board to:

Better connect with other healthcare information security executives

Provide feedback on guidance to the AEHIS program

Grow and enhance membership

I envision more offerings to provide centralized guidance, advice, resources to the members

Personally, I have served on the board of my HOA for 5 years. Professionally, I have presented to numerous boards over my 15+ years of consulting experience. Primarily in Healthcare, but other industries earlier in my career. I have also performed board trainings around risk, compliance, and cybersecurity topics.

Jeremy Molnar is the Senior Vice President of Solution Development for CynergisTek, Inc., which is primarily responsible for connecting with healthcare clients, identifying their different security, privacy, and compliance needs, and developing or improving services to best help clients address those needs. He has been with the organization for almost 15 years and previously led the department responsible for delivery of consulting, managed, and professional services in the areas of information security and privacy. He is a subject matter expert in several areas including information security; strategic planning; risk assessments, analysis, and management; architecture and enterprise security assessments; network and host-based security; intrusion detection/prevention and threat management; log monitoring and management; vulnerability assessments and management; penetration testing and analysis; and disaster recovery/business continuity planning. Mr. Molnar has participated in and led hundreds of assessments and in building remediation plans/strategies with CynergisTek’s clients to help them develop comprehensive information security programs. He has extensive practical knowledge of compliance standards and frameworks including HIPAA/HITECH, NIST CSF, NIST 800-53, ISO 27001/27002, and PCI and has 20 years of experience dedicated to information security with almost 15 years focused on healthcare IT. Mr. Molnar has a Bachelor of Science in Management Information Systems from Excelsior College, and his certifications include CISSP, HCISPP, MCSE, CCNA Security, and CS-CIPSS.

Why would you like to serve on the Board?

I would like to serve on the AEHIS board and serve AEHIS members because of my strong, deep-rooted passion to help promote stronger information security practices and the CISO role in particular in the healthcare industry. I have been working with hundreds of hospitals over the past 15 years and have been a big advocate to make the CISO an established role. I have worked with and continue working in tandem with some of the more well-known healthcare CISOs such as Heather Roszkowski and Sri Bharadwaj. While this role is finally becoming more common, it is still a very underserved community that requires more support. I see the ability to provide actionable, useful resources through AEHIS.

Most CISOs continue to struggle with medical device security, being able to respond to a ransomware attack, and getting support from the C-suite for further investment in security. I’d like to see the direction of AEHIS continue to grow and provide more guidance for the healthcare CISO.

Rachel Weissberg has spent the last 20 years in Healthcare Technology, serving various leadership roles at Sirius Healthcare, CoreSite Technology, Iron Mountain and AT&T Wireless. She currently serves as the Director and General Manager of the Healthcare Practice at Sirius where she is responsible for development of the healthcare sales team and strategic partnerships with healthcare technology vendors.

Sirius is a national integrator of technology-based business solutions, Sirius helps healthcare organizations improve quality of care, control costs and ensure compliance with holistic, agnostic solutions. Sirius works to help organizations innovate by transforming patient care, clinical efficiencies and business impact.

Prior to joining Sirius, Rachel served as the Managing Director of Healthcare for CoreSite where she was responsible for healthcare solutions, strategy and market development.

Rachel’s two decades of experience have helped her to understand the complexities in healthcare and how to leverage technology to deliver solutions to help control cost, increase patient satisfaction and engagement and mitigate risk.

Rachel holds a Bachelor of Arts degrees in Psychology from Scripps College in Claremont, CA.

I would like to serve on the board as it is a great way to help the healthcare community. I see the struggles every day with my provider clients and would like to help build an environment that fosters growth for its members around education, awareness and a platform for collaboration. So many of us are tackled with the same challenges and need an aggregate for answers, solutions and best practices as we build our security programs. I know AHEIS can be this place.

I believe I can contribute to the growth of membership, program content and overall awareness of the challenges we all face.

Wes Wright is the Chief Technology Officer at Imprivata, where he is responsible for driving the company’s global technology strategy and vision in support of its mission to enable healthcare securely by establishing trust between digital identities.  With more than 20 years of experience leading technology teams within care provider organizations, Wes has an extensive background in healthcare, IT Leadership, and security, and represents a strong “voice of the customer” on the Imprivata management team.

Prior to joining Imprivata, Wes was the CTO at Sutter Health, where he was responsible for technical services strategies and operational activities for the $16 billion not for-profit hospital and integrated delivery network.  Wes also held the position of CIO at Seattle Children’s Hospital, where he was responsible for the information services strategies and operational activities for the $1.8 billion not-for-profit hospital, research institute, and foundation.  Prior to that, he spent extensive time serving in multiple roles in the U.S. Air Force, most significantly, in his role as Chief of Staff for a 3-Star General, responsible for 77 military hospitals.

Wes holds a B.S. in Business and Management from the University of Maryland and received his MBA from The University of New Mexico.

https://www.linkedin.com/in/4kidwes/

Tremendous technology advances are being made in areas such as virtual medicine, the Internet of Medical Things (IoMT) and patient-driven care, yet the expanded perimeters, decentralized data, digitized identities and ubiquitous devices that support these innovations can add vulnerability to our systems.  It’s our job to mitigate that risk, without slowing progress, or workflows.

I believe that I can bring particular value to the AEHIS board and community in the area of digital identity and access management.  increasing the security and resilience of medical devices and health IT, the second of six imperatives set forth by the U.S. Department of Health and Human Services’ Cybersecurity Task Force in The Report on Improving Cybersecurity in the Healthcare Industry.  The importance, and risk, of the Internet of Medical Things (IoMT) has become apparent to healthcare.  Securing these types of devices in a healthcare organization has been a focus area of mine in recent years, and has intensified since I took the CTO position at Imprivata.  I believe I can contribute the knowledge I’ve developed around IoMT, as well as the experience that I have gathered from security leaders, in and outside of healthcare, to the AEHIS Board.

In my role as CTO at Imprivata, I have the privilege of working every day with leading IT, clinical and security experts at healthcare organizations of all sizes, specialty and world-wide geography.  I also have the benefit of the top talent of the Research and Discovery team at Imprivata.   I would be honored to represent the interests and expertise of our customers and my fellow technologists on the AEHIS board.  Through our collaboration and collective experience, we can help our healthcare IT colleagues to develop policies, plans, and procedures to help leverage the power of technology without jeopardizing patient care and safety.

While it is growing, the pool of security experts in healthcare is not deep.  CISOs are in high demand.  Fortunately, the nature of healthcare IT is fraternal, and even competitors are willing to share knowledge.  Concentrating our efforts on recruiting new members who can contribute their expertise, and cultivating aspiring CISOs will benefit us all.

At this critical point in our industry’s history, guidance around security and resilience are urgently needed by care provider organizations, technology vendors, payors, patients and policy makers.  AEHIS has made great strides towards becoming the trusted and respected IT security resource for healthcare, much like CHIME has come to be a powerful opinion leader for CIOs and legislators.  AEHIS should continue that work through our educational offerings on AEHIS Live, doubling down on articles, white papers and webinars that establish credibility for both our members and our organization.  Perhaps we use the imperatives laid out by the HHS Cybersecurity Task Force, which consisted of several AEHIS and CHIME members, as a model.  We could align subject matter experts with each imperative, creating educational content, and establishing forums for discussion and idea sharing.