Agenda – Precon/Day 1

Adam Greene is a partner in the Washington, D.C. office of Davis Wright Tremaine and co-chair of its Health Information Group. Adam primarily counsels health care providers, technology companies, and financial institutions on compliance with health information privacy, security, and breach notification rules. Previously, Adam was a regulator at the U.S. Department of Health and Human Services, where he played a fundamental role in administering and enforcing the HIPAA rules. At HHS, Adam was responsible for determining how HIPAA rules apply to new and emerging health information technologies and was instrumental in the development of the current HIPAA enforcement process. Adam has been recognized as one of the top ten influencers in health information security, one of the top 50 healthcare IT experts, and is a frequent speaker and author on health information privacy and security issues.

Timothy Noonan is the Deputy Director for Health Information Privacy, at the Office for Civil Rights (OCR), United States Department of Health and Human Services. The Health Information Privacy Division enforces the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules and the Patient Safety and Quality Improvement Act and Rule through investigations, rule-making and guidance, and outreach. Previously, Tim served in OCR headquarters for approximately 1 ½ years as the Acting Associate Deputy Director for Operations and the Acting Director of OCR’s Centralized Case Management Operations. Tim joined OCR as the Southeast Regional Manager in November 2013. Prior to joining OCR, Tim was a Supervisory General Attorney for the U.S. Department of Education, Office for Civil Rights, and a shareholder in a Michigan law firm.

Serena Mosley-Day is the Senior Advisor for HIPAA Compliance and Enforcement, Office for Civil Rights (OCR), U.S. Department of Health and Human Services (HHS). In this role Serena is the national lead for OCR enforcement of the HIPAA Rules, and works closely with OCR’s regional offices to promote compliance with and enforcement of the HIPAA Rules, including through negotiated resolution agreements. Serena has been with HHS OCR since December 2013. Prior to serving as Senior Advisor, Serena was the Deputy Regional Manager, Southeast Region of HHS OCR. Before joining HHS OCR, Serena was an attorney at the Social Security Administration and a supervisory attorney for the U.S. Department of Education, Office for Civil Rights.

Michael Greenberg is a Principal Life Scientist with the MITRE Corporation. Dr. Greenberg is a lawyer and a clinical psychologist by training. His areas of expertise include organizational behavior, corporate governance and compliance, and healthcare policy and regulation. His work at MITRE is focused on the areas of federal health policy, regulation, and administration.

Previously, he served as a senior research analyst and executive at the RAND Corporation, as RAND’s Director for Intellectual Property Strategy and Management, and as a Professor at the RAND-Pardee Graduate School.

Outside of his work at MITRE and at RAND, Greenberg has served as an adjunct faculty member at the University of Pittsburgh School of Law; the University of Pittsburgh School of Medicine; and the Heinz College of Public Policy at Carnegie Mellon University. Dr. Greenberg serves on the Board of Directors of No Crayon Left Behind.

Daniel J. Solove is the John Marshall Harlan Research Professor of Law at the George Washington University Law School. He is also the founder of TeachPrivacy, a company that provides privacy and data security training programs to businesses, law firms, healthcare institutions, schools, and other organizations. One of the world’s leading experts in privacy law, Solove is the author of 10+ books and textbooks and 50+ articles. His articles have appeared in the Harvard Law Review, Yale Law Journal, Stanford Law Review, and Columbia Law Review, among others. Professor Solove blogs at LinkedIn at Privacy+Security Blog.

Gerry Zack is a compliance and antifraud expert and author, with more than 30 years’ experience in the prevention, detection and investigation of fraud, noncompliance, and corruption. Effective November 1, 2018 Gerry became the CEO of SCCE & HCCA, following a 12-month transition during which he worked closely with former CEO and founder Roy Snell.

Prior to joining SCCE & HCCA last year, Zack spent more than 30 years providing services for the prevention, detection, investigation, and remediation of fraud, corruption and noncompliance. He served as a Managing Director in the Global Forensics practice at BDO and ran his own advisory and investigative practice. He also served as Chief Operating and Compliance Officer, and Deputy Executive Director, of the Optical Society from 2010 to 2012.

He served on the Faculty at the Association of Certified Fraud Examiners for 11 years and is a former chair of its Board of Regents.

Dr. Don Rucker is the National Coordinator for Health Information Technology at the U.S. Department of Health and Human Services, where he leads the formulation of the federal health IT strategy and coordinates federal health IT policies, standards, programs, and investments. Dr. Rucker has three decades of clinical and informatics experience. He started his informatics career at Datamedic Corporation, where he codeveloped the world’s first Microsoft Windows-based electronic medical record. He then spent over a decade serving as Chief Medical Officer at Siemens Healthcare USA. Dr. Rucker has also practiced emergency medicine for a variety of organizations including at Kaiser in California; at Beth Israel Deaconess Medical Center; at the University of Pennsylvania’s Penn Presbyterian and Pennsylvania Hospitals; and, most recently, at Ohio State University’s Wexner Medical Center.

Angela Alton has worked in healthcare for over twenty years. For the past fifteen years Angela has focused on the areas of information privacy, security and regulatory compliance. Currently, Angela is Vice President, Privacy Officer for Ann & Robert H. Lurie Children’s Hospital of Chicago where she provides direction and oversight for all facets of the privacy program. Prior to this, Angela served as the Deputy Chief Privacy Officer- Bay Area for Sutter Health in California.

Andrew Clearwater serves as Director of Privacy at OneTrust. Mr. Clearwater is a Certified Information Privacy Professional (CIPP/US), holds an LLM in Global Law and Technology and is a licensed attorney. In his role as Director of Privacy, Clearwater provides counsel, leadership, and guidance on data protection. He is also responsible for providing public policy analysis in the areas of privacy, data security, information policy, and technology transactions.

Before joining OneTrust, Mr. Clearwater was the Privacy Officer for RxAnte. Clearwater also held privacy roles at the Future of Privacy Forum, as well as the Network Advertising Initiative. In addition, he made contributions to the NTIA mobile application transparency discussion, helped launch a privacy seal program for companies that use consumer energy data, participated as a member of the W3C Tracking Protection Working Group, and taught as an adjunct professor of privacy and technology law at the University of Maine.

Elizabeth Delahoussaye is the Chief Privacy Officer for Ciox Health, with corporate headquarters located in Alpharetta, GA. Elizabeth has served on AHIMA Board of Directors and was the Speaker of the House of Delegates in 2016. She has also served as a representative for THIMA on the AHIMA House of Delegates, as well as President-Elect and President for THIMA from 2008-2010. Elizabeth has served on various committees at the national level with AHIMA, including as co-chair on AHIMA ROI Tool Kit in 2013, the AHIMA Annual Program Committee in 2014-2015, and is currently serving on the AHIMA Privacy and Security Council. In 2013 she received the THIMA Distinguished Member Award for her many years of volunteering on both the state and national level.

Alta Whisnant is the Privacy Officer for Envision Healthcare Corporation and is certified in Healthcare Compliance. She is a seasoned healthcare compliance/privacy professional whose experience spans more than 15 years in the compliance/privacy arena and has over 35 years of healthcare experience overall. Ms. Whisnant joined AmSurg Corp. in 2007 as Director of Compliance & Privacy and in 2015 she was named Vice President, Compliance/Privacy Official. AmSurg and Envision merged in 2017 and Ms. Whisnant became the Corporate Privacy Officer for Envision Healthcare Corporation. Prior to joining AmSurg, Ms. Whisnant served in positions of Health Information Management/Privacy Officer for several healthcare systems.

Anne Kimbol is the Assistant General Counsel and Chief Privacy Officer for HITRUST. In this role, she works on legal issues for the company and leads the company’s efforts in the areas of privacy and related policy. She holds the CIPP/US, CIPP/E, CIPM, and CHPC certifications. She has also been recognized as a Fellow in Information Privacy by the International Association of Privacy Professionals.

Erika Riethmiller is the Chief Privacy Officer & Senior Director of Privacy Strategy for University of Colorado Health. Previously, she was the Director of Corporate Privacy for Anthem, Inc. and the Privacy Officer for The State of Colorado, Department of Health Care Policy & Financing. She is a past president and board member of the Colorado Healthcare Associate Risk Managers.

Iliana L. Peters is a shareholder for Polsinelli, PC. For more than twelve years, she both developed health information privacy and security policy, including on emerging technologies and cyber threats, for the Department of Health and Human Services, and enforced HIPAA regulations, as both the Senior Advisor for HIPAA Enforcement for over six years, and as Acting Deputy Director for HIPAA. As a CISSP, Iliana works hard to bridge the gap between legal requirements for the security of health data and security industry best practices, so that clients can better understand data security issues and jargon. She is excited to bring her extensive experience drafting, implementing, and enforcing health privacy and security regulations and guidance to a practice that focuses on helping clients develop and implement good data privacy and security practices to avoid risk, and helping clients prepare for and recover from emerging cyber threats.