Boston, MA
Sheraton Boston Hotel
Sep. 11-13, 2017

Paul Kerr

Chief Information Security Officer
Reading Health System

Paul Kerr is the chief information security officer at Reading Health System and also is senior director of the Program Management Office. He has designed, built, and managed information security programs for highly regulated industries for 20 years including many highly recognizable financial institutions and government agencies.

Prior to selecting information security as a profession, Paul specialized in visual processing. He clinically diagnosed and remediated children and adults with profound reading disabilities. Also, he led work to optimize helicopter cockpit display scanning by pilots for the Office of Naval Research.

Paul graduated from Swarthmore College and has advanced degrees from Temple University (M.Ed.) and the University of Illinois at Urbana-Champaign (Ph.D) plus multiple professional certifications in risk management, IT governance, information security and program management.  




September 12, 2017
1:30pm - 2:00pm
Constitution B

The current regulatory environment does not give healthcare providers specific guidance on addressing medical device security - but that doesn't mean you can't take action. In this session, speakers with first-hand experience assessing and developing successful medical device security programs share their insights and leading practices.

Discussion points will address:

  • How to make tangible progress reducing medical device security risks with limited resources.
  • Suggested prioritization and road maps for securing medical devices.
  • Practical procedural approaches for addressing biomed security areas, including network isolation, policies, asset management, training and awareness, patching, malware protection, and more.
  • How to define responsibility and break down communication silos across stakeholder groups (between medical device manufacturers, biomedical and clinical engineering, IT, purchasing, and other key stakeholders).
  • How to begin developing a program despite a lack of regulatory guidance and comprehensive industry standards.
  • Convincing conversation points for senior leadership, highlighting serious threats, required remediation and additional efforts to secure your most vulnerable assets.

Get Updates

Sign up to get the latest information on upcoming events.