HEALTHCARE SECURITY FORUM: A HIMSS EVENT
Boston, MA, Oct. 15-16, 2018
As Intermountain’s Assistant Vice President and CISO, Karl is responsible for Information access, authorization, privacy, business continuity, and data governance. Karl leads the planning, development, and implementation of the Intermountain’s information systems security program to promote information systems reliability and accessibility while protecting and defending against unauthorized access to patient information, clinical systems, networks, and data. He reviews and studies all information published by DHHS, CMS, and other regulatory bodies relative to health Information security and privacy. As CISO, he helps to establish and maintain policies and procedures related to the release of health information.
Karl has been involved with information technology for the past 25 years. Prior to Intermountain Healthcare, Karl was a vice president and managing partner in AT&T Consulting Services. Karl also has a keen interest in development of new technologies to improve patient care and lower patient costs.
Karl is a member of the Utah Health Information Network (UHIN) Privacy and Security Board, as well as a board member of the Weber State Computer Science Department.
Karl received a BSCS from Brigham Young University and has also received an MBA.
In this last session of the forum, Intermountain Healthcare CISO Karl West describes the tremendous overhaul his security program has undergone over the past few years.
The forum has covered a lot of ground over two days. In this final session, attendees hear how one organization has begun to put it all together and move security into the new area of consumerism and convenience.
Your organization has just been hit with a large-scale breach. As security leader what do you do first?
This CISO panel session will discuss prioritization and the sequence of activities that you should follow when dealing with a major breach including executive and other internal communication, external breach notification including affected individuals, OCR, and state regulatory bodies. With a 72-hour breach notification window fast becoming the norm, you don’t have long to think about things making sure that it’s done right!