Boston, 2018 x2, MA
Oct. 15-16, 2018

Karl West

AVP, Chief Information Security Officer
Intermountain Healthcare

As Intermountain’s Assistant Vice President and CISO, Karl is responsible for Information access, authorization, privacy, business continuity, and data governance.  Karl leads the planning, development, and implementation of the Intermountain’s information systems security program to promote information systems reliability and accessibility while protecting and defending against unauthorized access to patient information, clinical systems, networks, and data. He reviews and studies all information published by DHHS, CMS, and other regulatory bodies relative to health Information security and privacy.  As CISO, he helps to establish and maintain policies and procedures related to the release of health information.

Karl has been involved with information technology for the past 25 years.  Prior to Intermountain Healthcare, Karl was a vice president and managing partner in AT&T Consulting Services. Karl also has a keen interest in development of new technologies to improve patient care and lower patient costs.

Karl is a member of the Utah Health Information Network (UHIN) Privacy and Security Board, as well as a board member of the Weber State Computer Science Department.

Karl received a BSCS from Brigham Young University and has also received an MBA.

October 16, 2018
1:20pm - 2:00pm
America Ballroom

In this last session of the forum, Intermountain Healthcare CISO Karl West describes the tremendous overhaul his security program has undergone over the past few years.

  • With the cloud dissolving the perimeter, he relies more on artificial intelligence than technical and physical controls to enforce policy.
  • In healthcare, security is often a hated word. West and his team are out to make security “frictionless” – painless and seamless to consumers (AKA patients) and staff, especially clinicians. This means moving to no passwords. No geolocation. No two-factor authentication.
  • His first option in mitigating risk? Use existing capabilities, not acquire more software or hardware.
  • His team’s first commandment: Understand the business and strategy and enable it.

The forum has covered a lot of ground over two days. In this final session, attendees hear how one organization has begun to put it all together and move security into the new area of consumerism and convenience.

October 16, 2018
9:15am - 10:00am
America Ballroom

Your organization has just been hit with a large-scale breach. As security leader what do you do first?

This CISO panel session will discuss prioritization and the sequence of activities that you should follow when dealing with a major breach including executive and other internal communication, external breach notification including affected individuals, OCR, and state regulatory bodies. With a 72-hour breach notification window fast becoming the norm, you don’t have long to think about things making sure that it’s done right!

Get Updates

Sign up to get the latest information on upcoming events.