San Francisco, CA
May 11-12, 2017

Jamie Lam

Data Security Compliance Manager
UCSF School of Medicine

Jamie Lam is the data security compliance manager for the University of California at San Francisco School of Medicine. Jamie develops and executes the vision, strategy and direction for the school’s enterprise risk  program and objectives. She has more than eight years of experience in information security, risk assessment, security awareness training and outreach, compliance, governance, policy, IT security controls and audit, data privacy, data protection, and security monitoring. She specializes in healthcare privacy and security and HIPAA compliance.

May 12, 2017
2:10pm - 2:45pm
Grand Ballroom

Shadow IT is growing as tech-savvy employees seek to cut cost and work more effectively. Long gone is the time when enterprise IT had full control of all the technologies used within an organization. When cloud services and custom applications with sensitive data run without the appropriate oversight, it leaves the entire organization at risk of a data breach.

UCSF School of Medicine established the Data Security Compliance Program to address the security of systems not managed by UCSF enterprise IT. This session will include a review of UCSF’s approach to identify, assess, and manage shadow IT risks. Attendees will gain insight into how this world-class healthcare organization empowers employees to include security into their decision making process, and in doing so, is turning security from a department of ‘No’ to a trusted service partner.

Key takeaways

  • Start with an inventory of all your cloud services and custom applications.
  • Understand the need for Shadow IT in the first place.
  • Design and improve processes to reduce the need for employees to circumvent IT
  • Don’t forget education, communication, and engagement.
May 12, 2017
10:45am - 11:25am
Grand Ballroom

One of the best ways learn is to network with your peers. This session will provide an opportunity to meet speakers and attendees who have similar privacy and security challenges and discuss solutions to those challenges.

Here's how it works:

Speakers will be stationed at different tables in the ballroom, and attendees can circulate and speak one-on-one or in groups with individual speakers. The speakers have been assigned different topics, but other topics can also be addressed.

Mingle, share and learn in this interactive environment.

Speaker Line-up

  • Darren Lacey, CISO, Johns Hopkins Medicine – Endpoint Security & Pen-testing
  • Darin Prill, Senior Director, Children’s Mercy Kansas City – Incident Response
  • Chad Wilson, Director of Information Security – Network Segmentation
  • Anahi Santiago, CISO, Christiana Care Health System – Medical Device Security
  • Heather Roszkowski, CISO, University of Vermont Health Network – Cybersecurity Strategy
  • Bruce James, Director of Security Architecture, Intermountain Healthcare – Identity & Access Management
  • Phil Alexander, Director of Information Security, UMC Health System – Security Automation
  • John Houston, VP, Privacy & Information Security, UPMC – 3rd Party Risk Management, Cloud Security
  • Sanjeev Sah, CISO, Texas Children’s Hospital – Mobile Device Management

Get Updates

Sign up to get the latest information on upcoming events.