HEALTHCARE SECURITY FORUM: A HIMSS EVENT
San Francisco, CA - June 11 - 12, 2018
Jane Harper has over 18 years of risk, compliance, audit and security experience. Throughout her career she has established and supported, security, compliance, audit and risk functions for various types and sizes of heavily regulated organizations internationally and domestically. She currently directs the privacy and security risk management program for Henry Ford Health System, which owns a number of hospitals, clinics, pharmacies, home health care organizations, eye glass companies, health insurance plans and a golf course. As part of her duties, she is established the third party risk management program for HFHS and all of its subsidiaries.
Throughout her career Jane has had to be well versed on the requirements and their execution of domestic and international laws and standards including, HIPAA, HITECH, Meaningful Use, MACRA, MIPS, ARS, PCI, NACHA, PIPEDA, UK Data Protection Act, Basel 2 and 3, DIFS, FFIEC Security, CMS compliance, ORSA, OMB-FTI, and Solvency risk management requirements to name a few.
Jane has been awarded with a number of industry recognitions and awards including, Michigan Chronicle's Woman of Excellence, Crain’s Detroit Business 40 under 40, Oakland County Elite 40 under 40, Techweek Top 100. Jane holds several designations and certifications including, CISA, ITIL, CRCMP, ISA, PCIP, CRISC, CISSP and both undergraduate and graduate degrees.
More and more breach and enforcement activities against covered entities is due to the actions or in-actions of the third parties they engage to support their operations. Poor engagement, oversight, monitoring and dis-engagement often leaves covered entities responsible for all of the risk, fees, and reputational fall out. This can affect compliance, legal agreements, patient care and even your cyber security insurance. Trust but verify needs to be the underlying foundation of your third party risk management program.
In this session, Jane Harper brings more than 18 years of risk, compliance, audit, and security experience to share with attendees best practices for managing third-party risk.
Key takeaways include: