Information security executive leadership guidance, advisement and mentoring.

Established the information security program including the alignment of HIPAA, HITECH, FISMA, and NIST information security policy, procedures and risk management to support extensive clinical research, adoption of security technology and training across clinical research, ambulatory clinical care, and administrative academic systems. Implemented the clinical research data security quality management program encompassing the enterprise data warehouse and all departments school-wide. Coordinating security management programs with clinical partners such as Northwestern Memorial HealthCare.

November 10, 2017 Practical Tips for Creating a Cybersecurity Framework that Meets Your Privacy StandardsHealthcare IT SummitBeverly Hills, CAOctober 20, 2017 Practical Tips for Creating a Cybersecurity Framework that Meets Your Privacy StandardsHealthcare IT SummitRaleigh, NCOctober 20, 2017 Top Recommendations for Strengthening Legacy Systems Security Healthcare IT SummitRaleigh, NCOctober 6, 2015Data Security: Managing Risk Inside and Outside Hospital WallsiHT2 Health IT SummitChicago, IL

Interim Appointments as Chief Information Security Officer at Northwestern Medical Faculty Foundation and Northwestern Memorial HealthCare. Developed the Information Security merger integration plan for Northwestern Medical Faculty Foundation and Northwestern Memorial HealthCare.

Established, defined and executed the information security strategy and implementation plan encompassing all 24 colleges and institutions (over 500,000 students and 35,000 employees) and shared administrative information technology services, reducing operational and information risks through policy, technology and awareness programs, and monitoring for ongoing operational compliance throughout the University.

December 1, 2011 Protecting Data and Neutralizing IT Security ThreatsThe Center for Digital EducationNew York City, NYSeptember 11, 2009 "On the Legal and Ethical Frontline", Data Security: Avoiding Your Worst Nightmare! US Department of Health and Human Services - Office for Human Research Protections, US Department of Energy, Research Community ForumNew York City, NYMay 4, 2009 Aligning Information Security into Overall Governance Government Technology Executive EventsNew York City Cyber Security Summit, New York City, NYOctober 2, 2008 Protecting Privacy Government Technology Executive EventsNew York City Cyber Security Summit, New York City, NYJuly 16, 2008 Usage of Mazu Profiler in CUNY Mazu Networks – Customer Advisory BoardNew York City, NYJune 20, 2008 Identity Theft and Information SecurityJohn Jay College of Criminal JusticeNew York City, NYDecember 1, 2006 Information and IT Security, An Important Shared ResponsibilityThe Center for Digital EducationNew York City, NY

Established the information security service provider management team at the New York City Service Center. Major clients included a major hospital system and a financial services institution.

Established the information security organization; including defining and executing the security strategic plan, policy development and maintenance, security training and awareness programs, infrastructure and business area security project management, audit/risk assessment, policy monitoring initiatives and security architecture development.

Established the global information security governance and IT risk management program; including defining and executing the security strategic plan, policy development and maintenance, security training and awareness programs, infrastructure and business area security project management, audit/risk assessment and policy monitoring initiatives, quality and regulatory compliance management, security architecture development, business continuity planning, and emergency/incident response.

Managed a global internal audit organization covering information technology and security, regulatory compliance (FDA, privacy), financial and operational reviews and assessments, monitoring compliance with policies, development of audit/risk assessment approaches, business and technology project advisement, and regular risk management presentations to the Board of Directors.