Recent Presentation History:2024: CIC SW 2024 SMU University Campus “Timeline to Compliance". October 6th, 20242024: National CMMC Day, Washington DC “Psychology of CMMC Implementation From a Risk Management Perspective". May 6th, 20242024: Keynote for Mission Critical Service Provider track “Why do I Need Compliance – Modernizing Cyber and IT Offerings to Reduce Service Providers’ Risk”! At CIC2024, CMMC Implementer's Conference (CIC 2024)2023: Co-present with Katie Arrington at CIC, 2023 CMMC Implementer's Conference (CIC 2023), University of San Diego. “Uncle Sam Needs YOU” - a call to action for owners of MSPs, MSSPs, etc.2023: Presentation: “Cyber Threats to IT & OT etc”, at OREGON CYBER RESILIENCE SUMMIT 2023, Eugene, Oregon2022: Cybersecurity Specialist Panel Participant at Pacific NW Defense Coalition (PNDC) Cybersecurity Conference, Portland, Oregon. “Hear from our panel of experts to make sure your business is staying on top of your cybersecurity plan.”2022: Presentation on “Penetration Testing” at Oregon Association Government IT Management (OAGITM) Conference

President PEAK Complyance / PEAK IT Security & Solutions (CyberAB RPO). We put the Y in Complyance. We help businesses prepare for CMMC Certification. We promote PEAK Productivity, Reliability, Resilience, and Security.

CMMC Registered Practitioner working with manufacturing on Certification Gap Assessments and Remediation Projects. Security Solutions: Cybersecurity requires a layered approach that addresses all points where an attack can occur. From the perimeter to the desktop to the applications to the data itself, and to all mobile devices in use today. Call today for your FREE Cybersecurity Risk Assessment.Disaster Recovery: Backup and Disaster Recovery Plans are a must for all businesses. It is estimated that half of the businesses do not have a complete backup to recover from in the event of a disaster, whether it's a ransomware attack or a catastrophic event. Call today to have your backup process evaluated.IT Support: We provide IT support for all your business technology needs, including desktops, servers, network, and User Management. We manage your IT resources so you can take care of your business. You won't find better customer service!

Laney IT Consulting, Inc. is a boutique consulting firm that specializes in Telehealth. Laney IT has a Quick Start kit to get you up and running on Telehealth that is HIPAA compliant and guidance on how to bill and get paid. ►Telehealth in a Box ★ Build a customized blueprint for your clinic ★ Optimize workflow for a thriving practice ★ Checklist to mitigate risk, liability and compliance ★ Specializing in Community Cancer Center Workflow ►PRIME Healthcare ★ Program Director ★ IT Organizational Consulting►Mercy Foundation HKOP Program ★ Application Support ★ IT Consulting►Reliance HIE ★ HIE Project Planning, Outreach Services ★ HIE Implementation, Onboarding & Support Services►Cascade Health Alliance ★ Plexis Claims System Conversion/database Migration ★ MCG AutoAuthorization Implementation ★ EDIE PreManage Implementation ★ Health Information Exchange Integration & Workflow Updates ★ VisiblEDI Implementation ★ HMS Essette Application Integration/support►Centennial Medical Group ★ Health Information Exchange support and expansion ★ Data Integration for AR conversion ★ Physician Productivity Program Implementation

Organizational Transformation by implementing NIST 800-53 including Policies & Procedures, Security Design, Configure, Document technology, Audit Logs, Incidence Response Plan, Business Continuity/ Disaster Recovery Plan, transforming technology debt by ~migrating to MS365 ~relentless patching ~migrating off legacy apps ~implementing network segmentation ~access control ~SIEM ~Security Awareness Training ~Change control ~Penetration testing.AWARDED: $20MM+ Grants:$18,250,000 MM DHS/FEMA Region 10 Douglas County Radio Infrastructure and Improvement (2024)$ 1,450,000 Congressional District Funding - Hoyle ECRS Radio Tower (2024) (Anticipated)$ 203,750 DHS/FEMA Region 10 Douglas County GIS Redundancy Upgrade Project (2024)$ 150,000 Oregon State Cybersecurity Grant (2024)$ 355,000 COPS Douglas County P25 Radios (2023)$ 71,374 HSGP SHSP Camera Replacement Douglas County (2023)$ 138,200 OEM DHS SHSP Douglas County Cybersecurity (2022)$ 120,000 OSFM Wildfire Risk Reduction Douglas County (2022)$ 1,500,000 Congressional District Funding - Heard ECRS Radio Tower (2021)

PRIME HealthcareWorked closely with Will Conaway and executive leadership to leverage investment in Meditech at 21 facilities. Established standards and processes and as Program Director, implemented over 44 projects across 21 Meditech facilities successfully.

Key Responsibilities: ~Collaboratively led the development of groundbreaking HIPAA Privacy and Security policies and procedures, setting compliance standards for the organization.~Spearheaded the creation and implementation of transformational change procedures tailored to the unique needs of each departmental unit within the organization.~Played a pivotal role in the leadership team, guiding the strategic direction for compliance and ensuring alignment with federal regulations.Achievements:~Successfully established the organization’s compliance framework during the initial rollout of HIPAA regulations, positioning the organization as a leader in healthcare compliance.~Developed and conducted comprehensive training programs for staff across all levels, significantly enhancing organization-wide understanding and adherence to HIPAA standards.Impact:~Enhanced the privacy and security measures of patient information, significantly reducing the risk of data breaches and ensuring compliance with national standards.~Fostered a culture of continuous improvement and compliance, which remains a cornerstone of the organization’s operational excellence to this day.

►Corporate IT Director for CHI Hospitals▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬✦Mercy Medical Center, Roseburg, OR (175 beds)✦St. Anthony's, Pendleton, OR (25 bed CAH)✦St. Elizabeth's, Enumclaw, Washington (25 bed CAH)✦St. Joseph's, Albuquerque, NM►Physician IT Advisory Committee:▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬2005-2017Nancy developed an innovative, collaborative, relationship with the local physician group that improved the continuum of patient care and increased physician satisfaction through integrated seamless access to patient information. This long-standing collaboration between the hospital’s IT group and medical staff was the foundation that launched an IT steering committee with physicians from many specialties, including doctors who were not inherently comfortable with technology. The group fostered open and ongoing communication within the wider medical staff, and with the hospital’s technology vendorsKey accomplishments: ✔ Developed bi-directional deep integration between hospital EMR and community physician EMR ✔ Implemented CPOE using PatientKeeper with 90% adoption within first 6 months ✔ Implemented Physician electronic notes with 50% adoption ✔ Standardized provider order sets ✔ Implemented order set Governance with physician support and buy-in ✔ Implemented PACS and eliminated all printing of film►Significant Successful Projects▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ★ Network Transformation Project $3M ★ Implement McKesson CV PACS and SAN ★ Migration from GE PACS to McKesson PACS and Powerscribe ★ Implement GE PACS and Dragon ★ Design and implement MedPlus ChartMaxx Document Imaging ★ Meditech Patient Accounting Implementation ★ Meditech Advanced Clinicals Implementation (see additional details below) ★ Early adopter of Single-Sign on technology ★ First Hospital to implement Vocera wireless voice activated communication ★ Eclipsys DSS implementation ► Nancy has Achieved the Distinction of Achieving the Top 10% of Employee Satisfaction

Program Manager▬▬▬▬▬▬▬▬▬▬▬While at CHI, Nancy developed a multi-year strategic program to meet Meaningful Use and Mercy Medical Center received nearly $3M in incentive payments. She lead the hospital from paper-based charting to an Electronic Record fully integrated including closed loop medication administration with PatientKeeper CPOE. She oversaw the successful implementation of the complete program and recruited and managed the contract resources.She focused on clinical workflow requirements and implemented solutions to improve patient safety and efficiency. Resulting in a successful go live with no increase in clinician productive hours. The PatientKeeper implementation resulted in achieving 80% electronic orders within 7 months of go live, 75% increase in monthly volume of electronic notes over first 7 months and a 5x increase in eSignature.Solutions included:★ Meditech Advanced Clinicals★ PatientKeeper CPOE, Notewriter, MedRec, Mobile Clinical Rounding★ Capsule - to integrate vitals into EMR★ Centricity PeriNatal Web Access - integrated into EMR★ ED Documentation utilizing scribes★ ReDoc Outpatient Therapy - integrated into EMR★ Medventive - Pop Health integration★ PaceArt Optima - Cardiac Rehab★ Everbridge Desktop Alert System★ RightFax ★ DrFirst ePrescribing integrated with EMR★ TheraDoc implementation and integration with EMR★ eSign consents at Point of Registration★ GE API acuity based staffing★ Records One CDI★ Iatrics suite of products including POI★ HIE - Health Information Exchange - Grapevine - Tiani-SpiritFollow the link below (and click view source on the next screen) for lessons learned on Mercy's PatientKeeper implementation.

While at CHI, Nancy was ITS Site Director and Construction Project Manager for St. Anthony's in Pendleton Oregon. During that time, St. Anthony's designed and built a new hospital which opened in December 2013. The $74M complex was delivered as an integrated project delivery (IPD) project, used the LEAN process to create a more patient-centered facility with modern technology, diagnostic equipment and bedside documentation.The 80-acre complex includes a 105,200-square-foot hospital, plus an adjoining two-story, 54,000-square-foot medical office building (MOB). A collaboration between HCG, ZGF Architects (Seattle), and Sellen Construction (Seattle). Nancy oversaw construction design and installation:• IT Department• IT Training Room• IT cabling throughout the facility• Nurse call• Infant security• Computers• Printers• Paging• Video conferencing• VOIP Phone Systems