Clearwater Presents:

2019 CIO Virtual Cybersecurity Symposium™

This 3-session workshop is designed to help healthcare leaders think about cyber risk holistically and build a program that ensures data is effectively protected.


Protecting patient information is foundational to any healthcare organization’s IT strategy.  As cybersecurity threats grow in frequency and complexity, many CIOs find themselves plugging holes in their system infrastructure to address vulnerabilities. 

Join Clearwater's experienced faculty of presenters for in-depth insights, best practices and an opportunity to earn CEUs.

Session Details: 

July 11 | Session 1

Module 1 – The Evolving Cyber Risk Landscape: True Stories from the Field

Using relevant healthcare Cyber Risk Management case studies, this module will set the foundation for the key learning objectives of the Symposium.  Key topics explored include how cyber risk is evolving from Compliance Risk to Security Risk to Patient Safety Risk to Medical Professional Liability  Risk and, as a result, how CIOs must lead their organizations to take a much more strategic, business-oriented and architectural approach to Cyber Risk Management.

Presenter: Bob Chaput, MA, CISSP, HCISPP, CRISC, CIPP/US,  Executive Chairman, Clearwater LinkedIn



Module 2 – OCR Enforcement: Past, Present, and Future

This presentation will examine OCR HIPAA enforcement. Trends over time in enforcement activity and violations will be discussed. In addition, we will discuss what OCR is currently focused on and discuss the future of enforcement.

Presenter: Jon Moore, MS, JD, HCISPP, Chief Risk Officer & SVP, Professional Services, Clearwater LinkedIn



July 18 | Session 2

Module 3 – A Framework for Analyzing Cyber Risk

The healthcare industry continues to trail behind other industries in cyber preparedness, making this important part of our critical infrastructure a top target.  After years of working to comply with HIPAA and spending hundreds of millions to recover from attacks and breaches, how do we get our arms around this?  This module will focus on the benefits of using a framework to analyze your cyber risk, identify exposures and structure your program to improve your overall information risk management posture.

Presenter: Cathie Brown, CGEIT, PMP, CISM, CISSP, VP of Professional Services, Clearwater LinkedIn



Module 4 – The Risk Treatment Decision 

HIPAA (45 CFR §§ 164.308(a)(1)(ii)(A)) mandates that a Risk Analysis be performed by every entity that creates, receives, maintains, or transmits ePHI as part of their business model. Upon conclusion of the Risk Analysis, those entities must address the substantive findings of the Risk Analysis is a manner also prescribed by HIPAA. This module will discuss that requirement.

Presenter: Blaine Hebert, MSIT, CISSP, HCISPP, Principle Consultant, Clearwater LinkedIn



July 25 | Session 3

Module 5 – Rethinking Cybersecurity Policy Governance: How to Turn Organizational Intent into Action

This presentation will offer a framework to more effectively define, organize, implement and manage organizational cybersecurity policy expectations. We will discuss the establishment of governance principles that are based on well-established and mature cybersecurity control standards and address the requirements necessary to implement a principal-based policy framework.

Co-Presenter: Wes Morris, CHPS, CIPM, HCISPP, Managing Consultant, Professional Services Clearwater LinkedIn



Co-Presenter: Adam Nunn, Principal Consultant, Clearwater LinkedIn



Module 6 – Making the Case for Cyber Risk Management Investment

The rapidly growing ecosystem of organizations supporting the healthcare industry and the increasing number of attack surfaces has made healthcare a soft target for those focused on exploiting our vulnerabilities.  The challenge is the lack of funding for identifying, prioritizing and implementing necessary safeguards and controls to reduce the risks to health information.  Investment in those safeguards and controls is an investment in damage control to the reputation, financials, and data of the organization.  Learn tips, tools, and methodology that have proven to be successful to obtain funds for data protection.

Presenter: Baxter Lee, CFO, Clearwater LinkedIn



*View the Full Program Syllabus

Attendance Certificates to apply towards CEUs will be issued to all attendees who complete the Symposium.

Attendees will be requested and expected to:

  • Engage in live polls conducted in each session
  • Post questions and comments for Faculty to address
  • Complete an evaluation after the each session

*Attendance to each session is encouraged, but recordings will be available within 48 hours after the competition of each session for easy catch-up.