Agenda – Day 2

Adam Greene is a partner in the Washington, D.C. office of Davis Wright Tremaine and co-chair of its Health Information Group. Adam primarily counsels health care providers, technology companies, and financial institutions on compliance with health information privacy, security, and breach notification rules. Previously, Adam was a regulator at the U.S. Department of Health and Human Services, where he played a fundamental role in administering and enforcing the HIPAA rules. At HHS, Adam was responsible for determining how HIPAA rules apply to new and emerging health information technologies and was instrumental in the development of the current HIPAA enforcement process. Adam has been recognized as one of the top ten influencers in health information security, one of the top 50 healthcare IT experts, and is a frequent speaker and author on health information privacy and security issues.

Jennifer Urban is a partner with Foley & Lardner LLP, where she guides clients in all aspects of preparing for and maintaining compliance with U.S. and global privacy and data security laws as well as counsels them on data protection programs, data incident management, breach response and recovery, data monetization, and other privacy and security issues. She is co-founder of the Midwest Cyber Security Alliance and a Certified Information Privacy Professional/United States (CIPP/US), a global gold standard and key industry benchmark accredited by the International Association of Privacy Professionals.

Mr. Littlefield is a Principal Cybersecurity Researcher and Healthcare Cyber Domain Capability Area Lead at the National Cybersecurity FFRDC within the MITRE Corporation. With over 25 years’ experience in cybersecurity, Mr. Littlefield has held senior information security roles with the Brigham and Women’s Hospital and the Novartis Institutes for Biomedical Research.

Julie Snyder is a Principal Privacy Engineer and the Privacy Domain Capability Area Lead for the MITRE National Cybersecurity Federally Funded Research and Development Center (NCF). She provides privacy and cybersecurity risk management advice to defense, IC, and civilian federal agencies and critical infrastructure industries in the U.S. She has also worked with the Government of Japan to develop and implement its cybersecurity strategy for the Tokyo 2020 Olympic and Paralympic Games. Julie actively contributes to government security and privacy standards, including National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) practice guides, NIST SP 800-37, Rev 2, the anticipated NIST SP 800-53, Rev 5, NIST SP 800-150, and multiple Cybersecurity Framework Profiles. She is also a member of the International Association of Privacy Professionals (IAPP) Professional Faculty.

Mr. Nahra is a partner with WilmerHale in Washington, D.C., where he specializes in privacy and information security litigation and counseling, along with a variety of health care and compliance issues. He is co-chair of the firm’s Cybersecurity and Privacy Practice and Co-Chair of the Big Data Practice. In this role, he assists companies in a wide range of industries in analyzing and implementing the requirements of privacy and security laws domestically and internationally, provides advice on data breaches, enforcement actions, contract negotiations, business strategy, research and de-identification issues and privacy, data security and cybersecurity compliance. He also teaches privacy and data security issues at several law schools, including serving as an adjunct professor at the Washington School of Law at American University and at Case Western Reserve University. In addition, he currently serves as a fellow with the Cordell Institute for Policy in Medicine & Law at Washington University and as a fellow with the Institute for Critical Infrastructure Technology.

Iliana L. Peters is recognized by the health care industry as a preeminent thinker and speaker on data privacy and security, particularly with regard to HIPAA, the HITECH Act, the 21st Century Cures Act, the Genetic Information Nondiscrimination Act (GINA), the Privacy Act, and emerging cyber threats to health data. For over a decade, she both developed health information privacy and security policy, including on emerging technologies and cyber threats, for the Department of Health and Human Services, and enforced HIPAA regulations through spearheading multi-million dollar settlement agreements and civil money penalties pursuant to HIPAA. Iliana also focused on training individuals in both the private and public sector, including compliance investigators, auditors, and State Attorneys General, on HIPAA regulations and policy, and on good data privacy and security practices. As a CISSP, Iliana works hard to bridge the gap between legal requirements for the security of health data and security industry best practices, so that clients can better understand data security issues and jargon.

Donald DePass is a senior associate in the Privacy and Cybersecurity group at Hogan Lovells. Donald counsels clients facing dynamic regulatory environments, primarily in the technology, life sciences and health care, and education sectors. In addition to assisting clients with complex legal matters, Donald helps clients resolve complicated policy issues affecting data privacy and security. In a rapidly evolving marketplace, he provides practical solutions that help clients meet legal and policy challenges and retain consumer trust.

Madeline Gitomer is a senior associate in the Privacy and Cybersecurity group at Hogan Lovells. Whether it is life sciences, research collaboratives, digital health, or technology-driven startups, Madeline regularly advises clients on compliance with various data privacy laws, regulations, and public policy initiatives. Drawing from her Capitol Hill experience, Madeline understands the legislative and regulatory environment around health privacy and helps clients in responding to a dynamic and evolving legal landscape.

Lisa Nee serves as Legal Counsel at Accenture, a Fortune 500 global company that provides information technology related professional services. She currently leads Accenture’s HIPAA Security Rule risk analysis program and supports HIPAA related breach incidents. Prior to working at Accenture, Lisa worked in-house at Google, Genentech, Deloitte Consulting, Accuvant (now Optiv, North America’s largest cybersecurity firm) and Oracle. Lisa is a technologist at heart who has been coding since childhood with a career focused in the field of law and data sciences.

Mark Fox currently serves as the Privacy and Research Compliance Officer for the American College of Cardiology. Mark lead the development of a comprehensive compliance program for the National Cardiovascular Data Registry, the largest cardiovascular registry in the United States. Mark previously worked for MedCath as an Implementation Specialist overseeing the standardization of systems supporting Performance Improvement and Risk Management. Mark supported the opening of five heart specialty hospitals. Mark is an Emergency Medical Technician and holds certifications in Healthcare Compliance, Healthcare Privacy Compliance, and Healthcare Research Compliance.

Thora Johnson chairs Venable’s Healthcare Group. She provides counsel on regulatory, compliance, and business matters impacting healthcare providers, retirement communities, health insurers, group health plans, pharmaceutical and medical device companies, and digital health companies. She has a broad knowledge of traditional healthcare regulatory matters, including HIPAA privacy, security, and breach notification requirements; state health information privacy laws; Medicare/Medicaid compliance; and federal and state fraud and abuse rules. Thora also has extensive experience in health and welfare plan compliance, including ERISA, the tax code, healthcare coverage continuation laws, MHPAEA, GINA, ADA applicable to employer wellness programs, and the ACA.

Lauren serves as AHIMA’s Vice President of Policy & Government Affairs. In this capacity, she is responsible for AHIMA’s advocacy strategy before Congress and various federal agencies. With two decades of healthcare policy experience, Lauren previously worked on Capitol Hill where she was involved in almost every aspect of a congressional office, including serving as Chief of Staff—a position that requires the ability to quickly synthesize multiple issues and adapt to constantly shifting priorities. Lauren received her JD from American University Washington College of Law and BA from Vanderbilt University. She is admitted to practice law in New York.

Chantal Worzala is Principal at Alazro Consulting. An experienced policy expert, she helps provider organizations, associations, technology companies and patient advocates navigate health policy as they transform health and healthcare using digital health tools. She previously served as vice president at the American Hospital Association, where she was recognized as a leading voice for the provider community on meaningful use, interoperability, telehealth and other digital health policy issues. Chantal also worked at the Medicare Payment Advisory Commission.

Katherine Lusk is the Senior Director of Strategic Partnerships for the Texas Health Services Authority. THSA is a public/private partnership with Texas, with a focus on interoperability including public health. Katherine is also an active AHIMA member. Her attention is focused on championing the profession, patient identity, health information exchange, standard development, and information governance. Previous leadership roles include serving on AHIMA President Chair, 2021, Co-lead Epic’s Care Everywhere Governing Council, eHealth Exchange Workgroup Member, ONC Patient Identity Workgroup, TxHIMA President, and the Texas Interoperability Collaborative. She is a sought-after national speaker on information governance, standards, interoperability, clinical documentation improvement, patient identity, leveraging technology and promoting the HIM profession.

Vong Miphouvieng is the senior director of Health Information Management Services Operations and Regulatory Compliance for Texas Health Resources, an integrated health care system with over 350 access points. In his role he develops, communicates and oversees implementation of strategic initiatives involving the EHR, privacy, and regulatory compliance. Vong leads a team that oversees day-to-day operations for release of information, documentation compliance, data integrity, reporting, transcription, and document imagining. He has served in various committee roles with AHIMA, Tarrant County College’s Health Information Technology Advisory, and Dallas-Fort Worth HIMA. Vong has served as the chair for the AHIMA Professional Ethics Committee in 2019 and is serving as AHIMA’s 2021 Program Committee Chair.

Joe Naretto is the Senior Director of Health Information Management for Novant Health, where he is responsible for system-wide leadership and governance for HIM workflows across both the acute and ambulatory environment. His scope includes on-site records management, chart deficiency analysis and audit workflows, transcription, chart corrections, release of information, and oversight and maintenance of the enterprise master patient index. His primary focus has been leading the organization and HIM processes from legacy/hybrid paper record systems into a fully integrated EMR environment, including HIMSS 7 certification and compliance. Additionally, Joe has focused organizational efforts to modernize release of information through centralization and augmentation of traditional ROI workflows with automation.

Kent Sona is vice president of information technology and chief information officer for Methodist Health System. Serving in this capacity, Sona oversees Methodist Health System’s Information Technology Division. He previously served as the director of infrastructure and chief technology officer. During his time at Methodist, he has been instrumental in establishing the current and long-range vision of the health system’s information technology infrastructure and strategy, keeping Methodist at the forefront of technological change. Sona has more than 18 years of experience obtained at a variety of organizations, including a role as IT project manager at HDR and director of information services at West Corporation. Sona also served our nation with an impressive nine year career in the United States Army as both an information systems operator and combat medic. Sona is an experienced project management professional (PMP). He currently serves on the board of the Iowa Rural Health Telecommunications Program (IRHTP).

Beth Zuehlke is Senior Vice President of Customer Success at Moxe. She has over 20 years of leadership experience in healthcare technology, consulting, project management and sales. Her healthcare IT experience started at Epic and includes senior leadership roles at Evergreen Healthcare Partners and healthfinch. Beth also was the president of a Madison based project management and IT consulting company.