Agenda – Precon/Day 1

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudia Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others.

Adam Greene is a partner in the Washington, D.C. office of Davis Wright Tremaine and co-chair of its Health Information Group. Adam primarily counsels health care providers, technology companies, and financial institutions on compliance with health information privacy, security, and breach notification rules. Previously, Adam was a regulator at the U.S. Department of Health and Human Services, where he played a fundamental role in administering and enforcing the HIPAA rules. At HHS, Adam was responsible for determining how HIPAA rules apply to new and emerging health information technologies and was instrumental in the development of the current HIPAA enforcement process.

Adam has been recognized as one of the top ten influencers in health information security, one of the top 50 healthcare IT experts, and is a frequent speaker and author on health information privacy and security issues.

Serena Mosley-Day is the Acting Senior Advisor for HIPAA Compliance and Enforcement, Office for Civil Rights (OCR), the U.S. Department of Health and Human Services (HHS). Serena has been with OCR since December 2013 and is the lead for HIPAA enforcement in the Agency. Prior to this, Serena served as the Deputy Regional Manager, Southeast Region. As Deputy Regional Manager, Serena was responsible for developing regional strategies for investigation, compliance reviews, outreach, and technical assistance. Serena also served as the lead negotiator for high impact HIPAA cases in the Southeast Region. OCR is responsible for enforcing the HIPAA Privacy and Security Rules as well as for enforcing federal laws and regulations that prohibit discrimination, on the basis of race, color, national origin, disability, age, sex and religion. Prior to joining HHS/OCR, Serena was an attorney at the Social Security Administration and a Supervisory Attorney for the U.S. Department of Education, Office for Civil Rights.

Roger Severino is the Director of the Office for Civil Rights at the U.S. Department of Health and Human Services. Prior to joining the Department, Mr. Severino served as Director of the DeVos Center for Religion and Civil Society in the Institute for Family, Community, and Opportunity at The Heritage Foundation.

Before joining Heritage in 2015, Mr. Severino was a trial attorney for seven years in the Department of Justice’s Civil Rights Division where he enforced the Fair Housing Act, the Religious Land Use and Institutionalized Persons Act, and Title II and Title VI of the Civil Rights Act of 1964.

He has litigated cases under sex, race, national origin, religion, disability, and familial status discrimination and served as the Housing and Civil Enforcement Section’s E-discovery officer as well as attorney advisor to the fair housing testing program.

Mr. Severino was previously chief operations officer and legal counsel for the Becket Fund for Religious Liberty.

Molly Crawford is the Chief of Staff in the FTC’s Division of Privacy and Identity Protection, where she works on policy, legislative, and educational efforts relating to privacy, data security, and technology. Previously, Ms. Crawford worked as a senior attorney in the division, where she led investigations into companies’ privacy and data security practices, including the Commission’s cases against TJX, ChoicePoint, and DSW. Ms. Crawford has also served as senior advisor to the Director of the FTC’s Bureau of Consumer Protection, and counsel to the U.S. Senate Committee on Commerce, Science, and Transportation, where she advised on privacy, data security, and other FTC-related matters.

Leon Rodriguez is a partner at Seyfarth Shaw LLP and is a founding member of the firm’s Immigration and Compliance Specialty Team, chair of the firm’s Health Care Regulatory and Compliance Affinity Group, and a co-chair of the Health Care Privacy, Security and HIPAA Affinity Group.

Previously, he served as the Director of the Department of Health and Human Services, Officer for Civil Rights and director of U.S. Citizenship and Immigration Services. Leon served as a Deputy Assistant Attorney General and Chief of Staff of the Civil Rights Division of the Department of Justice, and was the County Attorney for Montgomery County, Maryland.

Leon was also an attorney at Ober, Kaler, Grimes & Shriver from 2001 until his appointment as County Attorney, specializing in white collar criminal defense and health law.

Mitchell Berger serves as a Public Health Advisor for the Substance Abuse and Mental Health Services Administration where he contributes to the agency’s work on such topics as mental health and substance use disorder integration and finance, regulation review, Block Grants, 42 CFR Part , international affairs and human immunodeficiency virus. Prior to joining SAMHSA, Mr. Berger worked as a Senior Policy Analyst/Consumer Safety Officer for the Food and Drug Administration and a Public Health Planner for local health departments.

Fouad Khalil is the Head of Compliance at SecurityScorecard and is responsible for internal and external compliance programs, auditor education, alignment with industry best practices and global sales support. With extensive experience in the technology space with more than 25 years spanning disciplines in software development, IT support, program and project management and most recently IT Security and Compliance management, Khalil’s career path in technology has provided him with keen insights in the areas of network, system and database administration, software programming, system, software and GUI design, project and product development, solution implementation and much more. For nearly the past two decades, Khalil has focused on data security, security investigations, security training and awareness, and security compliance– serving as an industry expert in key areas such as Information Technology, National Institute of Standards and Technology, Internal Controls over financial reporting, Sarbanes-Oxley, PCI DSS, HIPAA and HITECH. Khalil holds a Bachelor’s degree in Electrical and Computer Engineering from Marquette University and CISA and ITIL Foundations certifications. Additionally, he is an active member/contributor in ISACA, IIA, Infragard, ISSA, and ISC2.

Jana Aagaard is specializes in health care law, with emphases in health information privacy and technology and clinical research. Since 2002, she has worked for Dignity Health (formerly named Catholic Healthcare West) both as in-house counsel and of counsel. Dignity Health is the largest nonprofit health system in the western United States, with 39 hospitals in California, Arizona and Nevada. Ms. Aagaard is currently the lead attorney at Dignity Health for all health privacy issues; she advises Dignity Health on all aspects of state and federal health information privacy compliance requirements, health information exchange, the federal Electronic Health Record Incentive Program (“Meaningful Use”) and emerging health technologies.

Ms. Aagaard was an associate at Luce, Forward, Hamilton & Scripps in San Diego, CA before becoming in-house counsel at Sharp Healthcare (San Diego) in 1999.

Shauna Van Dongen is the Chief Privacy Officer of Providence St. Joseph Health, a Catholic health system with 115,000 employees, 50 hospitals and over 300 physician clinics. She oversees the privacy compliance program and proactive privacy monitoring for the entire system.. She advises on numerous privacy-related laws, including HIPAA, HITECH, and state health privacy and breach notification laws. Shauna received her JD from the University of British Columbia and worked for the Attorney General of British Columbia where she specialized in freedom of information and privacy protection law. She has also worked as a research fellow and publications director at the Electronic Privacy Information Center (EPIC) a public interest research center in Washington D.C., and as contributing editor for Privacy Journal, a monthly publication devoted to information and privacy issues.

Kimberly Gray is an attorney and is the Global Chief Privacy Officer of IQVIA. She is responsible for the company’s privacy and data protection strategy. Gray serves on the Executive Council of HITRUST, the Advisory Board of the Future of Privacy Forum, the Governing Board of the Philadelphia CISO Association, the Centre for Information Policy Leadership, the Ethics Committee of the European Pharmaceutical Research Association, and the Confidentiality Coalition of the Healthcare Leadership Council. She has served on the Board of Directors of the International Association of Privacy Professionals. She has taught as an adjunct professor at law school and master’s program levels, and she lectures frequently on privacy and data protection issues.

Sheetal is an information security leader with expertise in information security management, IT risk governance and management, cyber-security tools and techniques, audit and investigation of physical and information systems and networks, business continuity, security awareness education and metrics, data privacy and compliance.

Certified in Information Privacy, Information Systems Audit, Security and Risk Management and Healthcare Compliance (CIPP/US, CISA, CISSP, CRISC, GIAC GSEC and CHC), Sheetal also has numerous product-specific certifications. including expertise in NIST risk management, COBiT information assurance and HITRUST frameworks.

Kimarie Stratos serves as Senior Vice President, General Counsel and Chief Privacy Officer for Memorial Healthcare System (“Memorial”). As General Counsel, Ms. Stratos oversees legal, privacy, and risk issues for the entire hospital system, which includes Memorial’s six hospitals and numerous primary care and outpatient centers. As Chief Privacy Officer, Ms. Stratos works collaboratively with Memorial’s Information Technology Department to constantly monitor and assess system-wide cybersecurity and data privacy practices, policies, and risks. Ms. Stratos is a frequent speaker, on the topics of cyber security, data privacy and enterprise risk.

Jim Koenig is the Co-Chair of our Privacy & Cybersecurity Practice. His practice focuses on advising emerging startups to Fortune 100 companies on a range of issues, including global privacy compliance, security/cybersecurity and breach response, data use policies and regulatory investigations and enforcement actions or class-action litigations relating to privacy and cybersecurity practices. Jim also has extensive experience helping companies with new and emerging technologies and co-founded the International Association of Privacy Professionals (IAPP).

Prior to joining Fenwick & West, Jim worked in the Privacy and Cybersecurity Practice of an AmLaw 100 firm, built and globally led the privacy practice and co-led the security response and data management practices at PricewaterhouseCoopers and Booz Allen. Jim has held senior marketing, management and legal positions at QVC, MaMaMedia.com (a children’s education internet start-up) and is also a named inventor or co-inventor on six patent applications relating to security and privacy-enhancing technologies.