12:05 - 12:25 pmSaturday, September 26
Plenary Hall
Will your healthcare data "Play in Peoria?"
Plenary Hall
Will your healthcare data "Play in Peoria?"
Vice President and Managing Consultant for Healthcare and Security Risk , Redspin
This presentation will pose a question that should be simple but is not: who is using my healthcare information? In the first half we will discuss the myriad ways healthcare data is being manipulated through... Read more


This presentation will pose a question that should be simple but is not: who is using my healthcare information? In the first half we will discuss the myriad ways healthcare data is being manipulated through distribution, analysis and profiling outside of the healthcare profession and community, much of it through mHealth, web applications, targeted advertising and marketing. 

The second half will address security best practices on both sides of the coin – the ePatients on one side and technology professionals on the other. The intention is to discuss mitigating strategies that are unique to each, and the transparency that is needed in order to better align the goals of both sides:

1. The ePatients and consumers who need to ensure the integrity and security of their own health and identity information, in order to guard against medical record and identity theft. Specific strategies for safeguarding one’s personal data will be presented, such as identifying social engineering tactics and understanding how to lock down privacy controls in social media.

2. Entrepreneurs and professionals, especially those in the technology and marketing fields, who need to carefully balance building a profitable business model while complying with numerous state and federal regulations. The security strategies for this audience will be focused towards technology startups in web/mobile app development, social media and cloud services.

It has become too often that we hear about another health system reporting a breach of medical records numbering in the millions, and it is because a medical record and health profile is more valuable than you may realize. Even when medical information is shared in a beneficial capacity, it leads to an exponentially increasing security risk that your healthcare data – and your identity – will be breached. The next wave of healthcare data breaches will not be from hospitals and health systems, it will be from Silicon Valley to Wall Street and Madison Avenue.

Join one of the leading experts nationally in healthcare IT security, and the Vice President and Managing Consultant of a healthcare-focused security consulting firm, to discuss how your health data is mined and distributed, and the methods to mitigate the inherent security risks from these practices. This insight is derived from conducting IT security consulting engagements for over 25 hospitals, including two of the top ten in the U.S., and dozens of business associates in technology, revenue cycle and marketing. 

Christopher Campbell directs the overall management and partner development of the Healthcare and Security Risk practice for Redspin a healthcare-focused IT security firm based in Santa Barbara. As the senior-most consultant for Redspin he provides the C-suite with expertise in HIPAA, cloud services, privacy, and security risk assessment methodologies that take a holistic view of information security compliance and best business management practices.

Prior to joining Redspin he was the IT Risk Manager for BBVA Compass Bank, the 15th largest US bank by deposit size. While at the bank he created a comprehensive enterprise IT risk assessment program comprising application security, identity management and GLBA privacy compliance. In addition to the risk assessment program he was also responsible for creating and managing sustainable PCI and Sarbanes-Oxley compliance for the bank. Previously in his career he performed IT and financial audits for the University of Alabama Healthcare System and developed the Sarbanes-Oxley IT compliance program for Protective Life Insurance Corporation.

Christopher earned a Master of Business Administration and a Bachelor of Science in Psychology from Mississippi State University, and now serves on the MBA Advisory Board at the MSU College of Business. He was awarded the Certified in the Governance of Enterprise IT by ISACA in 2008.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search