End the Questionnaires Simplifying the Healthcare TPRM Process - In Person

You are invited to join the ISACA Middle Tennessee Chapter on Thursday October 26, 2023 from 11:00 AM - 12:30PM CST.

Event Summary: End the Questionnaires - Simplifying the Healthcare TPRM Assessment Process

• Digital investment is at an all-time high, and care models are shifting. That rise in digital investment has led to a corresponding rise in vendor relationships.

• evident by the 1300+ vendors that the average hospital relies on. That number is significantly higher for larger healthcare systems.

• With more vendors, naturally comes more risk, which is illustrated by the next 2 #s

• 69% experienced a breach tied to vendor network access

• 50 million Americans impacted by health data breaches in 2022 – the number that seems to rise every year

• The healthcare industry is aware of the problem (which maybe wasn’t the case 5 years ago) – Spending $237 billion on third party risk

• despite all the investment in this space, about 1/3 of providers don’t think they can prioritize risk and nearly half still don’t have an inventory

• Rethinking and simplifying the TPRM Process

Questions? Email Annette Miller (amiller@oakridgeamc.com).

Speaker(s): Matthew Webb, Chief Product Security Officer, HealthTrust

Date/Time: Thursday, October 26, 2023 from 11:00AM - 12:30PM CST

Location/Delivery: The presentation will take place at CGI (6640 Carothers Parkway, Suite 400, Franklin, TN 37067).

Lunch will be provided from 11:00AM - 11:30AM CST and the presentation will begin promptly at 11:30AM CST.

Learning Objectives: In this session, we’ll discuss and learn about simplifying the healthcare TPRM assessment process.

Prerequisites: None

Advanced Preparation: None

Program Field of Study: Information Technology

Program Level: Basic/Beginner

CPE Credits: Up to 1 hour of credit will be issued.

The Middle Tennessee Chapter of ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org.

Refunds/Cancellations: Due to this program being offered free of charge, there will be no refunds issued.

Complaint Resolution: For any complaint regarding this event please contact Annette Miller (amiller@oakridgeamc.com).

Speaker Bio:

Matthew Webb serves as HealthTrust’s Chief Product Security Officer. In this role, he is tasked with developing a supplier security program to support HealthTrust, its members, and suppliers to protect systems and patient data.

He is an accomplished IT professional with over 20 years of experience in leadership, infrastructure, information security, compliance, project management, and process improvement. Possessing strong technical and business acumen, Webb has demonstrated the ability to apply innovative ideas to solve complex problems while satisfying technical and business needs. He brings capabilities in all ten security domains with a significant focus on identity and access management, breach notification and incident response leadership, and international healthcare regulatory compliance.

Born and raised in Nashville, Webb joined HCA Healthcare in 2001 as part of the technical integration team. In 2005, he joined the HCA Information Protection & Security as part of the Information Security Consulting Team. 2008, Webb helped establish a Healthcare-focused, technology consulting firm. He services several roles, including Vice President of the Information Security Practice. In 2015 he returned to HCA and relocated his family to London to serve as HCA Healthcare International’s Chief Information Security Officer. In that role, he was focused on controls and processes to support the General Data Protection Regulation (GDPR).

Webb received a Bachelor’s Degree in Management Information Systems from Aquinas College. He has earned several professional certifications throughout his career, including the SANS GSEC GIAC Security Essentials and, most recently, the Sherwood (SABSA) Security Architecture Foundation Certification