The Computer Science Department, in collaboration with the Institute for Information Assurance at IUP, will host the second annual Information Assurance Day on November 5, 2009, from 9:00 a.m.– 4:30 p.m., in the Susquehanna Room in the HUB at IUP.
9:00 – 10:15
Greg Porter, founder of Allegheny Digital, a Western Pennsylvania based security and privacy services company specializing in Network Infrastructure Security, Digital Forensics, Regulatory Compliance, and Enterprise Risk Management.
“Current and Emerging Threats to Health Care Information Security”
10:15 – 10:30
10:30 – 12:00
Will talk about digital forensics. Full title and abstract of presentation will be available soon.
1:30 – 2:45
Connetta Salanitro, Senior Risk Analyst for PNC Bank
“eDiscovery - ESI... the new DNA”
2:45 – 3:00
3:00 – 4:30
Eric Smith, VP; Sr Tech Mgr, Information Security Engineer, Enterprise Information Management, Information Protection Consulting, Bank of America.
“Elements of an Effective Information Assurance Program”.
The theft of intellectual property and sensitive medical information continues to escalate in 2009, as issues of health care information security and privacy are closer to the legal and regulatory forefront than ever before. Recent legislative changes combined with an evolving threat landscape that specifically targets patient data may expose health care organizations to the risk of losing revenue, workforce member productivity, patient care relationships, and market reputation. Please join us for a substantive overview of information security risks that are creating a direct and material impact on U.S. health care entities.
This presentation will cover the amendments to the Federal Rules on Civil Procedure regarding eDiscovery and the impact they have on both the corporate, security, and technology policies and procedures around the electronically stored information.
Managing an Information Assurance Program of any size requires certain components in order to ensure success. This presentation focuses on some of the challenges that organizations face with Information Assurance, and how to overcome those challenges through policy, education, enablement, and enforcement.
Greg Porter is an Adjunct Professor at the H. John Heinz III College at Carnegie Mellon University where he teaches information security and privacy related subject matter within the college's expanding graduate level health care programs. Mr. Porter is the founder of Allegheny Digital, a Western Pennsylvania based security and privacy Services Company specializing in Network Infrastructure Security, Digital Forensics, Regulatory Compliance, and Enterprise Risk Management. For the past several years, he has both led and delivered comprehensive assessment activities that monitor, test and audit the effectiveness of information system security, risk managed governance and controls, and legislative conformance. His professional experience includes assisting clients in the health care, pharmaceutical, utilities, higher education, manufacturing, and financial service industry segments.
Prior to starting Allegheny Digital, Mr. Porter led the Mid Atlantic Information Protection & Business Resiliency Practice for KPMG LLP where he assumed various responsibilities ranging from Technical Lead to Project Manager. Preceding KPMG, he served in various management and consultative roles within Capgemini Ernst & Young’s Information Security Services Practice. While there, he conducted risk based assessments against ISO/IEC 27001, the Health Insurance Portability & Accountability Act (“HIPAA”), Sarbanes-Oxley, the Gramm-Leach-Bliley Act (“GLBA”), the North American Electric Reliability (NERC) Cyber Security Standards and various state based data privacy regulations.
Mr. Porter holds a Bachelor of Science degree in Chemistry from the University of Pittsburgh, a Master of Science degree in Information Technology (Information Security Concentration) from Carnegie Mellon University, and a Master of Science degree in Health Care Policy and Management (Highest Distinction) also from CMU. In addition, he maintains several information security related certifications and is a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM).
Connetta Salanitro, a CISSP, is a Senior Risk Analyst for PNC Bank. She began her career with Natnal City (now a part of PNC) over 13 years ago taking on several different technical roles from application scripting to senior unified messaging analyst. In the last 5 years she has focused on managing e-Discovery, 3rd Party Assessment, Offshore Security Governance, and Workstation/Application/Messaging control design. She is active in Cleveland's local security community and is a current member, and former board member, of the Northeast Ohio Information Security Forum.
Download the original program