Back to All Events

HITRUST Third Party Assurance Summit 2018

  • Hyatt Regency O’Hare, Chicago, IL (map)

The 2018 HITRUST Third Party Assurance Summit will be held February 20-21, 2018 at the Hyatt Regency O’Hare, Chicago, IL.

Third-party assurance is a crucial component of any organization’s risk management program. Developing and implementing an effective program, given the increased regulatory oversight, reliance and complexity of outsourced relationships and evolving threat landscape, is a challenging task – and one that requires alignment and support internally and with business partners.

By engaging, partnering and coordinating with third parties in the risk management process, versus imposing redundant and inconsistent assessment and reporting requirements, greater efficiencies and improved partner relations can be gained, and appropriate risk management can be ensured.

To facilitate this engagement and partnership, HITRUST regularly convenes the HITRUST Third Party Assurance Summit.

Please click here to learn more

Download the summit brochure (PDF)

Still not convinced? Here are 5 more excellent reasons to attend:

  1. Collaborate with Other Organizations in the Ecosystem – Meet top CISOs and other subject matter experts representing customers, third and fourth parties
  2. Third-party Risk Management – Learn first-hand best practices for implementing a third-party risk management program
  3. Leveraging HITRUST for Third-party Risk Management – Learn how to “Assess once and report many”
  4. The Industry is Evolving – Keep up to speed with the latest state, federal and international impacts to third-party risk management
  5. Prepare for the Future – Learn what’s next from HITRUST and industry partners, including updates on GDPR, BASICs, the HITRUST Threat Catalog and more.


  • Ryan Sawyer Staff VP, Technology Risk & Vendor Security Oversight, Anthem
  • Debbie Hutchinson Director - IT Audit & Third Party Assurance, Availity
  • Pete Naumovski Vice President & CISO, Blue Cross Blue Shield Association
  • Mike Swyt VP, Information Security Risk Management, Change Healthcare
  • Andrew Hicks Managing Principal, Healthcare and Life Sciences, Coalfire
  • Rick Gilmore Information Security Officer, Cognizant Technology Solutions
  • Phil Curran Chief Information Assurance & Privacy Officer, Cooper University Health Care
  • Lori Meals Director of Compliance, Datica
  • Mark Jacobs CIO, Delaware Health Information Network
  • Scott Taylor Partner, Audit & Enterprise Risk Services, Deloitte & Touche LLP
  • Brenda Magri Director, Risk Management, Fiserv
  • Jutta Williams Program Manager - Health Research, Google
  • Doug Peterson CISO, Great-West Financial
  • Brenda Callaway Divisional VP, Information Security Risk Management, HCSC
  • Omar Khawaja CISO, Security & Risk Managment, Highmark Health
  • Tim Belardi Director, GRC Technology & Third Party Risk Management, Highmark Health
  • Daniel Nutkis Chief Executive Officer, HITRUST
  • Ken Vander Wal Chief Compliance Officer, HITRUST
  • Michael Parisi Vice President, Assurance Strategy & Community Development, HITRUST
  • Chetana Sankhye Director - Vendor Risk Management & Technology Management, Kaiser Permanente
  • Hector Rodriguez Worldwide Health CISO, Microsoft
  • Christie Hall Program Manager, Division of Healthcare Innovation, NY State Department of Health
  • Lee Penn Chief Financial Officer & Chief Compliance Officer, PDHI
  • Adrian Christie Risk Assurance Director, PwC Bob Smith Senior Manager, Technology Compliance, Salesforce
  • Bryan Sheehan Senior Director, Enterprise Information Security, UnitedHealth Group
  • John Houston VP, Privacy and Information Security & Associate Counsel, UPMC
  • Kirk Nahra Partner, Wiley Rein, LLP Taylor Lehmann CISO, Wellforce, Tufts Medical Center
Later Event: February 22
Cybertech Latin America