Erik Decker is the Vice President and Chief Information Security Officer for Intermountain Healthcare, a multi-state integrated delivery network based in Salt Lake City, Utah. Erik has 22 years of experience in Information Technology, with 15 years focused on Information Security.
He serves as the Chairman of the Healthcare Sector Coordinating Council’s Joint Cybersecurity Working Group, which is a critical infrastructure public-private partnership organization covering more than 300 organizations and over 600 members. He also co-leads the Department of Health and Human Services (HHS) 405(d) task group focused on implementing the Cybersecurity Act of 2015, 405D legislation within the Healthcare sector. The publication was released in December 2018, titled “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (HICP).
Erik has been awarded the ISE® North America Executive: Academic/Public Sector, and the Chicago CISO of the Year. In 2018 he served as an expert witness to the House Committee on Energy and Commerce, Subcommittee on Health. Erik has a Master of Science in Information Technology from Loyola University in Chicago and a Bachelor’s degree from the University of Illinois in Champaign/Urbana in Cell and Structural Biology.
Julie Chua is the Director of the Governance, Risk Management, and Compliance (GRC) Division within the HHS Office of Information Security (OIS), Office of the Chief Information Officer. Julie established a Department-wide cybersecurity risk management program and spearheaded the integration of cybersecurity into HHS’ Enterprise Risk Management framework. She is responsible for high-priority, high-visibility initiatives including the implementation of Executive Order 14028, Improving the Nation’s Cybersecurity, establishment of the HHS High-Value Asset (HVA) Program for the identification, protection, and prioritization of HHS’ most critical high-value assets, and oversees the HHS FedRAMP and Cloud Security Program. Julie is also the Federal Lead for the implementation of the Cybersecurity Act (CSA) of 2015, Section 405(d): Aligning Health Care Security Approaches. This public-private partnership effort has received awards for excellence and contributions to the Health IT and healthcare industry communities. This is one of many HHS cybersecurity initiatives to help push forward the cybersecurity and resiliency of the Healthcare and Public Health (HPH) Sector.