Pell Center

Widespread vulnerabilities in America’s healthcare industry have left hospitals, insurance companies, and other providers exposed to an ever-increasing number of cyber attacks that target sensitive medical records and leave untold millions of patients at risk for identity theft.

A panel of experts will share tips and advice on how the healthcare industry and individuals can prevent, respond to, and mitigate cyber threats, as well as provide a unique perspective on the overall costs of failed compliance and compromises when Salve Regina’s Pell Center hosts an executive seminar, “Risks and Cyber Threats to the Healthcare Industry,” on Thursday, April 14 from 9-11 a.m.

The event will be held at the Pell Center (corner of Bellevue and Ruggles avenues) and is open to all healthcare providers and operators in Rhode Island, as well as members of RICCI (Rhode Island Corporate Cybersecurity Initiative). Registration is required. Interested participants are asked to RSVP by April 13 by calling (401) 341-2371 or emailing

“Media headlines in recent months have shown an increased number of cyber attacks targeting the healthcare industry and growing theft of individuals’ identities stolen from hospital, healthcare insurance companies, and other systems that manage medical records,” says Francesca Spidalieri, senior fellow for cyber leadership at the Pell Center. “According to reports, over 30 million Americans have already had their personal health information breached or accidentally disclosed since 2009, and these trends are expected to grow in the upcoming years due to the lack of security of the majority of medical systems.”

Healthcare companies are especially vulnerable to cybercrime because of all the protected health information stored in their databases, and the fact that medical identities have become a precious commodity on the black market, more valuable than financial identities. What makes that really worrying, Spidalieri says, is that we all interact with healthcare but when it comes to cybersecurity, companies operating in the healthcare industry are by far the most porous and least prepared ones. Compliance to existing laws and regulations is not equivalent to security, she warns.

“As the healthcare industry in Rhode Island moves towards electronic health records, increased interoperability and mHealth [mobile health] developments, cybersecurity is becoming an increased organizational concern, especially after the high profile health data security breaches at Anthem and Premara Blue Cross,” Spidalieri says.

Expert panelists participating in the April 14 session include:

  • -Ellen Giblin, privacy officer at Boston Children’s Hospital & Foundation.
  • -Ken Mortensen, senior managing director of cybersecurity & privacy at Pricewaterhouse Coopers (PwC).
  • -Don Ulsch, senior managing director of cybercrime & breach response at PwC.
  • -Michael Sullivan, partner at The Ashcroft Group and former U.S. Attorney for the District of Massachusetts.
  • -Daniel Gortze, security systems senior manager, Incident Response & Forensics Consulting for Dell SecureWorks.
  • -Kathleen Hittner, Rhode Island Health Insurance Commissioner.
  • -Matt McMahon, senior laboratory informatics technician at Siemens Healthcare.