Cybersecurity in Healthcare: How can you protect your organizational reputation?


Do you have a plan in place for when your hospital or healthcare organization is hit by significant and potentially crippling cyber-attacks? The IHF’s Harnessing Big Data Special Interest Group hosted a lunch and learn session focused on how CEOs and other C-suite executives can prepare effective strategic communications prior to, during and after a cyber-attack – to help minimize the negative impact on your reputation. 


Recent studies indicate that healthcare providers experienced nearly 700 data breaches or cyber-attacks in 2021, with the majority being ransomware. A further emerging trend suggests that most attacks now include exfiltration of patient data, staff personal information, vendor services, and even medical devices. In addition to the ‘technical’ and ‘operational’ aspects of preparing for, responding to, and recovering from a cyber-attack, healthcare organizations also need to develop an effective, proactive strategic communication plan.


If you are a clinical or managerial executive in a hospital system with responsibilities and decision-making accountabilities for strategic communication initiatives or you have an interest in crisis communications in healthcare, watch the recording of this virtual event!


Chaired by David Levine, Group SVP, Advanced Analytics & Product Management at Vizient Inc., this interactive lunch and learn featured a mix of live presentations and panel discussions. Along with an insider panel of health system leaders, they tackled:


  • The state of cybersecurity in healthcare
  • COVID-19, crisis communications, and cybersecurity
  • Good practices in crisis communications and strategies related to breaches
  • Practical guidance for healthcare organizations



David Levine 

Group SVP, Advanced Analytics & Product Management, Vizient Inc. 


Blending clinical leadership and informatics experience, David is responsible for driving key initiatives for Vizient, including growing the Center for Advanced Analytics, leading the development of risk-adjustment methodologies and increasing engagement of physicians and other clinicians. The Center brings together analytics from multiple clinical and operational offerings to provide insights to members across the continuum of care. David joined the company in 2010 after serving as medical director of the emergency department at John H. Stroger Jr. Hospital of Cook County in Chicago. He also served as a physician leader for information technology. David earned a doctor of medicine degree from the Northwestern University Feinberg School of Medicine and a Bachelor of Science degree in psychology from the University of Michigan. He is an Assistant Professor of emergency medicine at Rush Medical School in Chicago and a Fellow of the American College of Emergency Physicians. 


Lynn Sessions

Partner, Baker Hostetler


Lynn Sessions leads the BakerHostetler Healthcare Privacy & Compliance team in the Digital Assets & Data Management Group & is co-lead of the Healthcare Industry Team. She focuses her practice on healthcare privacy & data security, breach response, regulatory defense, and HIPAA compliance.

Drawing from her in-house experience at Texas Children’s Hospital, Lynn collaborates closely with healthcare clients and approaches her legal representation from a client’s perspective. She has handled more than 900 cybersecurity incidents and over 500 OCR investigations. Lynn completed her undergraduate studies at Texas A&M University and received her law degree from Baylor University School of Law, where she was honored in the Order of Barristers. Lynn is ranked by Chambers as a leading healthcare attorney in the State of Texas and in healthcare privacy nationally and globally. She was also awarded a Burton Distinguished Writing Award at the Library of Congress for her article, “Anatomy of a Healthcare Data Breach,” was named a Trailblazer in Cyber Security by the National Law Journal, and was designated as one of the Top 25 Women in Healthcare (Houston) by the National Diversity Council.

Michael Ash Bio


Michael A. Ash, MD, FACP

Executive Vice President, Chief Transformation Officer, Nebraska Medicine

Vice Chancellor, Information and Technology, University of Nebraska Medical Centre


Dr. Michael Ash is the Executive Vice President and Chief Transformation Officer at Nebraska Medicine and he serves as Vice Chancellor of Information and Technology at the University of Nebraska Medical Center. He oversees information technology, information security, quality, safety and clinical effectiveness. He also has responsibilities for marketing, patient experience, process improvement and telehealth.

With more than twenty years of experience in health information technology, Dr. Ash has led the development of IT infrastructure and implementation of electronic health records in academic medical centers and health systems across the globe. His experience includes several positions with Cerner including Chief Medical Officer and vice president for physician strategy and innovation.

Prior to joining Cerner, Dr. Ash worked as an internal medicine physician. Dr. Ash graduated with a Bachelor of Science in pharmacy and went on to earn his medical degree from the University of Missouri at Kansas City. He completed his internal medicine residency at Baylor College of Medicine in Houston.


David Willis

Senior Information Security Officer, Lancashire & South Cumbria Health & Social Care Partnership, UK National Health Service (NHS)

David is an Information Security Professional with over 40 years’ experience, and holds a degree in Computer Science and Masters in Forensic Computing From The University of Bradford. CISSP and CISM Certified, David is Joint Chair of the NHS Cyber Associates Network Development Group and Chair of the iNetwork Enhanced Information Sharing and Security workstream.


David started in digital with punched cards and paper tape, lived through the “home computer” and “personal computer” revolutions,  spent ten years as director of a company specialising in paper to digital conversion, assisting global companies to digitise their workspaces. He has worked in the UK National Health Service (NHS) since 2006, starting as a security analyst working for the National NHS Programme for IT. David has worked in primary, secondary and mental health organisations, and has been working as a regional head of cyber in the NHS since December 2019.


David believes that cyber security is a “wicked” problem, as it is not just about technology, it also encompasses the WHOLE business not just IT. He firmly believes that given appropriate information and integrated intelligent technologies we can start to make a difference, but is also aware that the cyber game is evolving at a rapid pace: ‘the real cyber threats we face can completely take over” an organisation less than 8 minutes’.


We at the International Hospital Federation would like to thank our Premier Member, Vizient Inc., for their contribution to organizing this event.