Allison Miller

VP of Global Enterprise Information Security
UnitedHealth Group/Optum

Allison Miller Vice President of Enterprise Information Security Office UnitedHealth Group/Optum Allison Miller serves as the Vice President of UnitedHealth Group’s Enterprise Information Security Office. Allison has accountability for the Enterprise Information Security Officers for the Group, Security Incident Response/Technical Investigations and Security Policy and Global Cyber Regulatory Programs, Remediation, and Supplier Oversight. Prior to her role with the Enterprise Information Security Office, Allison served as the Director of Compliance for UnitedHealthcare, Privacy Officer for OptumHealth and Deputy Privacy Officer, Privacy Director for UnitedHealthcare. In addition to Privacy and Security, Allison has over 20 years of experience in health information systems and crisis management. During her tenure at UnitedHealth Group, Allison developed systems to identify the gaps in care and predict health outcomes for individuals with chronic conditions. Allison is a volunteer EMT and First Responder in the State of Louisiana serving residents during Hurricanes Katrina and Isaac. Allison’s undergraduate (BA) studies were in Political Science and Sociology; she has completed Executive Education & Management post college; she has also completed the SANS GIAC Security Essentials Certification, SANS Law of Fraud Certification and ISACA Information Security Management Certification. She was part of the cohort that authored and attained the ISC2 Healthcare Information Security and Privacy Professional Certification and holds her HCISSP. Allison continues to volunteer her time across organizations to help raise the level awareness regarding the emerging cyber security landscape and the threats they present to patient care globally.

Check out the incredible speaker line-up to see who will be joining Allison.

Download The Latest Agenda

Day One: Sunday, May 19, 2019

Sunday, May 19th, 2019

10:55 AM Holistic Threat Management- Minimizing Threats and Increasing Resilience

Healthcare has many connected points- a much larger attack surface than any other vertical. Confidential patient data is often accessible to multiple care providers, both in clinical/research settings and online, and through different devices. Patient care takes precedence over security. Organizations need to establish holistic risk management programs that safeguard electronic health information along with other sensitive and proprietary data.

Security involves a deliberate, multi-layered approach across payers, providers and medical suppliers. This includes process improvement, user training, and better integrating existing technologies. Basic cyber hygiene is at the core including: blocking and tackling, firewall logging, password protection, access management, email security and authentication controls. Some emerging cyber tools enhance productivity, (which includes single-sign on to control access and identity management) -- and simplifies workflows and increase time on work tasks.

Executives must learn and keep in balance the interests of stakeholders, the mission, asset value and the real impact of an attack. Breaches will happen; the focus needs to be how the organization should minimize disruptions, handle ransomware and other attacks including proactive incident response and business continuity measures. Efforts to automate include integrating emerging technologies with existing security tools and bolstering processes to protect from human errors and insider threats. Executives must convey security is a continued enterprise investment.