AEHIS Names Erik Decker 2019 Health Information Security Innovator of the Year

PHOENIX, AZ, Nov. 4, 2019 – Erik Decker, the chief information security and privacy officer at University of Chicago Medicine, faced a daunting task in 2017 when he was asked to serve as the industry lead and co-chair of the 405(d) Task Group. His job, along with government lead and co-chair Julie Chua, was to bring a diverse mix of more than 150 healthcare and cybersecurity experts together to develop and draft a cybersecurity toolkit. Not just any report but a consensus-based report that organizations of any size could use to strengthen their cybersecurity posture.

In 2018, the 405(d) Task Group released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients, or HCIP. The four-part document offers straightforward, consensus-based guidelines, best practices and methodologies that peers say is innovative in its reach, simplicity and long-term impact on the healthcare industry. It aligns with key regulatory and framework guidance, too, allowing for seamless implementation. The HHS 405(d) Task Group is still active, with new materials due out at the end of the year and a brand new resource on the scale of HCIP slated for 2021.

Decker’s innovative approach is considered a model that others can use to build consensus, consolidate insights and produce a practical resource for a diverse group of users. His achievements have earned him the Association for Executives in Healthcare Information Security’s (AEHIS) inaugural Health Information Security Innovator of the Year title. The award was announced today at the AEHIS Fall Summit in Phoenix.

“AEHIS is ecstatic that Erik Decker has been selected as the organization’s Innovator of the Year,” said Carter Groome, chair of the AEHIS Education and Professional Development Committee. “Erik’s selfless leadership and contribution to the 405(d) HICP publication stands to benefit the healthcare community and consumers at large. By providing clear and practical, sized-based counsel to health executives and security practitioners dedicated to reducing risk, Erik’s contribution is truly innovative.”   

Decker currently is a member of the Executive Council of the Healthcare Sector Coordinating Council’s Joint Cybersecurity Working Group. He served as the chair of the AEHIS Board in 2018, AEHIS Board vice chair in 2017 and chair of the AEHIS Public Policy Committee in 2017. He has provided testimony to a congressional subcommittee,  participated in two roundtables held by congressional staffers that focused on medical device security and has been a presenter at conferences hosted by AEHIS, the College of Healthcare Information Management Executives (CHIME, which launched AEHIS in 2014) and other professional associations.

“I have had the privilege to work with many talented cybersecurity leaders, both in the private sector and in government,” Decker said. “We all are constantly learning, sharing and innovating to stay ahead of bad actors. It is an honor to be recognized by my peers, and to be named AEHIS’ very first Health Information Security Innovator of the Year.”