Julie joined the Governance, Risk Management and Compliance (GRC) Division within the Department of Health and Human Services (HHS) Office of Information Security (OIS) as the Manager of the Risk Management Program in October 2015. She established the Department-wide enterprise risk management program. Julie leads high visibility initiatives including the identification and protection of HHS’ most critical high value assets, the DHS Continuous Diagnostics and Mitigation (CDM) Program, and the HHS FedRAMP Cloud Sponsorship Program. Julie is the Federal Lead for the implementation of the Cybersecurity Information Sharing Act (CISA) of 2015, Section 405(d): Aligning Healthcare Cybersecurity Approaches. This public-private partnership effort is one of many HHS cybersecurity initiatives pushing forward the cybersecurity and resiliency of the HPH sector. Previously, Julie served as the Cybersecurity Team Lead within the Office of the National Coordinator for Health IT (ONC) at HHS. There, she led White House Critical Infrastructure Cybersecurity efforts and spearheaded these cybersecurity initiatives across HHS, its federal partners, and the private sector. She led the effort to establish an information sharing and analysis organization (ISAO) specific for the Healthcare and Public Health (HPH) Sector to enable widespread dissemination of cyber threat information as well as general cybersecurity best practices and lessons learned across the sector. She initiated the creation of a crosswalk between the HIPAA Security Rule and the NIST Cybersecurity Framework - now available to HPH sector stakeholders, and small and medium-sized providers, providing guidance and capabilities to implement robust risk management programs. Before joining the federal government, Julie was a small business owner focused on federal information security policies and regulations, risk assessments, enterprise-level software application development, and innovative mobile applications development.
Julie Anne Chua, PMP, CAP, CISSP is presenting at: