As the Chief Information Security Officer for the University of Iowa, Ms. Lewison is responsible for providing guidance and direction to the organization in the area of Information Security. One of her key accomplishments in this role has been the successful integration of the University’s academic and healthcare information technology security teams. She is responsible for developing and overseeing a comprehensive information security program designed to meet all relevant regulatory and contractual security requirements including HIPAA, PCI, FISMA, and NIST 800-171. Information security at the University of Iowa spans the broad spectrum of information security domains, including policy development, security organization management, data asset classification, security operation, business continuity planning, and security incident management. Ms. Lewison works as part of a number of leadership committees within the University of Iowa and the University of Iowa Hospitals and Clinics to manage security risk, assess priorities, evaluate resource needs to implement security measures, make recommendations regarding both process and technical solutions. She also serves as a consultant on an as needed basis to help departments investigate security incidents and implement safeguards necessary to protect critical information assets.
Prior to joining the University of Iowa, Ms. Lewison held the position of AVP of Information Security at ACT, Inc., a leader in educational testing. She has held the position of Corporate Division Information Security Officer, Senior Information Technology Auditor, and Director of Business Analysis at one of the world’s largest financial services companies headquartered in the Netherlands. Throughout her career, she has held both technical and business leadership positions with organizations in the utilities, telecommunications, and financial services industries.