HEALTH INFORMATION PROTECTION TASKFORCE
OF THE STATE ALLIANCE FOR E-HEALTH
AUGUST 28, 2007
HYATT ARLINGTON HOTEL
BIOGRAPHIES, HEALTH INFORMATION PROTECTION TASKFORCE MEMBERS
Holt Anderson is Executive Director of the North Carolina Healthcare Information & Communications
Alliance, Inc. (NCHICA), a private, nonprofit consortium of healthcare providers, payers, corporate
partners, professional associations and government agencies with the mission of improving healthcare in
NC by accelerating the adoption of information technology. In addition to his role as Executive Director
of NCHICA, Holt serves in an advisory capacity for a number of state and national working groups
related to health information exchange, including the IBM Nationwide Health Information Network
(NHIN) Architecture Prototype contract with the Office of the National Coordinator for Health
Information Technology (ONC), and the RTI International “Privacy and Security Solutions for
Interoperable Health Information Exchange” contract for AHRQ and ONC.
Thomas W. Arnold
Thomas W. Arnold is a Medicaid veteran having worked with the program, directory or indirectly, almost
continuously since 1979. As a result, he brings a wealth of knowledge to the task of managing Florida’s
$16 billion health care program for more than 2 million lower income and disabled people.
Mr. Arnold is one of three deputy secretaries at the Florida Agency for Health Care Administration and
oversees six policy bureaus at headquarters and 11 field offices. Before taking his present position in
Medicaid, Mr. Arnold was a Deputy Secretary at the Florida Department of Health responsible for
licensing medical professionals, information technology, administration, disability determination, health
planning and evaluation, and performance improvement. He had been at the Department of Health since
His first job involving Medicaid was in 1979 as an auditor at the former Department of Health and
Rehabilitative Services where he performed audits of the Medicaid fiscal agent. He has held Medicaid
management positions related to policy development, combating fraud and abuse, Medicaid institutional
rate setting, overseeing Medicaid managed care, beneficiary eligibility determination and served as
Deputy for 4 previous Medicaid Directors.
Mr. Arnold is a graduate of Florida State University with a degree in Accounting.
Justin T. Barnes
As a healthcare software executive and public policy specialist, Justin Barnes manages Greenway’s
Strategy, Marketing, Corporate Development and Government Affairs departments. With a background in
healthcare information technology (HIT), corporate operations and legislative policy, Mr. Barnes is
responsible for building and executing Greenway’s corporate strategy and government relations. He
resides on several HIT and Electronic Health Record (EHR) industry governance boards and brings the
essential continuum of experience from Silicon Valley Start-up’s to Industry-leading Fortune 20
Prior to Greenway Medical Technologies, Barnes was a member of the founding team and Vice President
of Sales Operations at Healinx Corporation. Today, Healinx is known as the RelayHealth Division of
McKesson and continues as the premier provider of secure online healthcare communication services
linking patients, healthcare professionals, payors, and pharmacies efficiently, affordably and securely.
Justin is a board member of the HIMSS Electronic Health Record Vendors Association (EHRVA).
Jim Bryant, PhD
Dr. Jim Bryant is a native of Charleston, South Carolina, where he graduated from The Citadel as an Air
Force Distinguished Graduate in 1980. He served in the U.S. Air Force and Joint Military Service as a
Lieutenant Colonel specializing in communications and logistics. He earned 4 Meritorious Service and
one Air Force Achievement Awards during his career. Dr. Bryant was also selected and performed an
Education with Industry tour at Boeing Petroleum Services in New Orleans, Louisiana.
Dr. Bryant was a telecommunications and information systems director at several technology companies
and an adjunct instructor at three universities after retirement from the U.S. Air Force. He earned a Ph.D.
in Environmental Engineering; MA in National Security and Strategic Studies; MS in Computer
Information Systems; MBA in Management and BS in Business Administration. He is also a graduate of
the Air Command and Staff College, Marine Corps Command and Staff College, Naval Command and
Staff College and Armed Forces Staff College.
Dr. Bryant has been the Chief Information Officer for the State of South Carolina since January 2006. He
leads the 315 information technology professionals to “Connect People with Information” across South
Jane Cheeks, JD, MPH
Jane Cheeks is currently the State AIDS Director of the State of Alabama. In this capacity, Ms. Cheeks is
responsible for the planning, organization, direction and evaluation of statewide HIV/AIDS Prevention
and Control Program including Surveillance, Research, Health Education/Risk Reduction, Community
Prevention Planning and Delivery of Direct Care Services for Persons living with HIV in Alabama. She is
also responsible for community coalition-building for delivery of health care, social services and
collaboration with multiple public, private and community-based organizations. She serves as liaison for
local, state and national agencies involved with funding and program development and service delivery
systems. She also serves as a member on the Governor’s Task Force on HIV/AIDS.
William D. Hacker, MD, FAAP, CPE
Dr. William Hacker is Commissioner of the Kentucky Department of Public Health. Prior to becoming
Commissioner, Dr. Hacker served as Manager of the Public Health Preparedness Branch, Division of
epidemiology and Health Planning, Kentucky Department for Public Health; Interim Director of the
Division of Laboratory Services Sepember; and Acting Commissioner for Kentucky Department for
Bobbie Holm has been part of the Calfiornia Office of HIPAA Implementation (CalOHI) since its
inception in November 2001. She was the primary author of the CalOHI report to the legislature that
provided the findings form the assessment of the different state government entities to determine their
HIPAA status. She was primarily responsible for facilitating with the State and County HIPAA Privacy
Workgroup that developed and released generic, adaptable tools and templates that state and county
governments are using in their implementation of the HIPAA Privacy Rule. These include the tools for
complaints, business associates, access to protected health information, and those still under development
for use and disclosure of information. She was involved in the issuance of the Security tools and
templates developed by the HIPAA Security Workgroup.
Currently she is lead to two other staff members who are primarily responsible for the Privacy, Security,
and the Transactions and Code Sets portions of the HIPAA Rule. In addition, she is working with the
CalOHI legal counsel reviewing the health care privacy laws that govern the provision of health care
services in California.
Kathy Hudson, PhD
Dr. Kathy Hudson is an Associate Professor at the Johns Hopkins Berman Bioethics Institute of Genetic
Medicine and Department of Pediatrics at The Johns Hopkins University and is the founder and director
of the Genetics and Public Policy Center. The Center was established in April 2002 with a bold $10
million grant from The Pew Charitable Trusts. Dr .Hudson founded the Center to focus exclusively on
public policy issues raised by advances in human genetics. Her special interests include the scientific,
legal, ethical and social issues related to human reproductive genetic technologies, genetic testing, gene
transfer and human cloning.
Before founding the Genetics and Public Policy Center, Dr. Hudson was the Assistant Director of the
National Human Genome Research Institute (NHGRI) responsible dfor communications, legislation,
planning and education activities. She provided focus and leadership in public policy, genetic technology
and public affairs issues for NHGRI programs including the Human Genome Project, and spearheaded
efforts to develop policies to prevent genetic discrimination. She holds a Ph.D. in Molecular Biology
form the University of California at Berkeley, an MS in Microbiology from the University of Chicago and
a BA in Biology from Carleton College.
Sallie Hunt is the State of West Virginia’s Chief Privacy Officer. In that capacity, she leas the State’s
Privacy Program, with responsibility for facilitating the Executive Branch’s implementation and
compliance with privacy principles and 20 federal and state privacy laws. Ms. Hunt also serves as the
Legal Working Group Chair for the West Virginia Health Information Security and Privacy Collaborative
and is staffing the West Virginia Health Information Network Board on an interim basis. Previously, she
served as the principal advisor to Executive Branch agencies on HIPAA legal matters and directed a team
of State agency attorneys and others in HPAA assessment and privacy implementation. She also served as
the Chief Policy Officer for the West Virginia Health Care Authority and was responsible for the Health
Planning and Certificate of Need Divisions.
JoAnn Lamphere, DrPH
JoAnn Lamphere, DrPH, joined AARP's Government Relations and Advocacy staff as National
Coordinator, State Health & Long Term Care Team in 2006. She leads a team with responsibility for
legislation and strategic policy development in 50+ state jurisdictions on issues of health care reform and
quality, long-term care, and prescription drugs. For six years prior to re-joining AARP, she was a senior
consultant with The Lewin Group, a health care consulting firm in Virginia, where she specialized in
public sector financing and health care organization, state health coverage expansions, and health services
for vulnerable populations. She managed Lewin's engagement with the Internal Revenue Service, helping
the IRS design, build, and implement the nation's first health coverage tax credit (HCTC) program. From
1997 to 2000, Dr. Lamphere was a Senior Policy Advisor in AARP's Public Policy Institute; her work
focused on assessing and improving Medicaid protections for low-income older Americans.
As a researcher, state health policy analyst, and medical center administrator, Dr. Lamphere has been
integrally involved in public sector health policymaking and program development in several national,
state, and not-for-profit organizational settings for over two decades. Her extensive health policy
experience also includes Manager, Health Economics Practice of Barents Group, Washington, DC; Senior
Associate, Alpha Center (now AcademyHealth), Washington, DC; Research Associate and Lecturer,
Department of Health Policy and Management, University of North Carolina at Chapel Hill;
Administrative Manager, New England Medical Center, Boston; and Health Policy Analyst and Program
Director, New York State Department of Health, Albany.
Dr. Lamphere earned her doctorate in Health Policy and Management from Columbia University and is
currently an Adjunct Associate Professor at the University of Maryland. She has made numerous
presentations at scientific conferences and her research has been published in Health Services Research,
Health Affairs, Inquiry, and Health Care Financing Review.
Scott Morgan is the Kaiser Permanente National Privacy and Security Compliance Officer responsible for
programs to support Kaiser’s compliance with HIPAA rules and other related laws and requirements. In
this role, Mr. Morgan oversees the work of the privacy and security specialists in Kaiser Permanente’s
Compliance, Legal, Information Technology, and Operations Departments at the National Level. Mr.
Morgan has bee in his current role since 2005.
Michele O’Connor, MPA, RHIA
As the Senior Director for our Healthcare Practice at Initiate Systems, Inc., Ms. O’Connor provides
overall leadership for data quality remediation services. Additional responsibilities include providing
domain expertise for healthcare practice and assisting with forging relationships with industry influencers
at the regional and national level. Michele frequently speaks at industry conferences on topics such as
implementing an electronic health record (EHR), best practices for data quality remediation and MPI
clean up projects, Enterprise Master Person Indices (EMPIs), regional health information organizations
(RHIOs), health data exchange, and patient identification issues. In addition, she serves on The Executive
Board for the New Jersey Health Information Management Association (NJHIMA) and the Program
Committee for the American Health Information Management Association (AHIMA).
Michele has 25 years of service in health information management and extensive experience reorganizing
and consolidating medical records operations. Other areas of expertise include: policy and procedure
revisions; regulatory compliance; survey preparation; streamlining workflow and maximizing
productivity; and implementation of organization-wide information systems. A Registered Health
Information Administrator (RHIA) and member of the American Health Information Management
Association, Michele has many professional affiliations and serves on various healthcare association
committees. She is the current Past-President for the New Jersey Health Information Management
Association and serves as a faculty member for AHIMA’s Privacy Institute, she is a member of the
AHIMA Annual Meeting Program Committee and she served on the Markle Foundations Connecting for
Health subcommittee for Policy setting up the common framework for the national health information
infrastructure. She is a frequent speaker at healthcare conferences and a contributing author to numerous
publications including The Future of Patient Identification: Journal of AHIMA, January, 2006, and Data
Quality in the EMPI: Advance for Health Information Managers, June 2005.
Michele has an Associate of Applied Science from Hudson County Community College, a BS in Allied
Health from Montclair State University, and a Masters of Public Administration, Health Services
Administration, from Fairleigh Dickinson University.
John Prestridge has over 20 years senior IT management experience in both the public and private sectors.
He has managed numerous large scale technology projects over his career including global ERP
implementations, custom program development, security architecture design, and enterprise IT
infrastructure management. Mr. Prestridge joined Citrix Systems in 2001 and manages the company’s
Industry and Technology Solutions group in North America. He works with partners, analysts, and trade
associations to understand market dynamics that impact customers including regulatory compliance,
technology innovation, and industry specific business challenges for key industry segments.
Kristen Rosati, JD
Kristen Rosati is a partner in the law firm of Coppersmith Gordon Schermer & Brockelman, located in
Arizona. Her practice concentrates in clinical research, electronic health records, health information
privacy and security, and consent issues. Ms. Rosati serves as legal counsel to the Arizona Hospital and
Healthcare Association and chaired the association’s statewide task forces on HIPAA compliance and
clinical research compliance. Ms. Rosati conducted HIPAA preemption analyses for the hospital
associations in Arizona, Washington and Maine, and developed extensive HIPAA Privacy compliance
packages for hospitals, health plans, and employers. Ms. Rosati is on the Executive Leadership Team for
the Governor’s Health-e Connection, Arizona’s e-health data exchange intitiative, and chairs the Legal
Work Group for the initiative. She also currently services as Chair of the Legal Working Group for the
Health Information Security and Privacy Collaboration project. Ms. Rosati is a member of the Arizona
Translational Research Pathway Project Advisory Committee Work Group sponsored by the Arizona
Biomedical Research Commission and the Flinn Foundation, and a consultant to the Battelle Memorial
Institute Technology Partnership Practice for that project. In this capacity, she is charged with facilitating
the harmonizing of IRB and HIPAA processes across Arizona, organizing a statewide conference on
biorepositories, and assisting in the creation of an Arizona Clinical Research Consortium and a
community nonprofit IRB.
Vera Rulon, RHIT, CCS
Vera Rulon is director and global head of clinical trial documentation systems for Pfizer, Inc. She is the
recipient of AHIMA’s Visionary Triumph Award and FORE’s Best Practices Award. Ms. Rulon has
served on AMA’s CPT-5 development Task Force on the managed care work group, on DIAs eClinical
Core Committee, and various workgroups with AHIMA, AAHP, and NCQA. She has worked in various
health care settings, including skilled nursing, acute care, managed care, and pharmaceutical/clinical
research. At Oxford Health Plans, Ms. Rulon created a clinical audit function that created episode of care
reimbursement mechanisms, and quality of care and payment analysis. At Pfizer, she implemented a
clinical documentation system globally to ensure consistency and quality of clinical trial documentation
world-wide. At acute care provider based organizations, Ms. Rulon was responsible for quality reporting,
as well as release of information activities. She is also the recipient of Pfizer’s Achievement Award and
Oxford Health Plans’ High Performance Award. She is an established speaker and author on diverse HIM
topics and an active CoP participant and facilitator.
W. Ob Soonthornsima
Mr. W. Ob Soonthornsima serves as Senior Vice President and Chief Information Officer for Blue Cross
and Blue Shield of Louisiana. He is responsible for the company’s information technology division. As a
member of the senior management staff, Mr. Soonthornsima provides IT strategic and tactical directions
in support of the company’s corporate strategy. Mr. Soonthornsima is directing the company’s Louisiana
Health information Technology strategy to establish, facilitate and increase the adoption of electronic
health record across the state.
Prior to joining Blue Cross and Blue Shield of Louisiana in 2003, Mr. Soonthornsima served on the senior
management team as Senior VP and CIO of Pan-American Life Insurance Company, and international
insurance and financial serves company. His responsibilities included information technology, corporate
program office and business process engineering, as well as corporate services.
Ray Campbell, JD
Ray Campbell is the Executive Director and Chief Executive Officer of the Massachusetts Health Data
Consortium. Prior to MHDC he was a lawyer and consultant in private practice specializing in issues at
the intersection of public policy, technology, and the law. Ray's public sector experience includes serving
as the Executive Director of the Massachusetts Corporation for Educational Telecommunications, as the
General Counsel of the Massachusetts Information Technology Division, and as the Director of Special
Projects at the Massachusetts Executive Office for Administration and Finance. Ray was an attorney in
private practice prior to entering the public sector and has a B.A. from Bates College, a J.D. from Suffolk
University, and an M.P.A. from Harvard University.
Paula Cotter, JD
Paula Cotter serves as the Environmental and Public Health Counsel for the National Association for
Attorneys General (NAAG), and staffs NAAG’s Committee on Public Safety and Health. Ms. Cotter is
leading the work product analysis on privacy of specially protected categories of information for the
Health Information Protection Taskforce of the State Alliance for e-Health. As Counsel and a member of
the Ohio bar, Ms. Cotter worked as managing counsel at the Environmental Background Investigations
Unit of the Ohio Attorney General and as a trial attorney in that office before taking a position at NAAG
in 1998. As counsel to the Environmental Background Investigation Unit, she directed investigations of
applicants for permits under state and federal law; as trial counsel she litigated cases under all the major
state and federal environmental acts. Before joining the Ohio Attorney General’s office in 1986, Ms.
Cotter was the Hazardous Waste Enforcement Coordinator for the Ohio Environmental Protection
Agency. Ms. Cotter received her B.A. from Ohio State University and her J.D. from the Ohio State
University College of Law.
Melinda Dutton, JD
Melinda Dutton serves as a Partner within the healthcare division of Manatt, Phelps & Phillips, LLP
("Manatt"), and also plays a leadership role within Manatt Health Solutions (MHS), an interdisciplinary
policy and business advisory practice within the firm. Ms. Dutton’s practice concentrates on advising
clients in the healthcare industry with respect to business, public policy and regulatory matters. Ms.
Dutton’s clients include hospitals, community health centers, long-term care providers, foundations,
government agencies, health information exchange initiatives, industry associations and consumer
advocacy organizations. Ms Dutton has worked on a wide variety of projects involving use of health
information technology to improve the quality and efficiency of health care. Ms. Dutton is currently
advising New York State on the Health Information Privacy and Security Collaboration, helping identify
laws, policies and business practices that support the private and secure exchange of health information.
Prior to joining Manatt, Ms. Dutton served for nine years at the Children’s Defense Fund in New York,
where she helped to develop and secure passage of legislation expanding publicly funded health insurance
programs for children. Ms. Dutton attended Columbia Law School, where she was a James Kent Scholar.
Stephanie Kissam, MPH
Stephanie Kissam has worked in the Director’s Office at the Rhode Island Department of Health since
2005. She is staffing several state health policy initiatives, including the development of “Anytime,
Anywhere Health Information Technology” in Rhode Island. The Department of Health currently holds a
contract from the Agency for Healthcare Research and Quality to develop the first phase of Rhode
Island’s Health Information Exchange, and continues to be a participant in the Health Information
Security and Privacy Collaborative (HISPC). Stephanie’s current responsibilities include providing
programmatic support to multi-stakeholder committees drawing membership from organizations
statewide that are focused on assessing and developing the policies and law that will support the
development of RI's Health Information Exchange. She has also worked with health care providers,
insurers, state and federal government, and consumers to promote electronic prescribing in Rhode Island.
Prior to joining HEALTH, Ms. Kissam worked as a Project Specialist at Quality Partners of Rhode Island,
the state’s Quality Improvement Organization (QIO). She received her Masters in Public Health in
Health Management and Policy from the University of Michigan.
Laurie Beyer-Kropuenske, JD
Laurie Beyer-Kropuenske is currently the Director of the Information Policy Analysis Division (IPAD) of
the Minnesota Department of Administration. IPAD provides consultation to the State of Minnesota on
state and federal information policy and privacy laws including HIPAA, FERPA, MN Medical Records
Act and the MN Government Data Practices Act. Ms. Beyer-Kropuenske has chaired a number of
working groups for Minnesota’s Health Information Security and Privacy project and will be convening a
work group this fall to develop Minnesota’s universal consent form for release of health information.
Robn Mitchell, MPH
Robn Mitchell has been with the Oklahoma State Department of Health for 16 years. She has been a
Disease Intervention Specialist, worked to develop the initial Ryan White Drug Assistance Program with
the Department, was a Public Health Educator and the Director of the Eldercare Program, a case
management based system to assist the elderly to stay in their own homes. Currently, she is the HIPAA
Privacy Officer and the Project Coordinator for the Oklahoma Health Information Security and Privacy
Collaboration (HISPC). She also serves on the HISPC Consent/Authorization Collaborative Work
Ms. Mitchell has a Bachelor Degree in Social Work and a Master of Public Health, both from the
University of Oklahoma.
Mr. Mitchin is a Managing Partner for Isthmus, Ltd. He has spent 25 years in the healthcare information
technology industry as a consultant, director and CIO. In addition he has served on the Board of
Directors and as President of the Central and Southern Ohio chapter of HIMSS and remains an advisor to
the board. Most recently he represented the State of Ohio project team as the State Assessment of
Variations Work Group Coordinator for phase I of the federal Health Information Security and Privacy
Collaborative (HISPC). He is currently filling the role of Project Director for Phase II of the HISPC
initiative and has facilitated numerous group discussions regarding health information exchange with
RHIOs and other stakeholders.
Kirk Nahra, JD
Mr. Nahra is a partner with Wiley Rein LLP in Washington, D.C., where he specializes in healthcare,
privacy, information security and insurance fraud litigation and counseling for the health care and
property/casualty insurance industries and others in the financial services industry and elsewhere facing
compliance obligations in these areas. He is chair of the firm’s Privacy Practice and co-chair of its Health
Care Practice. He works with insurers and health care industry participants in developing compliance
programs and defending against government investigations into their practices. He assists companies in a
wide range of industries in analyzing and implementing the requirements of privacy and security laws
across the country and internationally. He was elected to the Board of Directors of the International
Association of Privacy Professionals, and serves as the editor of Privacy Officers Advisor, the monthly
newsletter of the International Association of Privacy Professionals. He is a Certified Information
Privacy Professional. He also serves on the Advisory Board for the Health Law Reporter and the Health
Care Fraud Report. He is the Chair of the ABA Health Law Section’s Interest Group on eHealth, Privacy
& Security. He recently was named as the Co-Chair of the newly formed Confidentiality, Privacy and
Security Workgroup, a panel of government and private sector privacy and security experts advising the
American Health Information Community (AHIC).