Phillip Long,CISA,CISM,CRISC

Details

About

Experienced Practice Leader in Cybersecurity, IT Audit, Internal Audit, Information Technology and Compliance. Skilled in Cybersecurity; Enterprise Risk Management; Governance, Risk & Control (GRC) Frameworks and Standards (HITRUST, NIST, ITIL, ISO, COBIT, etc); Regulatory Compliance (HIPAA, GDPR, FFIEC, GLBA, NAIC, etc); Business Process Improvement; Enterprise System Management and Business Continuity & Disaster Recovery Planning (BCP/DRP), Professionally certified - CISA, HITRUST CCSFP, CRISC, CISM, CIA, CRMA.



As the leader in Plante Moran’s healthcare cybersecurity practice — and a HIPAA/HITECH security and privacy subject matter expert — I advise health system executives and their organizations on healthcare industry regulations, emerging risks and compliance matters, trends, and cybersecurity best practices.



With more than 30 years of experience, I specialize in enterprise risk assessments, IT risk analysis, HIPAA and HITRUST assessments, CMS meaningful use, compliance, and regulatory audit readiness assessments, as well as cybersecurity assessments for healthcare, financial services, and many other sectors.



I’ve always aspired to be the best business and technology consultant. My multidisciplinary IT career path has enabled me to provide my clients with deep expertise in cybersecurity and to offer valuable insights and perspectives through different IT security frameworks and compliance lenses. They appreciate that I always go the extra distance to provide them with exemplary client service.



I speak frequently to clients, their boards, and at industry conferences (AICPA, LeadingAge, and HIMSS) about current and emerging cybersecurity threats, risk mitigation strategies, and compliance matters, such as cybersecurity and privacy regulations and requirements, including CMS, NAIC, OCC/FFIEC, and GDPR.