top of page


Securing TEFCA: Security Practices Promoting Nationwide Health Information Exchange;
HIMSS 2023, Chicago IL

Presenting the Latest Risk Management Trends and Industry Insights;

Featured panelist, HITRUST Collaborate Annual Conference, October 2022 

Demystifying TEFCA: Ins and Outs of the Exchange Framework;

HIMSS 2019, Orlando FL

Protecting High Stakes PHI;

Journal of AHIMA, April 2014, ©2014


Meaningful Use Risk Assessments: Requirements, Methodology, Challenges and Lessons;

Joint presentation / education session with the Chief Privacy Officer, Office of the National Coordinator for Health IT, Department of Health and Human Services.  J.Pritts, JD & J.Coleman: HIMSS 2014


Segmenting Data Privacy;

Journal of AHIMA, ©2013 American Health Information Management Association


Extra-Sensitive PHI: Appropriate Sharing using Data Segmentation for Privacy;

HIMSS 2013 Conference and Exhibition, New Orleans, LA.


Privacy Protection for Substance Abuse Treatment Information;

Presentation on behalf of the Data Segmentation for Privacy Initiative, Office of the Chief Privacy Officer, Office of the National Coordinator for Health IT, Department of Health and Human Services

HIMSS 2012, February 23, 2012, Sands Convention Center, Las Vegas, NV.


Privacy Consent and Access Control: Cross Enterprise Security and Privacy Authorization (XSPA);

Presentation and Advanced Technology Demonstration on behalf of the Organization for the Advancement

of Structured Information Standards (OASIS)

HIMSS 2009, April 4-8 2009, McCormick Place, Chicago IL.


Presentation to Federal Health Architecture (FHA) Security Strategy Committee: Briefing on relationship between FISMA, HIPAA, NHIN, CCHIT, and HITSP;
November 7, 2008; Department of Health and Human Services, Washington DC.


NIST/CMS Workshop: HIPAA Security Rule Implementation and Assurance;
Presentation on HITSP Security and Privacy Standards
January 16, 2008; NIST Main Campus,100 Bureau Dr, Gaithersburg,MD

Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process;
Acknowledged Contributor

Richard A. Caralli et al; May 2007
Technical Note CMU/SEI-2007-TR-012 ESC-TR-2007-012; © Copyright 2007 Carnegie Mellon University

Testimony to the National Governors Association (NGA) State Alliance for e-Health, Health Information Protection Taskforce on behalf of the Healthcare Information Technology Standards Panel (HITSP);
April 25, 2007; Hyatt Regency, Crystal City,

Presentation on behalf of the Healthcare Information Technology Standards Panel (HITSP) on Requirements, Design and Standards Selection for the Security and Privacy Technical Committee Town Hall;

April 19, 2007

Presentation on behalf of the Office of the National Coordinator (ONC) for Health Information Technology;
1st Nationwide Health Information Network Forum: Functional Requirements for Security; Authorization, Authentication, Confidentiality, and Credentialing, June 28-29, 2006; Natcher Center, National Institutes for Health

Applying OCTAVE: Practitioners Report;

Acknowledged Contributor

Carol Woody, PhD;  Technical Note CMU/SEI-2006-TN-010, May 2006; © Copyright 2006 Carnegie Mellon University

Mission Assurance Analysis Protocol (MAAP):  Assessing Risk in Complex Environments;

Acknowledged Contributor

Christopher J. Alberts, Audrey J. Dorofee; Technical Note CMU/SEI-2005-TN-032 September 2005;
© Copyright 2005 by Carnegie Mellon University

Assessing Information Security Risk in Healthcare Organizations of Different Scale;

J.Coleman; International Congress Series Special issue: CARS 2004 - Computer Assisted Radiology and Surgery. Proceedings of the 18th International Congress and Exhibition, Reference: ICS3932 Vol 1268C pp 125-130, © Elsevier, 2004
Presented at the Computer Assisted Radiology and Surgery Congress, Chicago, 2004


HIPAA Program Reference Handbook;

edited by Ross Leo; Chapter 6; ISBN: 0849322111 CRC Press, © Auerbach Publications, 2004


Medical Information Assurance Readiness Teams: An Interdisciplinary Approach to Information Assurance; 

J.Coleman, CISSP, CISM; Presented at the 2003 American Telemedicine Association Annual Meeting, Orlando, Florida, April 2003


Organizing Safety: The Conditions for Successful Information Assurance Programs;
Jeff Collmann, Ph.D, J.Coleman CISSP, CISM, Kristen Sostrom, Willie Wright, M.B.A.;

Journal of Telemedicine and eHealth, Sep 2004, Vol. 10, No. 3: 311-320 


A Risk Assessment Approach to HIPAA Security;

J.Coleman; Presented at the Annual Meeting of the South Dakota Chapter of the Healthcare Financial Management Association, April 2004, Sioux Falls, SD

Execution of a Self-Directed Risk Assessment Methodology to address HIPAA Data Security Requirements;

J.Coleman, CISSP, CISM, PACS and Integrated Medical Information Systems: Design and Evaluation; Progress in Biomedical Optics and Imaging; SPIE (International Society for Optical Engineering), Vol., No. 24. ISSN 1605-7422, Feb 2003, Presented at the PACS and Integrated Medical Information Systems Conference, San Diego, CA, Feb 2003

bottom of page