Stephen has provided information security strategies, services, delivery structures, and processes with tactical and strategic direction for several healthcare organizations. He is experienced at leading the establishment of risk management programs that include the NIST Cybersecurity Framework, HIPAA Security Rule regulatory requirements, and other frameworks. He has a broad background in Information Technology management, critical-infrastructure information security, strategic planning, and requirements gathering to meet organizational goals.