Cathy Beech has more than 20 years of experience in business and IS, working in the financial, insurance, healthcare and academic industries. Throughout her career, she has been responsible for auditing processes and procedures to ensure the organizations she works for meet regulatory requirements.
Beech first came to CHOP in 2006 as an information security analyst. In this role, her responsibilities were flipped – it was now her job to put security policies and procedures in place, perform risk assessment, and design and manage processes to measure compliance against regulatory requirements. Her past as an IT auditor made her the perfect fit for the job.
When Beech began her career at CHOP, the chief information security officer was looking for his replacement – someone who understood how to protect data. And in 2009, just three years after coming to the Hospital, Beech was appointed to the CISO role.
As CISO, she’s responsible for the information security program management functions, including governance and regulatory compliance, risk management, awareness of threat and vulnerability, security administration, and security awareness and training. She has oversight of the entire information security program for the Hospital. One of the key responsibilities of the CISO is ensuring CHOP complies with the Health Insurance Portability and Accountability Act (HIPAA), the law that ensures that all health information remains private. HIPAA requires strict information security policies organization wide.
Her career advice: Be known for your work ethic, and stay focused on leaving a place better than it was when you arrived. Move operations forward to make your mark on an organization.