Erik Decker is the Chief Information Security and Privacy Officer for the University of Chicago Medicine, and is responsible for its Cybersecurity, Identity and Access Management and Privacy Program. Erik has 19 years of experience within Information Technology, with 13 years focused on Information Security. The majority of his career has been focused on Academic Medical Centers; establishing two information security programs and an identity and access management program.

He is currently Co-Leading a U.S. Department of Health and Human Services (HHS) task group of more than 150 industry experts across the country for implementing the CSA 405D legislation within the Healthcare sector. The publication was released in December 2018, titled “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” aka HICP. He is also a member of the Executive Council of the Healthcare Sector Coordinating Council’s Joint Cybersecurity Work Group, which is a public-private workgroup formed under the National Infrastructure Protection Plan. Erik is the previous Chair of the Association for Executives in Healthcare Information Security (AEHIS) Board. This association focuses on educating over 800 CISOs and providing cybersecurity resources within the Healthcare sector, as well as advocating for Healthcare Information Security needs in both regulatory affairs and legislative affairs capacities.

He was awarded the 2017 Chicago CISO of the Year in October 2017. Lastly, he previously served as an adjunct faculty member at Columbia University teaching HIPAA Privacy and Security.

Erik has a Master’s of Science in Information Technology from Loyola University in Chicago and Bachelors degree of the University of Illinois in Champaign/Urbana in Cell and Structural Biology.