Virtual CISO, I have over 17 years of Cyber and Information Security experience. I can show you how to ensure the confidentiality, integrity and availability of your network and data assets and help you develop a program that will enable your business growth in a secure fashion. In my career I have launched security, risk and compliance programs and developed them into business enabling service departments. Currently providing Chief Information Security Officer (CISO) consultative services to a variety of verticals. Currently held industry certifications include CISSP, HCISSP, CISA, CISM, CRISC, C|CISO, CFE, ITIL and Cloud Integration. Reach out to me, I am here to help and provide you with the best security advice that will help you sleep at night.

IT consultant, HIPAA consultant, Meaningful use consultant, Data Center Owner, Social Media Consultant, Founder of Mountain Rack Data Center. I also do Social Media Consulting for FB, Twitter, Pinterest, and Google+.

President Kindly Ops, a DevOps services company. Formerly CTO for CommonGround (Behavioral health), VP Cloud Development and Operations at Canonical, Ubuntu developer, Director MySQL Server Engineering. Obsessed with bending technology to serve real people.

15+ Years Helping Physician Offices Maximize Reimbursement, Increase Cash Flow, Appropriately Get Paid for their Services, Compliant and up-to-date with current updates and changes included that from Medicare, Medicaid, OIG, ICD-10, American Medical Association and Commercial Payers Guidelines and Policies. Visit my BLOG-> http://www.mspinkymaniri.com Been Providing Value to the Medical Practice Industry since 2005! MY FOCUS OF EXPERTISE: 1. Pain Management Medical Coding and Billing 2. Neurology Medical Coding and Billing 3. Spine Orthopedic Medical Coding and Billing 2. General Surgery Medical Coding and Billing 3. Orthopedic Surgery Medical Coding and Billing 5. Anesthesiology Medical Coding and Billing 6. Physical Medicine and Rehabilitation Medical Coding and Billing 7. Physical and Occupational Therapy Medical Coding and Billing 8. Physician Insurance Credentialing 9. Practice Management 10. DME Durable Medical Equipment Medical Coding and Billing 11. Workers Compensation Claims Medical Coding and Billing 12. Motor Vehicle Claims Medical Coding and Billing 13. Obesity Services Billing 14. Wellness Medicine Everyone calls me Ms. Pinky, including my students and my clients. I have worked extensively with billing and coding, compliance, appeals, fee schedule analysis, contract negotiation, insurance credentialing, payments recovery due to incorrect billing, charges and coding! I have helped medical providers develop their internal medical billing / coding compliance program in their office as recommended by the Office of Inspector General for Small Group Physicians. My professional mission is to make sure my Physicians are maximizing reimbursement while they remain compliant with the current rules, changes, guidelines and policies. My Other Focus of Expertise: 1. Accurate Medical Coding and Maximizing Reimbursement 2. Insurance Credentialing, Fee Schedule Analysis and Contract Negotiations 3. HIPAA Guidelines, Compliance and Practice Internal Audit 4. CPT Changes and Current Guidelines 5. Revenue Cycle Management 6. ICD-10 and Documentation Requirements 7. Correct Coding and Clinical Documentation 8. CMS Coding Guidelines and Reimbursement Policy 9. Ancillary Services, DME Billing and Coding I own a website and have been helping medical offices since 2005! http://www.mspinkymaniri.com

Cofounder and CEO of Intraclinics, a HIPAA compliant mobile platform for physicians and caregivers to communicate. Experience in Venture funding, B2B sales, Biz Dev, and HIPAA compliancy.

23 Years - Experience Governance & Strategy Practice at Halock Security Labs July 2011 - Present Virtual CISO and Third-Party Risk Management Practice Lead currently managing multiple information security management systems and both internal and external/service provider assesssment programs based on ISO 27001/27002, NIST, HIPAA and PCI controls. Presented findings and remediation projects to C-level sponsors and executive leadership teams. Implemented Information Security Management Systems (ISMS) based on ISO 27001. Planned and implemented Security Policy projects. Designed and implemented Incident Response plans. Contributed intellectual capital to Halock's Professional Services Framework including reporting, checklists, templates, testing methods and techniques, and research. Page 1 • Third Party Risk Management • Risk Management • Risk Assessments • Security Policy Standards & Procedure Development. • Incident Response Development. • ISO 27001 ISMS • Regulatory Compliance Assessment and Program Development (HIPAA, GLBA, Sarbanes-Oxley, etc.). Information Security Officer at Wells Fargo/Wachovia June 2005 - July 2011 (6 years 2 months) Provide dedicated security resources to help educate and support the business units on security controls and standards; establish security checkpoints in business unit processes; facilitate ongoing compliance monitoring and security oversight; and provide security consulting to projects using the ISO 27005 methodology. Led risk assessments to support due diligence for a global financial institution looking to offshore business functions. Created and managed risk treatment plans and remediation efforts for over 20 facilities. Initial phase of risk assessments was over 5000 hours. • External/Internal Attack and Penetration Assessments (Ethical Hacks, Wireless Scans, MacAfee Foundstone) • Security Vulnerability Assessments. • IT Audit and Risk Assessments. • Network Server and Application Security Assessments. • Security Policy Standards & Procedure Development. • Regulatory Compliance Assessment and Program Development (HIPAA, GLBA, Sarbanes-Oxley, etc.). • Business Continuance and Disaster Recovery Planning and Testing. Sr. Network Security Engineer at Wachovia, A Wells Fargo Company June 2000 - June 2005 (5 years 1 month) • Designed and implemented network security policies for network access. Developed and implemented remediation plans for vulnerabilities assessment and mitigation. Designed, installed, and managed multiple versions of Check Point Firewalls on the Sun Solaris and Nokia platforms. Designed and implemented Symantec Raptor Firewalls. Led infrastructure upgrade for global financial institution that include upgrading 300+ firewalls with multiple versions of Check Point Firewall on the Sun Solaris and Nokia platforms to Check Point Next Generation Provider 1. Led RSA SecurID dual factor authentication project for remote access and network infrastructure administration on CISCO, Checkpoint, Nokia IPSO, Solaris and Microsoft equipment. Page 2 • Expert Knowledge in Nokia Check Point Design, Implementation, and Support. • Hardened the Sun Solaris and Windows NT/2000 Server operating systems. • Installed and configured Check Point client VPN access to internal networks. • Implemented Secure Shell SSH software for encrypted equipment access. • Prepared security assessment reports for management detailing corrective actions. • Performed security awareness training classes for staff. • Managed Check Point Provider 1 and RSA Administration. COMSEC Administrator at United States Marine Corps June 1996 - June 2000 (4 years 1 month) DOD Security Clearance: Top Secret Small Computer systems specialists ensured the proper installation, configuration, and operation of stand-alone and client- server information systems. Installed, operated, and maintained microcomputers and Local and Wide Area Network (LAN/WAN) systems. Configured, optimized, administered, and troubleshot microcomputer network hardware and operating system software using Marine Corps standard network operating software and protocols. • Managed twelve Marines as Platoon Sgt. • Administered Classified Information Systems Operation and Maintenance • Supervised and Implement an installation of moving an entire Unit’s HQ from a desk environment to a field environment, while still being able to perform everyday administrative function during a mach combat situation. 400+ end-users and systems. • Perform technical analysis on computer system security procedures including personnel, physical security, communications, emanations, hardware, software, and data • Handled Top Secret Cryptographic Equipment and Documents. Education Strayer University (DC) BS, Information Security, 2003 - 2007

MYSON L. JOSEPH, MHA/INF, RHIA, CSSWB, PMEC HIPAA Consultant St. Louis, MO, United States MLJCONSULTANCY LLC January 2020 to Present Consultancy: HIPAA Compliance, Health Information Management, Revenue Cycle Management Processes, and Project Management. Director, Health Information Management & Data Analytics June 2021 to Present Manager, Health Information Management July 2018 to June 2021 Betty Jean Kerr People's Health Centers, Inc - St. Louis, MO Supervise, manage, direct the Health Information Management Department: Recruit, coach, and train HIM Staff. Review HIM, Privacy and Security policies and procedures. Serve as the Privacy Officer. Director of Health Information Management/Privacy Officer San Jose Behavioral Health (Acadia Healthcare) - San Jose, CA January 2016 to February 2018 Served as the Hospital Privacy Officer: Conducted HIPAA Risk Assessments, trainings and orientations. Ensured Privacy and Security of Protected Health Information (PHI) within the organization. Directed, managed, and supervised the Health Information Management Department Services: Dictation/Transcription, Coding, Auditing, Analysis, Indexing, ROI, Medical Information Reporting for California (Mir Cal) OSHPD, monitoring and reporting of The Joint Commission Quality Core Measures. Health Information Management (HIM) Director/Privacy Officer Aurora Santa Rosa Hospital - Santa Rosa, CA July 2015 to November 2015 Directed, managed, supervised all functions (Transcription, Coding, ROI, Patient Data Analysis, Indexing, and Auditing) of the Health Information Management Department, and served as the Hospital Privacy Officer. Health Information Management-Project Director Mountain Empire Community College - Big Stone Gap, VA October 2014 to July 2015 Organized, directed, planned, and developed the HIM program effectively as well as the Mountain Empire Rural Health Network. Continuously reviewed the program, provided HIM instruction, and counseled students. Medical Records/Billing Manager/Privacy Officer Comprehensive Behavioral Health Center of St. Clair County Inc - East Saint Louis, IL September 2012 to October 2014 Managed and supervised the Medical Records/Billing Department. Served as the Security Administrator for all Health Information Systems. Oversight of Release of Health Information Services (ex: Subpoenas for production of health records). Managed medical records, billing and reimbursement for all programs: Substance Abuse and Chemical Dependency, Opioid Treatment, Mental Health Services, Developmental Disability, Federal Probation Pre-Trials and Post Trials. Conducted training sessions with new staffs on Electronic Health Records (EHR): CIS, and State Information Systems: DARTS, and e-RIN. Generated revenue/billing reports for fiscal department. As a member of the organization's Quality Control Team, participated in Performance Improvement Projects. Generated statistical/billing reports to assist in preparation for all site reviews by DHS/HFS, The Joint Commission, and DASA. Served as the Facility Privacy Officer. Quality Assurance and Validation Spanish Bilingual Representative Rose International Inc - Saint Charles, MO June 2012 to August 2012 Ensured quality sales validation. Reached out to customers via phone calls to investigate potential fraudulent product sales using different Verizon electronic systems and took actions per established policies and procedures. French Bilingual Customer Support Agent Real Time Results (Telecommunications) - St. Louis, MO May 2010 to June 2012 As a French Bilingual Customer Service Agent, provided support to the Comarco recall project on computers' adapters. ❖ Handled 45-55 calls a day from Home Solution Consultants on DSL, Access lines, and U- verse orders for ATT. ❖ Keyed cable, internet, phone and Home Security orders for Suddenlink. Supported their customer retention program; by performing outgoing calls to new customers and reviewing their account details to ensure that everything is set up accurately. Professional Practice Experience (PPE) SSM DePaul Health Center, Health Information Management Department - Bridgeton, MO December 2011 to January 2012 PPE Project: Policy and Procedure regarding Electronic Health Records Analysis via Epic ❖ Project Description: Qualitative versus Quantitative Analysis, Health Data Reports and Components, Patient Class, Organization of Reports within Medical Records, Policy and Procedure, Recommendations ❖ Completed 130 hours of Professional Practice Experience. Professional Practice Experience (PPE) ALM Hopewell Center, St. Louis, MO November 2011 to December 2011 Medical Records Filing Systems and Retrieval: ❖ labeled their new medical record diagram chart for accuracy and consistency. ❖ Completed 30 hours of Professional Practice Experience. EDUCATION Master's in Health Administration/Informatics University of Phoenix January 2015 BS in Health Information Management Saint Louis University, Doisy College of Health Sciences December 2011 SKILLS • Electronic Health Records/Electronic Medical Records (EHR/EMR) • Release of Health Information • HIPAA Trainings • ICD-10-CM • Quality Assurance/Performance Improvement •Health Data Management • Health Statistics • Organization and Management • Privacy, Security, and Confidentiality of Protected Health Information/ Legal Standards • Healthcare Information Technology • Billing and Reimbursement • Revenue Cycle Management • Informatics • Health Administration • Health Information System (HIS) • Human Resources • Health Law • CSR • Customer Service • Call Center • Customer Care • Bilingual • Leadership Experience ​ CERTIFICATIONS AND LICENSES Registered Health Information Administrator (RHIA), Certified Six Sigma White (CSSWB), Project Management Essentials Certified (PMEC) ​ ADDITIONAL INFORMATION Technical Skills-Software/Applications: NextGen Healthcare, Epic, MedHost/HMS, CIS, MS Word, Excel, Outlook, PowerPoint, Microsoft Office Project, Microsoft Access (Databases), Microsoft Visual Basic, Encoder, AS400, Icoms

Intro Video: https://youtu.be/aXihwlEomlE?si=rnFYvQGVWiMOBgmW Seasoned technology leader with two decades of driving innovation in mobile, cloud, and emerging technologies. Architect of award-winning apps and mission-critical systems used by millions. Author of nine books on mobile development and distribution. Proven expertise in building high-performing teams that deliver transformative products aligning with business strategy. A dynamic problem-solver and motivator with a passion for applying cutting-edge solutions to advance human health and wellness. Core strengths include strategic product roadmaps, Agile methodology, mobile UX, data visualization, and architecture for scale.

CEO and Information Security Consultant, for an IT resources company serving Healthcare providers in Central and Southern Ohio. I have held the CISSP certification for six years and am active in ISSA and Infragard. Also serve as the lead project manager and managing a staff of sub-contractor/employees. Key Contributions:  Developed and manage a team of professionals in IT Infrastructure, Practice Management and Telecommunications, driven to serve our clients.  Developing and implementing Security policy/procedure for medical practices throughout Ohio.  Implementation of EMR and Practice Management software systems.  Project management on telecom, network and other vendor projects on behalf of clients.  Created company policies and procedures governing HIPAA, corporate security, email and Internet usage, access control, and incident response for multiple client sites.  Provide and lead educational seminars in information security to client company management and staff.  Consult and Pre-Assessment for EHR Implementation and Meaningful Use reimbursement.  Process Audit and InfoSec audit for 20M plus revenue company client.

Senior Developer at Headway CTO at Health Hero Lead Support Engineer at Preferral, SpreeCommerce

Risk Management guru with a proven track of conducting assessments, creating policies, establishing vendor and risk management strategies. Expert knowledge of healthcare industry (i.e., HIPAA, HITRUST).

Tim Thomas, R.Ph. President, CCRX, Inc. dba Crystal Clear Rx Mr. Thomas is a graduate of the University of South Carolina College of Pharmacy, and has 30 plus years' experience as a pharmacist. He has served the healthcare industry as a pharmacist in both retail and hospital settings. For the last 20 years Mr. Thomas has been involved in managed care pharmacy. His extensive experience in managed care includes developing one of the first three-tiered pharmacy benefit programs in the country. In the early to mid-nineties, Mr. Thomas and associates started and built a PBM. From 2003 to 2006, Mr. Thomas was an Executive Vice President at a PBM and in 2007 started RXM, LLC a pharmacy benefit consulting firm specializing in auditing and increasing value in the pharmacy benefit. In 2010, CCRX Inc. acquired RXM, LLC. Mr. Thomas continues as the president of CCRX, Inc. and as such is developing software and programs to monitor CCRX client’s PBM performance. These services save payers around the country millions of dollars on their pharmacy benefit expense. He has been published on various subjects including PBM Transparency, PBM auditing, and employee benefits.