Janice Ahlstrom brings more than 40 years of healthcare experience to Baker Tilly and is a specialist in delivery of risk, compliance and technology solutions. Janice has worked extensively with the National Institute of Standards and Technology (NIST) cybersecurity framework, helping healthcare clients evaluate and manage their cybersecurity risks. She leads and supports internal audits, SOC1/SOC2 audits, technology assessments, IT strategic planning, HIPAA security risk assessment and privacy rule gap assessments. Clients seeking to improve business and technology processes and reduce compliance risk draw upon Janice’s technology, clinical and business acumen.
Janice’s career spans a breadth of organizations — assisting premier healthcare providers, payers, pharmacy benefit and reverse logistics pharmaceutical organizations across the U.S. to assess risk, improve operations and aligning technology investments to business strategy. In addition to her technology, risk management and management consulting experience, Janice is a registered nurse with 11 years of clinical practice experience as a nurse, manager and educator.
- Risk and maturity examinations and assessments under NIST 800-53 (revision 4 and 5)
- Healthcare internal audit and enterprise risk assessment
- Healthcare risk/compliance management - HIPAA
- SOC 1, 2 and 3 examinations
- Technology assessment, strategy and business alignment
- Business impact analysis, disaster recovery and continuity planning
- Clinical information systems management
- Electronic health record application selection and implementation - multiple vendors (Epic, Cerner, Allscripts, McKesson)
- Lean business process redesign and optimization
- Partner and national healthcare practice leader with multiple consulting organizations
- Association of Healthcare Internal Auditors
- Institute of Internal Auditors
- American College of Healthcare Executives
- Healthcare Information Management Systems Society
- Women’s Health Leadership Trust
- Co-author of Healthcare Cyber Security and HIPAA Assurance with Business Associates 2019, Cyber Security: A peer-reviewed journal Vol. 3, 2 134–147 Henry Stewart Publications 2398-5100 (2019)
- Co-author of Technology Due Diligence in Healthcare, AHIA Digital Insights, March 2019
- Author of AHIA whitepaper: “Drug Diversion Prevention and Detection Using a Comprehensive Risk and Internal Audit Approach” (2018)
- Co-authored AHIA whitepaper and Healthcare Informatics articles “HIPAA 5 Step to Ensuring Your Risk Assessment Complies with OCR Guidelines” (2017)
- Presenter, HFMA 2018 Annual Conference, “Healthcare Security Readiness and Maturity Assessment”
- Contributor for Modern Healthcare article: Building the Best HIPAA Contingency Plan” (2018)
- Author, WICPA On Balance, “HIPAA Risk Assessment – Getting It Right” (2017)
- Presenter, HIMSS 2017 Midwest Fall Technology conference, “HIPAA Risk Assessment – Does Your Assessment Adhere to the OCR Guidelines?
- Presenter, ACUA webinar 2016, “HIPAA in Higher Ed – Does Your Risk Assessment Get an A+ from OCR?”
- Presenter HIMSS 2016 Midwest Fall Technology Conference, “Ransomware – An Availability Attack on your Electronic Health Records”
- Author, HME News, Productivity: Leveraging Lean’s 5S
- Author, HIMSS, Using the 5S Lean Tool for Healthcare
- Co-author, WICPA – On Balance, HITRUST – A framework for Healthcare Security and Regulatory Compliance
- Author, Washington Rural Health Association, “How to Approach Meeting Meaningful Use”
- Author, “Lean Six Sigma for Healthcare Providers”
- Co-author, CTS Guides, “Best Practices for EMR/EHR Software Selection”
- Author, CTS Guides, “Planning EMR Software Implementation to Minimize Problems”
Location
Minneapolis, MN
Education
Bachelor of Science in nursing
University of Wisconsin–Madison
Diploma Degree in nursing
Deaconess Hospital School of Nursing (Milwaukee, Wisconsin)
