Skip to content

UIT bids farewell to ISO’s Kiston Finney

Kiston Finney (far right)

After two years working as the HIPAA security specialist and governance, risk, and compliance manager for the Information Security Office, Kiston Finney is moving on to an even bigger opportunity. 

“The last two years that I’ve worked for Dan [Bowden] I think have had the biggest impact, from the policy and risk management perspective, that an information security office has ever had at the University,” said Finney. “So I’ve been really pleased to be a part of that.”

Finney leaves behind a huge list of accomplishments, not the least of which is developing the revision of Policy 4-004 and its supporting rules.

“Collaborating with so many different teams to develop the revision of policy 4-004 and the supporting rules has been huge,” said Finney. “To be able to collaborate with these different groups and come up with a comprehensive information security program that is formalized is probably one of the biggest accomplishments.”

Dan Bowden, Chief Information Security Officer, also emphasized what an asset Finney has been to ISO, especially with regards to the policy revision effort.

“Her courage in working with diverse groups of faculty, physicians, and staff helped ISO craft a new organization-wide information security policy and program,” he said. “We were able to get something done that many thought too difficult, while setting the example for others of how to follow.”

Finney will be transitioning to Atredis Partners to be the security company’s principle risk consultant.

“When I started [at ISO], we were told we would never get this risk management program or policies off the ground. But we knew we could get it implemented,” she said. “It looks easy now, but with two years of dedicated hard work and a common vision, we were able to accomplish it.”

“What I hope to do is leverage my experience over the last two years to help other similar organizations do that,” she added.

Coincidentally, Finney’s first client in her new position will be another university hospital system.

“Kiston will be sorely missed by our team and the entire organization,” said Bowden. “However, we’re also very happy for her being recognized for the outstanding talent she displays, and we wish her the very best in the future.”

Note: Effective April 22, Greg Nance will be the interim manager for the Governance, Risk, and Compliance team while a replacement search is undertaken.

Share this article:

 

Node 4

Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.

Subscribe

Categories

Featured Posts

Last Updated: 4/11/22