Michael W. Pinch Assumes University Chief Information Security Officer Role

Michael PinchMichael W. Pinch, who has served with distinction in his current role as the Chief Information Security Officer (CISO) for the Medical Center, is being tapped to assume enterprise-wide CISO responsibilities for the University of Rochester and its entities, including the Medical Center and its affiliates. Mike will report to the University’s IT Chief Information Officer (CIO) Dave Lewis and work closely with the Medical Center’s soon to be recruited CIO.

Mike’s expanded role recognizes the increasing integration of information technology platforms between the University and Medical Center.  Our ability to roll-out technologies depends on a unified security framework that ensures our electronic information is protected and safe from attacks and data breaches, both intentional and otherwise.  In his new role, Mike is charged with building an integrated infrastructure that over time will create a best-in-class information security program across all University campuses and affiliates.

Mike joined URMC in May 2012 as the first-ever chief information security officer. Since his initial appointment, he has succeeded in building a robust security and compliance team capable of supporting our vast clinical, research and educational enterprises. He implemented numerous new technologies designed to protect vital data, including network access control, next-generation firewalls, intrusion prevention and detection strategies, vulnerability management programs and two-factor authentication.

Mike also oversees the Medical Center’s annual HIPAA risk analysis process, and he was most recently assigned overall responsibility for disaster recovery, business continuity planning, the help desk and desktop support services.

Mike is nationally recognized as a leader in the field of information security, and frequently speaks at security and health care conferences. In addition, he has provided input into the development of national standards for health care and public health sector cybersecurity frameworks.  He has been honored locally as one of the Rochester Business Journal’s 40 Under 40, and he has presented several times at the Rochester Security Summit and at local colleges.

Prior to joining URMC, Mike served as chief technology officer at Palladian Health in Buffalo.  He previously served five years as a project manager at PricewaterhouseCoopers developing national thought leadership and methodologies around cloud computing and controls monitoring system for legacy systems. He has been an adjunct professor at RIT—where he earned his MBA and MS degrees—since 2009. He earned his bachelor’s degree in computer science, with a minor in mathematics, from Union College.