Global head of digital health, IT, cyber and privacy audit at a global medical device and healthcare organization. He manages a global team responsible for enterprise risk management across the organization and conducting audits, assessments and advisory engagements. He has spearheaded multinational global audits and assessments in several areas, including enterprise resource planning systems, global data centers, cloud platforms (i.e., Amazon Web Services), third- party manufacturing and outsourcing reviews, process re- engineering, and improvement, global privacy assessments (EU Data Protection Directive, the US Health Information Portability, and Accountability Act [HIPAA], the EU General Data Protection Regulation [GDPR]), and FDA guidance specific to medical device cyber-security over the past several years. He previously worked as an advisory consultant for leading consulting firms and multinational companies.
Khan frequently speaks at national and international conferences on topics related to data privacy, cybersecurity and risk advisory. He volunteers as an ISACA® Journal article reviewer and contributes actively to the ISACA Journal and blogs. He also serves on the Digital Healthcare Committee for ISACA recommending industry leading thought leadership and guidance for the organization members.
Khan received his Bachelors and Master’s degree in Information Systems from DePaul University. He later obtained a Business Administration certificate from The University of Chicago. Complimenting his education, Khan has several certifications from leading organizations, including Information Systems Audit and Control Association (ISACA) and International Association of Privacy Professionals (IAPP). Khan is a Certified Information System Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Manager (CIPM), Certified Data Privacy Solutions Engineer (CDPSE) and Six Sigma Certified Green Belt. He is a recipient of a prestigious award from ISACA, the John W. Lainhart IV Global Award, for recognition his major contributions to the development and enhancement of the common body of knowledge used by the ISACA organization and its members.
In my pastime, I participate in marathons around the world, road cycling, hiking with his kids at national parks and helping support aspiring young leaders as a mentor.
Research Area
Internet of Things, Management Information Systems, Security
Specific Research Area
Global Enterprise Resource Planning (ERP) systems, Information Systems Management across multi-tiered support models, Captive IT Center Capabilities, Robotic Process Automation, Cybersecurity (specifically IoMT), Global Privacy Regulations and Advanced Industrial Controls Systems in Manufacturing Space, particularly in Pharmaceutical and Medical Device Manufacturing
Professional Associations
Information Systems Audit and Control Association, International Association of Privacy Professionals, The Institute of Internal Auditors