Protecting Michigan’s Patients: The State’s Healthcare CISOs

Michigan’s healthcare landscape is among the most intricate in the Midwest, encompassing long‑term‑care facilities, sprawling integrated systems, academic medical centers, and a powerful statewide association. This diversity creates a broad attack surface, making patient data protection and system uptime paramount. Recent high‑profile breaches in other states have amplified regulatory scrutiny, prompting Michigan’s health entities to double down on security investments and governance frameworks that align with HIPAA, HITECH, and emerging state mandates.

The CISOs profiled bring a mosaic of experience that reflects the sector’s evolving challenges. Shawn Campbell leverages three decades across automotive, law enforcement, and finance to steer a $500 million long‑term‑care operator, while Scott Dresen’s fifteen‑year journey within a single health system equips Corewell Health with deep institutional knowledge across 22 hospitals and a health plan serving 1.2 million members. Meanwhile, leaders like Tina Basch and Mike Nowak blend insurance, military, and technology expertise, illustrating how cross‑industry skill sets enhance risk management, incident response, and strategic resilience.

These leadership dynamics signal a broader shift: cybersecurity is no longer a back‑office function but a strategic business imperative. As Michigan’s health organizations continue to integrate digital health tools, telemedicine, and AI‑driven analytics, the demand for seasoned CISOs who can translate technical risk into executive language will grow. Stakeholders—from board members to clinicians—must prioritize security budgeting, continuous training, and collaborative frameworks like the Michigan Healthcare Cybersecurity Council to stay ahead of adversaries and protect patient trust.