A Team You Can Trust.
We have the hands-on experience you need to meet tomorrow’s security/privacy challenges today.
Staffing Model and Assignments
We are nationally recognized experts supported by a cross-functional, highly skilled, and experienced technical team, making us the best partner to be your vendor of choice. We measure the success of the engagement by the quality of the deliverables, adherence to timelines and budget, and first and foremost: your satisfaction.
A tw-Security executive will serve on your engagement team. We have no “junior consultants” on our staff. All our consultants have hands-on experience working in the healthcare industry. They are experts in their fields, with all the critical certifications necessary to provide you with superior service. We assign multiple specialists to each project to deliver a quality engagement, and work behind the scenes as an extension of your workforce. Our weekly progress reviews ensure that we will quickly and seamlessly detect and resolve any staffing issue or emerging challenges that may arise.
Our consultants:
- Average more than 25 years of experience working in the healthcare industry
- Have either served/functioned as a Corporate Information Security Officer or Privacy Officer for a large healthcare system
- Are skilled in the requirements of multiple standards, frameworks, and regulations
- Are experienced in dealing with OCR investigators and contract auditors for CMS
- Actively assist multiple customers to guide and develop, monitor, maintain, and improve their HIPAA and cybersecurity programs
- Provide advisory, hands-on support, and managed services
- Support diverse entities with an understanding of healthcare operational and organizational practices
- Are all recognized national experts and frequent contributors to professional organizations
Meet our team:
Joe D. Gillespie, MHS, RHIA, CHPS, Senior Privacy/Security Consultant
- Over 40 years of patient privacy experience; 20 years of experience with HIPAA Security.
- Masters degree in Health Administration, Registered Health Information Administrator (RHIA), Certified in Healthcare Privacy and Security (CHPS) through the American Health Information Management Association (AHIMA)
- Former Associate Director / Information Management, Privacy and Security official with Watkins Health Center, served as the HIPAA Privacy Official for the University of Kansas
Susan Lucci, RHIA, CHPS, CHDS, AHDI-F, Senior Privacy/Security Consultant
- Nationally recognized industry expert, speaker, and author with over 35 years of health information management (HIM), HIPAA compliance, and privacy officer experience
- Currently serves on the American Health Information Management Association’s (AHIMA) Privacy and Security Practice Council, authored the Association for Healthcare Documentation Integrity’s (AHDI) 2017 HIPAA Compliance Guide & Quick Reference, contributed to the AHIMA’s 2018 Breach Management Toolkit and the 2013 HIMSS book, Implementing Information Security in Healthcare: Building a Security Program
Shelli Crocker, CISSP, Senior Security Consultant
Certified Information Systems Security Professional (CISSP), former HITRUST Certified Common Security Framework Practitioner and GIAC Security Essentials (GSEC) Gold Status- Over 30 years’ experience in hospitals and academic medical centers, focused on information security and related services
- Former Security Compliance Officer, Children’s Mercy Hospital Information (11 years)
- Former Identity and Access Management Analyst/Engineer, University of Kansas Medical Center (5 years)
Wendell Bobst, Senior Security Consultant
Over 27 years of experience in healthcare IT, and over 20 years of leadership in information systems, strategic initiatives, and security- Former Information Security Officer (ISO), Adventist Health, serving for nearly ten years; created enterprise information security department and program covering 22 hospitals across four states
- Former Vice President of Technology, Children’s Choice Pediatric: a practice group with 20 locations in California
- Key areas of expertise: enterprise risk management, virtual CISO, cybersecurity advisory and tactical services, HIPAA strategies, identity access management and audit solutions, call center security and IT solutions
Evert Berndt, Senior Security Consultant
- Over 40 years of experience in IT with over 35 years of IT leadership and delivery of strategic initiatives; 10 years of risk management, cybersecurity, privacy, and business continuity/disaster recovery
- Key areas of expertise: policy and governance for cybersecurity, privacy, and data risk, risk assessment, risk management, business continuity/disaster recovery
- Former Senior Director, Information Risk Management at Northwestern Mutual, a Fortune 100 insurance and financial services company
Jill Burrington Brown, MS, RHIA, FAHIMA, Senior Privacy/Security Consultant
Nearly 40 years of experience in data privacy, compliance, and risk management program development and oversight- Former Privacy Officer at Skagit Regional Health, Mount Vernon, Washington: for this multi-site healthcare organization, developed and implemented a comprehensive privacy program, including compliance monitoring
- Former Director, Quality Improvement and HIM at EvergreenHealth, Kirkland, WA: responsible for Medical Staff Services, Quality Assurance Department, Risk Management, and Medical Records Department
- Former Assistant Professor, Health Information Technology Program at Missouri Western State University, St. Joseph, Missouri
Mikki Massey, MHA, CHC, CHPC, Senior Privacy/Security Consultant
Over 40 years of experience in hospitals, home health, skilled nursing facilities and health plans; 26 years of experience with HIPAA privacy and security- Former Privacy Officer at Children’s Mercy Hospital (CMH), Kansas City, Missouri
- Oversaw day-to-day management of the HIPAA/Privacy Program, General Compliance, and Health Plan Compliance, including: HIPAA/Privacy Program Compliance; General Compliance; Conflict of Interest Compliance; Research Privacy Compliance; Health Plan Compliance; and Policy Management.
- Master’s degree in Health Administration, Central Michigan University, Kansas City, Missouri
Kathy Elliott O’Neil, CHC, RP-CMMC, Senior Security Consultant
Over 30 years of professional experience in information technology and information security, privacy, and compliance.- Former enterprise security lead compliance manager, compliance officer, and virtual compliance officer for a variety of healthcare organizations (healthcare clinics and integrated health care organizations).
- Experience and knowledge in the compliance regulatory framework environments to include NIST, CMMC (800-171), SOC2, CSF, HIPAA, CSF, GDPR, DFARS, and others.
- Certified in Healthcare Compliance and Registered Practitioner for Cybersecurity Maturity Model Certification (Department of Defense), formerly Certified Data Privacy Solutions Engineer.
Eileen Kittleson, Data Coordinator
- Over 30 years of financial, accounting, program/project management support, coordination, scheduling, project tracking, quality, and logistics experience
- Formerly with Procter & Gamble Company in various financial supportive roles including Finance Data Coordinator, supporting management decision making in the allocation of resources and forecasting
