Tom Walsh <br> CISSP
Tom Walsh
Founder and
Managing Partner
Read Bio
Kerry McConnell <br> CISSP
Kerry McConnell
Principal Consultant
Read Bio
Keith Fricke, MBA <br> CISSP, PMP
Keith Fricke, MBA
Principal Consultant
Read Bio
Fran Hunter <br> Partner
Fran Hunter
Partner, Business Development
and CustomerCare
Read Bio

A Team You Can Trust.

We have the hands-on experience you need to meet tomorrow’s security/privacy challenges today.


Staffing Model and Assignments

We measure the success of the engagement by the quality of the deliverables, adherence to timelines and budget, and first and foremost your satisfaction.

All consultants have hands-on relevant experience working in the healthcare industry, have solid domain competency in their specialties, and maintain critical certifications that best prepare them to provide you with superior service. Our ‘high availability’ staffing model eliminates a single point of failure with multiple assigned resources for specific expertise required to deliver a quality engagement. Our assignment process incorporates a weekly review to detect and resolve any staffing issue or challenge in a seamless manner as we work behind the scenes on activities as an extension of your workforce.

Consultant key attributes are highlighted below:
  • Average more than 25 years of experience working in the healthcare industry
  • Have either served/functioned as a Corporate Information Security Officer or Privacy Officer for a large healthcare system
  • Skilled in the requirements of multiple standards, frameworks, and regulations
  • Experienced in dealing with OCR investigators and contract auditors for CMS
  • Actively assist multiple customers to guide and develop, monitor, maintain, and improve their HIPAA and cybersecurity programs
  • Provide advisory, hands-on support, and managed services
  • Supporting diverse entities with an understanding of healthcare operational and organizational practices
  • Recognized national experts and frequent contributors to professional organizations

tw-Security has no junior consultants on our staff. Below is an introduction to additional team members:

Tom Zimmerman, MSHA, CPHIMS, CGEIT, CISSP, ITSM, Senior Security Consultant

  • Over 25 years of relevant healthcare information technology experience as a strategic advisor in management, audit, risk analysis, assessing the effectiveness of enterprise general controls, and management of risk; directed/designed forensic monitoring and alerting, adherence to regulatory requirements, industry standards, and frameworks such as HIPAA, NIST, HITRUST and COBIT
  • Former – Cleveland Clinic, Senior Director, Forensics and Information Technology Auditing – Executive Administration – 2005 through August 2019 – this leadership position directed the information systems and forensic auditing functions for an international nonprofit academic health system
Joe D. Gillespie, MHS, RHIA, CHPS, Senior Privacy/Security Consultant

  • Over 40 years of patient privacy experience; 20 years of experience with HIPAA Security.
  • Masters degree in Health Administration, Registered Health Information Administrator (RHIA), Certified in Healthcare Privacy and Security (CHPS) through the American Health Information Management Association (AHIMA)
  • Former Associate Director / Information Management, Privacy and Security official within Watkins Health Center, served as the HIPAA Privacy Official for the University of Kansas
Susan Lucci, RHIA, CHPS, CHDS, AHDI-F, Senior Privacy/Security Consultant

  • Nationally recognized industry expert, speaker, and author with over 35 years of health information management (HIM), HIPAA compliance, and privacy officer experience
  • Currently serves on the American Health Information Management Association’s (AHIMA) Privacy and Security Practice Council, authored the Association for Healthcare Documentation Integrity’s (AHDI) 2017 HIPAA Compliance Guide & Quick Reference, contributed to the AHIMA’s 2018 Breach Management Toolkit and the 2013 HIMSS book, Implementing Information Security in Healthcare: Building a Security Program
Michael Aldridge, MBA, CISSP, Senior Security Consultant

  • Over 25 years of experience in IT and healthcare operations; over ten years of IT security experience
  • Former – Chief Information Officer for Johnson County, KS Government. Responsible for the design, development, release, and maintenance of technology systems and services
  • Former – Executive Director, Aledade. Responsible for all operations of the ACO’s in Kansas and Missouri helping physicians shift from fee-for-service to a value-based health care system
Eileen Kittleson, Data Coordinator

  • Over 30 years of financial, accounting, program/project management support, coordination, scheduling, project tracking, quality, and logistics experience
  • Former – Procter & Gamble Company in various financial supportive roles including Finance Data Coordinator to assist management in decision making in the allocation of resources and forecasting