Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

Joe D. Gillespie, MHS, RHIA, CHPS, FACHDM, Senior Privacy/Security Consultant

Joe D. Gillespie specializes in conducting HIPAA privacy and breach management program evaluations, merger and acquisition due diligence, ongoing HIPAA Programs guidance, risk analysis, policies and procedures, and preparing customers for regulatory and industry standards audits.

Joe has conducted more than 60 data privacy evaluations as well as hundreds of security risk analyses for both covered entities and business associates.

  • Master’s degree in health services administration (MHS), Registered Health Information Administrator (RHIA), certified in Healthcare Privacy and Security (CHPS) through the American Health Information Management Association (AHIMA), and is a Fellow in the American College of Health Data Management (FACHDM)
  • Consistently successful in assisting customers in the coordination of activities leading up to and including surveys by the including the Office for Civil Rights (OCR), Medicare Program, Joint Commission, and the multiple State Departments of Health
  • Former Associate Director: University of Kansas, Watkins Health Services; former Chairman: KU Privacy Committee; Member: KU Academic Computing & Telecommunications Committee: served as the HIPAA Privacy and Security Compliance Officer in Watkins and as HIPAA Privacy Official for the Lawrence campus of KU
  • Former Clinical Assistant Professor: University of Kansas Medical Center, School of Health Professions; Former adjunct professor for KU Honors Program; Former adjunct professor at Johnson County Community College, and at Washburn University
  • Former Member, Privacy and Security Practice Council: American Health Information Management Association’s (AHIMA); former member, Editorial Review Board: The Journal of AHIMA (JAHIMA), the official publication of AHIMA
  • Co-author of the “Release of Information Toolkit” and co-author of “Restrictions in Action” published in JAHIMA
  • Former Principal Consultant: CTG Healthcare Solutions, Inc.; and Senior Consultant: Healthcare Computing Strategies, Inc.  HIPAA privacy and security readiness assessments, awareness training, identify the client’s relative areas of risk, as well as developed remediation plans
  • Former Administrator: High Plains Medical Information Network (HPMIN),  a network of 38 hospitals and LTC facilities (1,200+ beds) that contracted with Hays Medical Center (HMC) as an application service provider
  • Co-author of “The Health Information Guide,” a privacy guidebook published by the Kansas Hospital Association and used by all Kansas hospitals for over a decade prior to HIPAA implementation
  • Former Consultant & Interim Director: Health Information Management (HIM) Departments: Hebrew Rehabilitation Center, Boston, MA; Greater Southeast Community Hospital, Washington, DC; and Stanford University Medical Center, Palo Alto, CA
  • Former Director, Health Information Management: Via Christi Regional Medical Center, Wichita, KS
  • Former Administrator, Health Record Services; and former Director, School of Medical Transcription: The Williamsport Hospital, Williamsport, PA
  • Former Director, Medical Record Department: Self Memorial Hospital, Greenwood, SC
  • Provided data gathering assistance to:
    • Genentech, during human clinical trials that led to the creation of Tissue Plasminogen Activator (tPA)
    • U.S. Centers for Disease Control in their studies and publication or three articles concerning a significant mumps outbreak at the University of Kansas


  • American Health Information Management Association (Emeritus)
  • American College of Health Data Management (Fellow)
  • Health Information Management Systems Society
  • International Association of Privacy Professionals