Former OCR Privacy Specialist to Speak at Lockpath Ready Summit

Katie Kenney to Provide Insights on Health Care Data Breaches

Published on September 15, 2015

LPRS ImageOVERLAND PARK, KANSAS — According to a recent report, 81 percent of health care organizations have experienced a data breach. Health care organizations possess a wealth of valuable data on their patients, including protected health information, personally identifiable information and cardholder data. The industry is an attractive target for cyber-criminals, and therefore, highly regulated by The Health Insurance Portability and Accountability Act (HIPAA), which includes the Privacy, Security and Breach Notification Rules.

To help attendees of the Lockpath Ready Summit (LPRS) understand health care data breaches, Katie Kenney, Health Care Attorney with Polsinelli, will present the session “Anatomy of a Health Care Data Breach: Reporting, Investigation and Enforcement.” LPRS will be held Oct. 20-21 in Kansas City, Mo.

Kenney specializes in HIPAA issues and delivers particular strength in privacy, security, and breach regulatory issues for covered entities and business associates. Prior to joining Polsinelli, Kenney worked for the U.S. Department of Health and Human Services, Office for Civil Rights (OCR). At OCR, she served as the subject matter expert for breach notification, assisted in the administrative rulemaking process, and actively participated on OCR’s audit team.

“Health care data breaches continue to multiply and are growing in severity,” Kenney said. “Unfortunately, it is no longer a question of whether an entity will experience a breach, but more so a question of when. The entities who proactively evaluate their HIPAA compliance program are the entities that are in a better position to minimize the damage after a breach occurs and in turn, avoid the financial and reputational harm that comes with an OCR settlement.”

During her LPRS session, Kenney will cover the HIPAA regulatory framework for reporting and enforcement and provide practical advice on:

  • Deciding whether, when and how to report
  • Conducting the internal investigation
  • Implementing corrective actions
  • Handling business associate breaches
  • Responding to an OCR investigation
  • Understanding how OCR processes breach reports

“We’re excited to announce Katie’s HIPAA session,” said Chris Caldwell, Lockpath founder and CEO. “With her healthcare privacy and security expertise, and notably having worked for the OCR, she will deliver valuable information to Lockpath’s health care customers.”

Kenney will also join Shared Assessments in LPRS’s panel discussion, The State of HIPAA. For more information and to request an invitation for LPRS, visit


About Lockpath

Lockpath is a market leader in corporate governance, risk management, regulatory compliance (GRC) and information security (InfoSec) software. The company’s flexible, scalable and fully integrated suite of applications is used by organizations to manage risk, demonstrate regulatory compliance, and automate business processes — all in order to achieve audit-ready status. Lockpath serves a client base of global organizations ranging from small and midsize companies to Fortune 10 enterprises in more than 15 industries. The company is headquartered in Overland Park, Kansas. For more information on Lockpath and the Keylight Platform, visit Follow Lockpath on LinkedIn and on Twitter at @Lockpath and @KeylightGRC for the latest in industry, company and product news.


Lockpath Media Contact
Emily Podhajsky

More Press Releases: