Katie D. Kenney

Katie Kenney’s fellow attorneys are quick to praise this health-care specialist. And why not? Kenney might only be 35, but she’s already delivered a steady stream of positive results for her clients. It’s why Kenney is quickly gaining a reputation as a top privacy and security specialist in the Chicago region.

Kelly Dineen, assistant professor and director of the health law program at Creighton University, said that Kenney’s early success is no surprise to her.

“Katie is a superstar among a group of talented young health lawyers,” Dineen said. “She has excelled in her field and built a unique and valuable expertise in health privacy and security.”

Kenney has focused on the issues of domestic and international privacy, security and breach matters, protecting the interests of her clients, including health-care clients, for more than a decade. At the start of her career, she played a key role in developing policy around breach notification and advising on the audit protocol and selection criteria for the Office for Civil Rights’ HIPAA Privacy and Security Audit Program.

Today, clients actively seek Kenney’s health-care privacy and security counsel, not just in Illinois but across the nation and the globe. She has successfully assisted several clients in responding and defending against the Office for Civil Rights’ investigation of HIPAA privacy breaches. She has also helped clients implement sweeping privacy regulations, including GDPR and CCPA, across their entire systems to ensure compliance with complicated regulations.

“Katie is a practical, personal and professional attorney,” said Lauren Groebe with Chicago’s Morgan Lewis & Bockius LLP. “Her counsel is sound and quickly provides clients the instruction and insight needed to achieve their data protection, sharing or investigative needs.”

While Kenney has used her knowledge and legal skills to build a busy career, she has also found time to mentor younger attorneys, serve as a leader with the American Health Lawyers Association’s Health Information and Technology Practice Group and write extensively on health-care privacy and breaches. Kenney has even created and published tools for the industry to use when complying with HIPAA’s requirements for breach assessment.

“Katie pours her passion into this sector,” Groebe said. “Her clients can tell they are working with the best when Katie offers advice. Katie is exceptional in the area of advising any client type on any health-care privacy issue.”

Meera Patel, senior consultant with Cardinal Health, has long worked with Kenney, who serves as outside counsel for Cardinal on topics relating to HIPAA, HITECH and breach regulatory matters. Patel says that Kenney displays all the qualities that she looks for in outside counsel: Kenney is responsive, completes work on or before deadlines, boasts impeccable attention to detail and is strategic.

“Katie always shows a keen interest in learning more about our company and business sectors, which lends her to providing very tailored legal advice rather than a one-size-fits-all answer,” said Patel. “She is always willing to go the extra mile to explain her analysis and strategy and is even willing to do so for the business stakeholders in a way that they can understand.”