BakerHostetler
Alumni Login
| Subscribe | Print
Open search/close search button Open menu/close menu button
Services
Professionals
About Us
Offices
News/Resources
Diversity
Pro Bono
Careers
Alumni

Kimberly C. Gordy

She | Her | Hers

Partner

Houston
T +1.713.646.1360
F +1.713.751.1717
Seattle
T +1.206.566.7091
F +1.206.624.7317
kgordy@bakerlaw.com
Download Vcard LinkedIn

Overview

As the Houston Digital Assets and Data Management Leader and member of the Healthcare Privacy and Compliance team, Kimberly counsels clients across the healthcare space on cybersecurity breach response, regulatory defense, and state and federal privacy compliance. She has handled hundreds of privacy and data security incidents, ranging from sophisticated ransomware to employee theft, and approaches each matter with thoughtful nuance and an appreciation of the client’s unique operational needs.

Kimberly guides clients through the initial response, forensic investigation and fulfillment of regulatory obligations, as well as defense related to inquiries from state attorneys general and federal regulators. She has extensive experience advising long-term care clients on the intersection between HIPAA and state privacy law and maintains a special interest in working with healthcare organizations in Indian Country on matters related to the exercise of tribal sovereignty and healthcare compliance. Her work on patient consent is published in the Yale Journal of Health Policy, Law, and Ethics, and she is a frequent speaker on privacy related matters.

Prior to entering private practice, Kimberly served as law clerk to the Honorable George C. Hanks, Jr., and the Honorable Mary Milloy for the Southern District of Texas.

Select Experience

  • Handled data breaches ranging from a single record loss to five million plus records lost with multi-national notification requirements, and attacks ranging from business email compromises to pervasive network compromises by international hacking groups, leading to personal and company extortion attempts.
  • Advised long-term care providers on matters related to federal and state privacy law, Fair Housing Act compliance, ethical and policy issues related to resident autonomy and employment issues.
  • Counseled Native American governments and healthcare organizations on incident response, compliance and policy development.
More »

Experience

  • Handled data breaches ranging from a single record loss to five million plus records lost with multi-national notification requirements, and attacks ranging from business email compromises to pervasive network compromises by international hacking groups, leading to personal and company extortion attempts.
  • Advised long-term care providers on matters related to federal and state privacy law, Fair Housing Act compliance, ethical and policy issues related to resident autonomy and employment issues.
  • Counseled Native American governments and healthcare organizations on incident response, compliance and policy development.
  • Routinely prepares policies and procedures related to privacy, Incident Response Plans, Information Governance policies and communications as part of an overall risk mitigation strategy.
  • Worked with emerging companies and tech start-ups on HIPAA applicability, the role of a business associate and mobile technology related issues.
  • Advises healthcare clients on privacy considerations unique to oncology, mental health, pediatrics and clinical research.
  • Assists clients in post-breach investigations from the United States Department of Health and Human Services Office for Civil Rights, state attorneys general and other regulators arising from large and small data security incidents.

Recognitions and Memberships

Memberships

  • American Health Lawyers Association
  • American Bar Association: Health Law Section
    • Membership Committee: Vice Chair (2016 to 2018)
  • Washington State Society of Healthcare Attorneys

News

News

Press Releases

Blog Posts

Community

  • Tiny Trees Preschool: Board of Directors (2018 to present)
  • The Immunization Partnership: Board of Directors (2016 to present)
  • Junior League of Seattle (2016 to present)
    • Project Development: Vice Chair (2017 to 2018)
  • Texas Children's Hospital
    • Clinical Ethics Committee (2010 to 2020; emeritus member: 2021)

Pro Bono

  • Northwest Immigrant Rights Project
  • Tahirih Justice Center: Featured Pro Bono Attorney (2016)

Services

Industries

Prior Positions

  • The Honorable Mary Milloy, U.S. District Court for the Southern District of Texas, Houston Division: Law Clerk (2013 to 2014)
  • The Honorable George C. Hanks, Jr., U.S. District Court for the Southern District of Texas, Houston Division: Law Clerk (2012 to 2013)

Admissions

  • Texas
  • Washington

Education

  • M.A., Health Policy & Clinical Ethics, The University of Texas Medical Branch, 2012
  • J.D., University of Houston Law Center, 2010; Houston Journal of International Law, Editor-in-Chief
  • B.S., Texas A&M University, 2007, magna cum laude

Blog

In The Blogs

Previous Next
Data Counsel
DSIR Deeper Dive: Regulatory Investigation Landscape
By Kimberly C. Gordy, Patrick H. Haggerty, Lynn Sessions
May 26, 2020
HIPAA-covered entity and business associate breaches continue to draw attention from the Office for Civil Rights (OCR) and other regulators. In almost every HIPAA incident we handled in 2019 involving more than 500 individuals, OCR issued...
Read More ->

Services

Find Professionals

Offices

About Us

Careers

Firm Diversity

LinkedIn Twitter Facebook Instagram Youtube RSS
Subscribe »
© 2022 Baker & Hostetler LLP