Lenny Levy, VP & CISO at Providence St. Joseph Health

Leonard (Lenny) L. Levy, MBA, CISSP, CISA

Leonard (Lenny) Levy is an accomplished information security executive with over 20 years’ experience addressing cybersecurity challenges.  He is currently the interim Chief Information Security Officer for Providence St. Joseph Health, a $25 billion catholic healthcare system.  Previously, he served as vice president, chief information security officer of Spectrum Health, a not-for-profit integrated health system in West Michigan. Lenny was responsible for aligning risk-based strategic security initiatives with enterprise programs and business objectives to ensure information assets and technology platforms are appropriately protected across the entire system. He led an organization of experienced risk and information security professionals focused on embedding security into the organization, mitigating security risks, detecting potential incidents, and responding to issues. His leadership of the information security program supported an innovative, robust, and secure information technology environment throughout the organization.


Lenny has over 20 years of experience with diverse information security / technology topics across industries including healthcare, financial services, technology, retail, and government.  Prior to joining Spectrum Health in 2016, Lenny spent the majority of his career consulting on Information Security topics for organizations around the world with PricewaterhouseCoopers (PwC) LLP based in the United States and Singapore. At PwC he established track record of successfully managing large-scale complex projects, developing risk-driven security programs and delivering solutions that supported critical business initiatives.

Client experience at PwC included transformational security projects, developing pragmatic cybersecurity strategies, helping organizations leverage public and private clouds, responding to data breaches, addressing evolving regulatory requirements and implementing pragmatic solutions to reduce risk.  Example healthcare clients included HCA, Mayo Clinic, Dignity Health, Singapore Ministry of Health, United Health Group, Abbott Laboratories, Merck, Walgreens and CVS.  Other notable clients included Microsoft, Walmart, Delta Air Lines, Citibank, Temasek, Expedia, and Infocomm Development Authority of Singapore.

Lenny is a thought leader in the privacy and security industry and sought after speaker. In addition, he has published numerous articles on cybersecurity, security strategy, data breach response, global data protection requirements, and cloud computing.

He holds a Bachelor of Science in decision and information sciences from the University of Florida and a Master of Business Administration from the Fuqua School of Business at Duke University. He holds Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA) certifications.


Lenny is an active contributor to the cybersecurity industry and relevant industry groups. He has been actively involved in a number of groups including the Department of Health and Human Services (HHS) 405(d) Cybersecurity Task Group, Department of Homeland Security (DHS) Healthcare and Public Health Sector Coordinating Council, Multiple Sclerosis Society Leadership Class, InfraGard, Michigan Healthcare Cybersecurity Council  (MiHCC), Association for Executives in Healthcare Information Security (AEHIS), College of Healthcare Information Management Executives (CHIME), American Chamber of Commerce in Singapore and Information Systems Audit and Control Association. He previously served as co-chair for the International Association of Privacy Professionals (IAPP) Singapore KnowledgeNet and president of the Metro Atlanta Information Systems Security Association (ISSA).


 Updated November 2018