case studies

LogicGate Case Study: Blue Cross and Blue Shield of Kansas City

True Blue: The Partnership Between LogicGate and Blue Cross and Blue Shield of Kansas City

When Scott McAdams started his new role as Chief Audit, Compliance & Risk Officer at Blue Cross and Blue Shield of Kansas City (Blue KC) in 2018, he encountered a familiar challenge. Blue KC had a GRC tool in place, but no one was using it.

Scott and his new colleagues recognized that without enduser buy-in and participation, the data in the GRC system wasn't very useful. Luckily, Scott brought a few things along with him from prior experience. These carryovers included deep domain expertise in risk and compliance, as well as LogicGate, a tool he’d used to face down previous GRC challenges.

Scott had implemented LogicGate for Enterprise Risk Management at his previous employer, where he saw firsthand how it helped managers effectively streamline their GRC tasks. In an always-evolving industry like healthcare, edges like this aren’t easy to find. “That’s when my eyes were opened,” he says of his first experience with LogicGate. “I was excited to see how the Blue KC team could also benefit.”

“By having it all in the same system, we can start to realize and benefit from some synergies, versus each of those things living in their own siloes.”

David Stevens
Chief Privacy Officer and DVP of Compliance, Risk, and Information Governance

A New Way Forward

When Scott arrived at Blue KC, he recognized a need for a new way of doing things. The GRC tool in place at the time wasn’t delivering the results Scott needed. Scott and his team needed a comprehensive tool that could be used across the organization. “It was a detriment,” Scott says of the previous tool. “All employees touch the GRC tool in some shape or form, so it’s critical to our culture of compliance. We needed something that offered ease-of-use from access to navigation.”

Blue KC’s adoption of LogicGate coincided with a strategic initiative to evolve the company’s handling of enterprise risk. To help set the new direction, the company brought aboard a dedicated ERM team headed up by Cathy Denesia, Director of Enterprise Risk Management.  “We’re looking to help the organization better prioritize current risks and improve allocation of resources to mitigate risks on the horizon,” Cathy says. “We want to establish a risk tolerance level that fits with strategic planning.”

Keeping It Simple

Managing the sort of changes Blue KC is adopting with its ERM program would be difficult at any company. In a heavily regulated industry like healthcare, it’s even more so. According to Scott, David, and Cathy, LogicGate smoothed the transition by putting the Blue KC team in the driver’s seat. It all comes down to simplicity. “The simplicity of LogicGate’s system allows for new users to very easily start working in the system. Especially on the compliance side, those professionals are the ones who are trying to manage the overall system. They’ve been able to customize and make changes and report from the system very effectively,” David says.

Scott and Cathy join David in saying “ease of use” is their favorite thing about LogicGate. “The ease of use is so critical, especially from my chair,” Scott said. “We want our end users to be partners in our culture of compliance. So the ease of use is really important.” He’s quick to add one more thing: “I also appreciate the ability to generate the reports that we want, not canned reports. Rather than change our program to meet the reporting, we can build reports to meet our needs.”

Looking Ahead

Blue KC has lofty ambitions for the next year. The company plans to roll out an array of new solutions, such as Policy and Procedure, Required Submissions, Reported Concerns, and Third Party Risk Management, as well as a Privacy Risk Assessment. LogicGate will ensure all of them link together and interact with one another.

For example, when the Blue KC team identifies a risk in a particular department, it will be able to link to a policy document that lives in the Policy and Procedure module. This will also trigger the creation of a Key Risk Indicator (KRI) in the ERM program. The three will work together to develop a new data set and enhance Blue KC’s privacy maturity.

Use Case

Enterprise Risk Management

About Blue Cross and Blue Shield of Kansas City

Blue Cross and Blue Shield of Kansas City, the largest not-for-profit health insurer in Missouri and the only not-for-profit commercial health insurer in Kansas City, has been part of the Kansas City community since 1938. Blue Cross and Blue Shield of Kansas City provides health coverage services to more than one million residents in the greater Kansas City area, including Johnson and Wyandotte counties in Kansas and 30 counties in Northwest Missouri.

Our mission: to provide affordable access to healthcare and to improve the health of our members. Blue Cross and Blue Shield of Kansas City is an independent licensee of the Blue Cross and Blue Shield Association. For more information on the company, visit its website at

About LogicGate

LogicGate is an agile GRC process automation platform that combines powerful functionality with an intuitive design to enhance enterprise governance, risk, and compliances programs. With our prebuilt process templates, organizations quickly and efficiently operationalize their GRC activities without requiring support from consultants or corporate IT.

Ready to experience Risk Cloud?

Let's get started! Request a demo today.

Let's Go
Ready to experience Risk Cloud?