•Lead enterprise-wide cyber security training and awareness program to ensure compliance with industry best practices and requirements•Developed 3-year plan for cyber security training and awareness program focused on risk prevention and mitigation •Implemented a new cyber security training and awareness tool for interactive and effective training and metrics reporting•Write and deploy company-wide communications regarding information security threats and best practices•Conduct PCI training for compliance with PCI standards •Developed policies regarding data retention and unapproved websites to adhere with industry standards•Developed vishing threat video to ensure in-store colleagues are aware of vishing scams and loss-prevention protocol•Draft executive briefing for key executive stakeholders when there is a breach or imminent threat of breach•Conduct new hire orientation training for all new hires in North and Central America•Updated password standard requirements from 8 to 14 characters to further adhere with PCI standard compliance measures

• Create firm-wide communications and educational materials on data protection. • Present firm-wide security training and communication plans to senior leadership• Run simulated phishing campaigns to raise employee awareness of phishing emails. • Created Data Protection Resource Center website to house all data protection materials. • Created first ever AlixPartners Data Handling Guide which serves as short book that provides short explanations of regulatory requirements throughout various industries. • As incident response manage, responsible for reporting data incidents to firm. • Create, maintain, and update all security training.

• Audit client service files through Microsoft excel risk matrix to ensure compliance with regulations and internal policies.• Monitor and educate clients and employees on HIPAA and ACA regulations through presentations. • Present to employees on a monthly basis, changes in federal/state regulations pertaining to compliance.• Answer client and employee questions regarding compliance related issues via telephone and email. • Lead company remediation development process when compliance infraction identified. • Lead company hiring and termination procedures to ensure practices are compliant with federal/state labor laws. • Lead annual employee performance reviews. • Create, maintain, and present HIPAA/privacy security training materials for clients.

• Wrote and published department policies on; vendor risk assessment process, contract administrator training/education, and contract tracking process. • Wrote and developed “Quick Guide to Vendor Compliance.” Quick guide created to be utilized as reference guide for CAs. • Lead second edition of Quick Guide for CAs as well as outward looking quick guide for vendors referencing CMS laws and regulations.• Developed risk based vendor tiering system, based on identified potential risk areas, to monitor vendors.• Developed system to track and summarize general audit reports and input results into overall risk assessment score. • Created vendor compliance risk scorecards for each vendor through implementation of existing risk considerations. • Track(ed) whether contract administrators are taking recommended training and create monthly report based on findings.• Developed first annual Blue Cross Blue Shield of Michigan Vendor Compliance Summit. Summit brought 100 vendors of BCBSM.BCN on campus. Presented on the 7 steps to effective compliance. • Lead and developed enterprise wide marketing campaign for Office of General Auditor and Corporate Compliance. Presented the campaign to the CEO at a companywide event where most company executives were in attendance. • Developed and recorded compliance training modules for contract administrators. • Met with clients both in person and via conference call to present effective compliance and gage where their compliance program is at.

• Conducted HIPAA research/answered questions in regards to compliance of the entire health system. • Answered faculty emails pertaining to whether certain conduct was in compliance with regulation/policy.• Assisted in a legal research project pertaining to the ethics of Do-Not-Resuscitate protocol. Paper was published in medical journal. • Researched consistent questions asked to compliance department and used findings to update the FAQ section of the UMHS Compliance Web Page.• Assisted associate compliance officers in a summer-long project updating pharmaceutical protocol insuring that they were in compliance with updated regulations. Presented findings to compliance department.