Lakeside Consulting Group is a data privacy and information security consulting firm focused on providing premier privacy and security staffing and professional services. We understand the challenges of safeguarding your valuable assets and we are here to help you navigate the complex realm of privacy and cybersecurity. Our team of seasoned experts combines compliance prowess with deep industry knowledge to develop tailored strategies that address your specific needs, vulnerabilities, and aspirations. We don't believe in a one-size-fits-all solution because we know that your business is as unique as a fingerprint.Expertise in areas such as: GDPR, US State Privacy Laws (e.g., CCPA, VCDPA), ISO, NIST, SOX, HIPAA.-Policy and Procedure Development-Data Inventory and Mapping-Risk/Maturity Assessments-Training and Awareness-PIA/DPIA-Transfer Impact Assessments-Notice-Cyber Resilience-IAM-Audit Prep-Incident Responsehttps://www.lakesidecg.com/

Senior leader that identifies client challenges, designs the solutions, leads day to day operations and performance management, and oversees all deliverables to ensure they exceed client expectation. Subject matter expert in operational improvement and compliance with privacy law such as CCPA, HIPAA and GDPR. Build client relationships and accounts with an honest, straight forward, and customized approach.

At Concord we pride ourselves in our ability to translate privacy laws and regulations into effective programs and practical requirements in order to enable business activities. We are experienced in conducting risk assessments, developing privacy by design programs, drafting policies and procedures, audit preparation, and incident management. One of our specialties is in Healthcare, specifically developing and operationalizing strong HIPAA programs, such as training and procedures to handle HIPAA patient rights and release of information (ROI). With our team of privacy experts we can quickly identify, assess, and remediate a wide range of privacy gaps to improve even the most mature privacy programs. We have assisted numerous companies, from fortune 50 to small organizations, address their privacy needs and we look forward to assisting your business.

• GDPR DPIA and Remediation- Conducted a Data Privacy Impact assessment of Medtronic’s Largest Cardiac Business and developed remediation plans to enable the business while concurrently maintaining compliance obligations.• Privacy and Security Risk Assessment- Conducted multiple security and privacy assessments of large scale core business unit’s activities, systems, and medical devices against HIPAA and VA 6500 controls, to include the presentation of findings to business leaders, and development of remediation plans.• Privacy Requirements Development- Developed comprehensive mobile privacy requirements covering a wide range of laws, standards, and self-regulatory programs (e.g., HIPAA, MLA, TCPA, OBA, FTC).• Privacy/Security Consultations- Acted as the privacy and security point of contact for 3 covered entities and numerous business associates, which included identifying and assessing in-scope projects. • Data Mapping- Identified and documented the collection, use, sharing, and retention/deletion of critical business operations and analyzed current practices against compliance obligations• Privacy Procedure Development- Developed, implemented, and trained staff on Privacy Procedures such as uses and disclosures, breach notification, patient rights, and complaint handling. • Training and Awareness- Developed targeted business unit training, such as HIPAA Release of Information, to address unique scenarios and challenges faced by business units acting in both Covered Entity and Business Associate roles.

• Recruiting- Identify privacy and security resources and where necessary prepare them for roles to ensure an ongoing pool of qualified candidates are available to meet delivery needs. • Client Management- Engage with clients to build new relationships, mature existing relationships, and ensure current deliverables are meeting or exceed expectations.• Business Development and Sales-Developed go-to-market plans, developed marketing materials, educated sales and account managers on relevant privacy and security topics, and developed proposals for work to include a 3.5 million-dollar HIPAA security risk assessment program fully staffed by consultants.

-Privacy Leader- Lead the Enterprise Privacy by Design (PbD) consulting team that covered a broad scope including Retail, Clinic, Pharmacy, Plan, Finance, Big Data and Employee privacy. -PbD Program Build- Developed and implemented requirements by regulation/topic (i.e., CAN-SPAM, TCPA, HIPAA, OBA, MLA, Mobile), privacy impact assessment (PIA), risk assessment tools, maturity evaluation models, mapping of control procedures to authoritative sources, and PM tools -Breaches- Performed benchmarking for HIPAA breach analysis, developed procedures for processing unauthorized disclosures and provided Target’s post breach support to investigators, legal counsel and leaders that included prepping documentation for regulators, presenting current state and risks. -Risk Assessment- Established a framework and model for assessing privacy risk and HIPAA compliance. Performed ongoing risk analysis through the Privacy by Design method. -HIPAA- Acted as Targets subject matter expert for HIPAA which included evaluating incidents, consulting on strategic initiatives and providing unique solutions to emerging projects and technologies. These included the Kaiser Permanente clinic expansion in CA and the Target-Optum HSA debit card. -TCPA- Developed standard requirements and disclosures to be compliant with Text and Phone calls to customers and patients. -Big Data/Data Governance- Evaluated Target’s big data environment and initiatives, which included Hadoop, to establish set approval gates and implement privacy requirements to enable automated use of personal information for online personalization projects. -MLA- Collaborated with legal counsel and industry leaders to develop and implement a Mobile Location Analytics program based on the Future of Privacy Forums (FPF) self-regulatory principles

-Privacy Officer responsible for mitigating company risk through policy, training and audits. -Provide development guidance and assist in the identification, implementation, and maintenance of information privacy policies and procedures in coordination with organization management and administration, the Privacy and Security Committee, and legal counsel. -Perform initial and periodic information privacy risk assessments and conducts related ongoing compliance monitoring activities in coordination with the entity’s other compliance and operational assessment functions. -Oversee, direct, deliver, or ensure delivery of HIPAA and privacy training to all employees, volunteers, medical and professional staff, contractors, alliances, business associates, and other appropriate third parties. -Process all scenarios pertaining to patient rights to inspect, amend, and restrict access to protected health information. -Administer sanctions for failure to comply with privacy policies for all individuals in the organization’s workforce, extended workforce, and for all business associates, in cooperation with Human Resources, the information security officer, administration, and legal counsel. -Serve as information privacy consultant to the organization for all departments and appropriate entities.Provide on-going training to professional, clinical and clerical staff regarding the medical record contents and confidentiality. -Develop and manage a departmental budget in excess of a million dollars.

-Manager responsible for collaborating with mid-level management to develop a strategic plan to align the strategies of HR and Management to effectively execute the executive strategies -Develop, implement and manage multiple projects driven to increase staff utilization and quality output by focusing on planning and staffing, education, performance management and organizational development -Provide supervision and day-to-day leadership to 40 staff and work collaboratively with other managers to promote the company’s mission and vision -Responsible for ensuring the success of over 40 staff by providing training, resources and an environment conducive to open communication and opportunities for professional development -Consistently monitor department operations using leading and lagging performance measures that drive managerial decisions in order to ensure individual, department and company objectives are achieved -Ensure efficient use of company resources, maximum utilization of company facilities and provide a safe work environment -Update company policies and procedures to ensure company compliance and viability -Responsible for actively planning and maintaining the department budget by being cognitive of the fiscal responsibilities and impacts of managerial decisions

-Graduated first in class at Boot Camp, Marine Combat Training and Military Police School out of as many as 350 Marines. -Lead complex mounted and dismounted combat patrols during two deployments to Iraq to secure and protect critical areas ofinterest -Acted as lead combat instructor for Moroccan Army providing instruction on non-lethal weapons, close combat, heavy and light machine guns and military tactics -Coordinated combat missions and training exercises in Iraq for Marines (50+) and local Iraqi forces (20+) -Provide personalized training and introduced mission essential information to over 200 Marines through briefs and presentations. -Earned multiple awards, including the Navy and Marine Corps Achievement Medal, while conducting combat operations in Fallujah, Iraq for leadership, communication skills, tactics and strategy development and implementation. -Developed, implemented and managed the practical application of tactics/techniques at over 40 shooting ranges for 102 Marines. -Obtained and actively used "Secret" security clearance

-Assist physicians and nurses in conducting medical procedures and documenting necessary medical information. -Proficiency as EMT to include the use of heart monitors, infusion pumps, automated external defibrillators, IVs and basic emergency medicine supplies. -Assist in maintaining ER operational efficiencies by acquiring and maintaining essential medical tools and devices. -Assist physicians and nurses in triaging patients and coordinating the transport of those patients to their respective locations. -Shadowed physicians in numerous specialties to gain exposure and experience in providing specialized care, such as orthopedic surgery, urology, general surgery, and cardiology