Glenn M.
Overland Park, KS
Privacy Compliance Advisor & Program Implementation Specialist
$165.00/hr
CURRENT AVAILABILITY INFO
My availability is limited to very short-scope consultations on specific questions Upwork clients may have about data protection or financial services compliance requirements. I'm open to short calls to discuss your needs prior to engaging, but actual consultation projects involve a two-hour minimum of my time.
I am especially interested in engaging with clients who are taking proactive steps to pull together governance programs for their development and uses of artificial intelligence (AI), machine learning, large language models, etc., and are potentially interested in applying the new NIST AI Risk Management Framework to such efforts.
THE SHORT STORY
My core work is helping people create or evolve their information security, personal data privacy, and ethical data use compliance programs. I can help you create specific regulation roadmaps and get to your desired final destinations for them. We can accomplish this together through either having me lead and do the overall work for you or having me mentor your internal resources through doing the work. The more active participation we have from your own internal resources, the stronger your internal AI usage and governance, privacy, and security functions will be. And you will carry on with even more long-term value from our project work together.
One unique skill I can provide is helping you maximize the efficiency of your legal counsel budget. Throughout my career, I have served as a translator between technology/operations areas and attorneys, both in-house and outside counsel. People often "overhire" attorneys to do things that do not require an attorney, because they don't know any other solution to their problem. I can make your attorney legal review of documents go more quickly, and to help you better understand what your attorneys are advising in terms of operational impact of your compliance work.
THE DETAILS
For the last several years, a majority of my work has been on GPDR and CCPA. But I also continue to work on HIPAA for healthcare covered entities and their business associates, and helping companies from all kinds of industries prepare for SOC 2 (and even the newer SOC 3) audits. I have focused a lot of attention on helping my existing clients understand and prepare for Brazil's LGPD--by applying all my past privacy experience and a basic fluency with Portuguese to support that work--and the NIST Privacy Framework. Now, of course, I monitor a lot of the US state-to-state expansions of CCPA-like state privacy laws. And I am currently working through being able to fully support clients in making use of the new NIST Artificial Intelligence (AI) Risk Management Framework.
DOCUMENTATION
The policy and procedure, notice, communications templates, etc., etc. that are necessary outcomes of this work are the things I love to do, and that brought me into this work from my former career in IT documentation and help systems.
For any of your date ethics, privacy, and security policies and procedures documentation needs, I can produce documentation that is fully customized to your business needs very quickly, based on a large library of my own starting-point content and other open-source materials.
ASSESSMENTS & EVIDENCE
When you have an existing data protection program, helping you comply with specific laws and regulations includes doing all kinds of assessments and creating evidence of compliance. This includes a variety of privacy-oriented assessments and all those vendor security questionnaires you may be getting. I can help you with those things whether you have a mature program or are simply trying to respond to a client questionnaire. And if you are new to all of this, and are simply trying to meet an urgent client demand, we can use the response process to help you initiate the formal AI, privacy, and security governance program you are likely needing.
TOOLS CREATION
Some of the specific things I can help you accomplish to meet your privacy (and AI governance or security) compliance needs: Create custom SharePoint compliance tools and sites (where you can track documentation, store and report on compliance evidence, manage training, manage vendors, manage data inventories & data subject requests), create custom e-learning training courses using Articulate 360 (including both Storyline and the rapid-development approach of Articulate Rise 360), and delivering live training and privacy/security compliance mentorship of your staff.
DISCLAIMER:
I am not an attorney. I just have lots of experience working with attorneys in various capacities. If you have potentially experienced some kind of compliance or data breach, I would advise that you first seek legal counsel and then consider involving a consultant or other contractor like me under the direction of your legal counsel. This is the best means of protecting your right to privileged communications.
Work history
Work history
Risk Management, Compliance and Data Privacy Officer
Aug 20, 2021
-
Jun 1, 2022
5.00
"Glenn is a true professional who met or exceeded our every expectation. It is easy to highly recommend Glenn."
Private earnings
Information Security Consultant
Jul 23, 2021
-
Sep 21, 2021
No feedback given
Private earnings
Data Privacy, Data Protection and Cybersecurity: A Comprehensive Course
Sep 10, 2020
-
Dec 21, 2020
5.00
Private earnings
Do-Not-Call Compliance Consultant
Jul 31, 2020
-
Sep 1, 2020
5.00
Private earnings
ongoing data privacy consulting
Nov 15, 2019
-
Jun 29, 2020
5.00
"Excellent background in privacy law and works very well with client. Could not recommend a better data privacy/security consultant."
Private earnings
Privacy Practice Engagement/Project Manager
Nov 19, 2019
-
Feb 14, 2020
5.00
"Glenn is a deeply knowledgeable professional with an outstanding professional demeanor. We were very fortunate to pull him in while we could and look forward to working with him again…
Private earnings
GDPR Compliance Help
May 18, 2018
-
Aug 15, 2019
5.00
Private earnings
GDPR Policy / Compliance Assistance
Jun 25, 2018
-
Aug 15, 2018
4.00
Private earnings
Glenn M. has more jobs. Create an account to review them
Skills
Skills
- Certified Information Privacy Technologist
- Privacy Law
- Corporate Governance
- Information Security Governance
- GDPR
- Policy Writing
- Company Policy
- Data Privacy