Skip to main content

Fundamentals of Privacy Law 2018


Speaker(s): Andrew N. Siegel, C├ęcile Georges, Christopher J. Bender, Deirdre Potts, Elaine C. Zacharakis, Elise Houlik, Joseph V. DeMarco, Julissa L. Milligan, Kelly A. Harris, Ken Mortensen, Marshall L. Miller, Peter F. McLaughlin, Peter J. Guffin, Ronald E. Plesco , Sandra Maliszewski, Sylvia Khatcherian
Recorded on: Dec. 21, 2018
PLI Program #: 219400

Cécile Georges is the Global Chief Privacy Officer (CPO) of ADP. She has led the Data Privacy and Governance Team, which is part of the Global Compliance organization, since December 2016. The Team provides advice and operational guidance to all ADP business units globally, and is responsible for the design and implementation of ADP’s enterprise-wide compliance programs with respect to the protection of personal information.

In her previous role as the lead lawyer for the Asia-Pacific region, Cecile relocated from Paris, France to Singapore, where she supported the geographical expansion of ADP in the Asia-Pacific region. Cecile joined ADP in 1999 and was instrumental in building the Legal function in France. In 2006, she was appointed as the head of Legal for Europe and was promoted to VP, Assistant General Counsel. In 2011, her scope was expanded and she was responsible for all of ADP International Legal. Cécile has always been focused on the development of performance-driven teams that deliver excellent services to the business and ADP clients.

Most recently, Cécile has been involved in a number of international and domestic Webinars/Conferences providing expertise and thought leadership on the operationalization of the European General Data Protection Regulation, Binding Corporate Rules and Privacy compliance programs.

Cécile holds a Magistère (Masters) in Information Technology Law and passed the Paris Bar.


Christopher J. Bender is a systems security and integration professional with 30 years of experience in the public and private sector.  Mr. Bender has worked with national and international clients in the financial services, healthcare, energy, defense, aerospace, and transportation sectors accomplish change and taking on new initiatives securely and effectively.

Mr. Bender has developed approaches and methods for working with diverse programs and systems that leverage risk management and business value processes to execute and deliver results that cross technical, legal, and operational domains.  Mr. Bender has led initiatives that have transformed organizations such as introducing systemic risk management to oversight and governance programs; implementing enterprise level security programs that span disparate systems and operating units while influencing the corporate culture for security; and transforming decades old development and infrastructure groups at banks to embrace DevOps and Continuous Integration/ Continuous Deployment (CI/CD).

Mr. Bender is currently the President of the Northcross Group (NCG).  NCG provides professional consulting and program services for mergers and acquisitions, program development, platform migrations, system conversions, and incident response.

Prior to NCG, Mr. Bender was the Vice President of Technology for Millennium Information Systems (MIS), a systems engineering firm supporting the FAA and DOD, as well commercial aerospace.  Mr. Bender was the Lead Architect for the FAA’s Air Transportation Oversight System (ATOS), which implemented a system safety approach for risk management to the oversight program of commercial air carriers.  Mr. Bender was an acting ISSO for the FAA’s Flight Standards Division immediately after 9/11 and led data classification efforts and control assessments for the Division. 

Mr. Bender is a Certified Information Systems Security Professional, CISSP.  Mr. Bender holds a Masters of Science in Information Systems and a Bachelors of Arts in Economics from GW University.  Mr. Bender was adjunct faculty at GW from 1994-1995 in the Columbia College of Arts & Science, and Graduate Program instructor for the Engineering School’s Risk Management program from 2012-2017.  Mr. Bender has a graduate certificate from the University of Virginia in organizational development.


Elise Houlik is Vice President and Senior Managing Counsel on Mastercard’s Privacy and Data Protection legal team.  Based in the company’s Global Headquarters in New York, Elise manages a cross-functional team of lawyers responsible for ensuring privacy and data protection compliance while advancing business innovation utilizing a privacy by design methodology.  She is engaged in product development processes including core business, digital payments, marketing, and enterprise partnerships on a worldwide basis.  Elise oversees detailed analysis of emerging data protection laws, regulations and policies across the globe, counseling teams on the impact the changing privacy regulatory environment has on the company and its strategic objectives.

Elise formerly served at Associate General Counsel at Fannie Mae in Washington, D.C.  As lead Privacy & Cybersecurity Counsel for the company, she advised on a number of wide-scale privacy and data security matters and served as a strategic partner with business divisions throughout the company to implement best practices.  Her responsibilities ranged from risk analysis and governance over the transmission, security, use and management of corporate and personally identifiable information, to the development of policies, procedures and training over the same.  Elise provided legal guidance on compliance with relevant state, federal, and international data protection regulations; data breach event response and remediation; insider threat management; emerging technologies; social media; mobile applications; and negotiation of contract terms and non-disclosure agreements concerning the protection of personal and corporate confidential data.  She also served the company’s primary counsel on Freedom of Information Act (FOIA) matters, and was actively engaged in the preparation and delivery of responses to regulatory bodies concerning privacy and information security matters.

Active in the greater privacy community, Elise is on the Steering Committee of the Sedona Conference’s Working Group 11 (Data Security & Privacy Liability).  She is Senior Editor of the group’s first publication, the Data Privacy Primer.  In Washington, D.C., Elise served as Co-Chair of the International Association of Privacy Professionals (IAPP) Washington, DC KnowledgeNet Chapter.

Elise received a juris doctor from George Washington University Law School after completing her bachelor of arts studies in English at Johns Hopkins University.  She is a Certified Information Privacy Professional (CIPP-US) and is admitted in the State of Maryland, the District of Columbia, and as In-House Counsel in the State of New York.


Joseph V. DeMarco is a partner at DeVore & DeMarco LLP where he specializes in counseling clients on complex issues involving information privacy and security, theft of intellectual property, computer intrusions, on-line fraud, and the lawful use of new technology. His years of experience in private practice and in government handling the most difficult cybercrime investigations handled by the United States Attorney’s Office have made him one of the nation’s leading experts on Internet crime and the law relating to emerging technologies.

From 1997 to 2007, Mr. DeMarco served an Assistant United States Attorney for the Southern District of New York, where he founded and headed the Computer Hacking and Intellectual Property Program, a group of five prosecutors dedicated to investigating and prosecuting violations of federal cybercrime laws and intellectual property offenses. Under his leadership, cybercrime prosecutions grew from a trickle in 1997 to a top priority of the United States Attorney’s Office, encompassing all forms of criminal activity affecting e-commerce and critical infrastructures including computer hacking crimes; transmission of Internet worms and viruses; electronic theft of trade secrets; illegal use of “spyware”; web-based frauds; unlawful Internet gambling; and criminal copyright and trademark infringement offenses. As a recognized expert in the field, Mr. DeMarco was frequently asked to counsel prosecutors and law enforcement agents regarding novel investigative and surveillance techniques and methodologies, and regularly provided advice to the United States Attorney concerning the Office’s most sensitive computer-related investigations. In 2001, Mr. DeMarco also served as a visiting Trial Attorney at the Department of Justice Computer Crimes and Intellectual Property Section in Washington, D.C., where he focused on Internet privacy, gaming, and theft of intellectual property.

Mr DeMarco is on the panel of approved neutrals of the American Arbitration Association (AAA) where he focuses on resolving disputes between businesses involving data privacy, high-technology and commercial law issues.  He speaks frequently on the benefits of ADR in the area of data security and privacy litigation.

Since 2002, Mr. DeMarco has served as an Adjunct Professor at Columbia Law School, where he teaches the upper-class Internet and Computer Crimes seminar. He has spoken throughout the world on cybercrime, e-commerce, and IP enforcement. He has lectured on the subject of cybercrime at Harvard Law School, the Practicing Law Institute, the National Advocacy Center, and at the FBI Academy in Quantico, Virginia, and has served as an instructor on cybercrime to judges attending the New York State Judicial Institute.

Prior to joining the United States Attorney’s Office, Mr. DeMarco was a litigation associate at Cravath, Swaine & Moore in New York City, where he concentrated on intellectual property, antitrust, and securities law issues for various high-technology clients. Prior to that, Mr. DeMarco served as law clerk to the Honorable J. Daniel Mahoney, United States Circuit Judge for the Second Circuit Court of Appeals.

Mr. DeMarco holds a J.D. magna cum laude from New York University School of Law. At NYU he was a member of the NYU Law Review. He received his B.S.F.S. summa cum laude from the Edmund A. Walsh School of Foreign Service at Georgetown University.  Mr. DeMarco is active in numerous professional associations including the:

  • International Bar Association (Technology and Litigation Sections);
  • International Association of Korean Lawyers (Regional Governor, New York Region);
  • New York State Bar Association, ADR Section;
  • New York State Bar Association, Commercial and Federal Litigation Section (Co-chair, Internet and IP Committee, 2009-present);
  • Connecticut Bar Association;
  • Fairfield County (CT) Bar Association;
  • New Haven County (CT) Bar Association;
  • New York City Bar Association (Co-Chair, Information Technology Law Committee; Past
  • Member, Copyright Committee); and
  • The Copyright Society of the U.S.A.

Mr. DeMarco is a Martindale-Hubbell AV-rated lawyer for Computers and Software, Litigation and Internet Law, and is also listed in Chambers USA: America’s Leading Lawyers for Business guide as a leading lawyer nationwide in Privacy and Data Security. He has also been named as a “SuperLawyer” for his expertise and work in the area of Intellectual Property Litigation. He has published numerous articles and appeared on major news programs in his practice areas; is a member of the Professional Editorial Board of the prestigious Computer Law and Security Review (Elsevier); and serves on the Board of Advisors of the Center for Law and Information Policy at Fordham University School of Law.

Mr. DeMarco has received numerous professional awards, including the U.S. Department of Justice Director’s Award for Superior Performance, as well as the Lawyer of Integrity Award from the Institute for Jewish Humanities. In his spare time he enjoys parenting, golf, and listening to classical piano.


Julissa Milligan is a visiting professor in the BU/MIT Technology & Cyberlaw Clinic, in which law students at BU advise MIT researchers and entrepreneurs about legal risks arising from innovative research and startups. Julissa teaches a technology and cyberlaw course and supervises students as they counsel clients on data privacy, cybersecurity, computer crimes, tort, and contract issues arising from innovation uses of technology. Her research focuses on cybersecurity and privacy issues, and she is a member of BU’s Cybersecurity, Law, & Society Alliance—an interdisciplinary collaboration between computer science researchers, law professors, and social scientists focused on cybersecurity issues.

Before joining the BU Law faculty, Julissa represented technology companies in privacy and data security litigation and regulatory enforcement actions at Perkins Coie LLP. Julissa’s practice spanned the legal lifecycle—she counseled companies on risks arising from innovative products, defended entities facing regulatory investigations and enforcement actions, and represented technology companies in privacy and data security-related litigation at the district and appellate levels. She briefed and advised communications companies on electronic surveillance issues, including questions under the First and Fourth Amendments. Julissa also analyzed issues arising from cyberterrorism investigations as an intern for the Department of Justice’s National Security Division, Counterterrorism Section.

Julissa received her JD from Harvard Law School, where she served as editor-in-chief of the Harvard National Security Journal and as an editor of the Harvard Journal of Law and Public Policy. While at Harvard Law, Julissa obtained a Mead Cross Cultural Research Grant to fund her research on Turkish constitutional law and received a Heyman Summer Fellowship. She graduated summa cum laude from Wheaton College (IL).


Marshall L. Miller is Of Counsel in the Litigation Department at Wachtell, Lipton, Rosen & Katz. His practice concentrates on representing and advising corporations, board members, and senior executives with respect to internal investigations, cybersecurity, regulatory compliance, criminal defense, and civil litigation.

Before joining the firm, Mr. Miller served as the Principal Deputy Assistant Attorney General and Chief of Staff of the Criminal Division of the Department of Justice, where he supervised over 600 federal prosecutors, oversaw DOJ’s highest profile criminal prosecutions, and helped determine and implement DOJ priorities and policies. In that position, Mr. Miller supervised the Computer Crimes & Intellectual Property Section (CCIPS), DOJ’s flagship unit that combats cybercrime, and oversaw the creation and launch of its Cybersecurity Unit. He testified on Capitol Hill, briefed Congressional staff, and advised executive branch officials on initiatives ranging from improving cybersecurity to combating kleptocracy. Mr. Miller personally managed and coordinated the successful Senate confirmation process for the Attorney General of the United States.

Mr. Miller joined DOJ’s Criminal Division from the United States Attorney’s Office for the Eastern District of New York (EDNY), where he worked as an Assistant United States Attorney for approximately 12 years. At the EDNY, Mr. Miller served in a number of leadership positions, ultimately as the Chief of the Criminal Division, overseeing all of its criminal prosecutions and the launch of the Office’s National Security & Cybercrime section.

At DOJ, Mr. Miller conducted and supervised the successful prosecution of some of the world’s most significant corporations, corporate executives, cybercriminals, members of Congress, and international terrorists. For his work, Mr. Miller received a number of DOJ’s highest awards, including an Attorney General’s Award for Excellence in Furthering the Interests of National Security and a Director’s Award for Superior Performance. He has also received awards from the New York City Bar Association, the Director of National Intelligence, the Federal Law Enforcement Foundation, and the National Association of Former United States Attorneys.

Mr. Miller co-founded the EDNY Federal Criminal Prosecution Clinic at NYU Law School, and taught as a full-time and adjunct law professor at NYU from 2003 through 2012. Mr. Miller clerked for United States District Judge Allyne R. Ross. He earned both his J.D. and B.A. from Yale.


Peter J. Guffin is a partner at Pierce Atwood LLP and heads the firm’s Privacy & Data Security practice.  He regularly advises clients with respect to compliance with state, federal, and international laws and regulations relating to privacy and data protection, as well as with respect to data security incidents, ranging from internal investigations, incident response, breach notification obligations, communications with regulators, risk mitigation, and litigation strategies.

Guffin also is a Visiting Professor of Practice and Co-Director of the Information Privacy Law Program at the University of Maine School of Law (teaching information privacy and cybersecurity law).

Guffin is a graduate of University of Pennsylvania Law School and Rutgers College (magna cum laude; Phi Beta Kappa).  He has been listed since 2014 in the Best Lawyers in America for Copyright Law, Trademark Law, and Litigation-Intellectual Property.  In 2017, he was among a distinguished group of leading privacy law scholars and practitioners selected to serve as an independent arbitrator for EU-US Privacy Shield Program by the US Department of Commerce and EU Commission.  He is a Certified Information Privacy Professional (CIPP/US, CIPP/E), International Association of Privacy Professionals.

His publications include: Author, Why Study Privacy Law?, Maine Bar Journal, Volume 33, Winter/Spring 2018; author, Chapter titled “The Electronic Communications Privacy Act” in “Data Security and Privacy in Massachusetts, book published by MCLE Press (2018); co-author, PLC Intellectual Property and Technology, State Q&A, Right of Publicity Laws; Maine (last updated 2017); co-author, Foreword, 66 ME. L. REV. 369 (2014) (Maine Law Review Symposium, Who’s Governing Privacy? Regulation and Protection in a Digital Era (2014)); founder and author of the blog, Privacy Law Perspectives, www.privacylawperspectives.com.

His recent presentations include:

  • “Why Privacy Matters,” Maine State Bar Association Annual Bar Conference (June 2018)
  • “Transparency and Privacy: Court Records and E-Filing in Maine,” Maine State Bar Association Annual Bar Conference (June 2018)
  • “The EU General Data Protection Regulation: What Researchers Need to Know,” presentation at Research Integrity Symposium (May 2018)
  • “The NAIC Insurance Data Security Model Law: What Insurers Need to Know,” presentation at education session of Members Participation Council meeting of the National Organization of Life and Health Guaranty Associations (April 2018)
“Beyond Ethics – Privacy, Cybersecurity and Data Breach Notification Laws Affecting Lawyers,” CLE presentation sponsored by the Maine State Bar Association and the Maine Board of Overseers of the Bar (November 2017)


Ronald E. Plesco, Jr. is an internationally known information security and privacy attorney with over 18 years’ experience in cyber investigations, information assurance, privacy, identity management, computer crime and emerging cyber threats and technology solutions. Ron is a Principal in KPMG’s Cyber Response Services practice. Ron joined KPMG in 2012 after a distinguished career in the private and public sectors and is a frequent speaker nationally. Prior to joining KPMG, Ron was the CEO of the National Cyber Forensics and Training Alliance (NCFTA), where he managed the development of intelligence that led to over 400 worldwide cyber crime arrests in four years and prevented over $2 billion in fraud. Notable NCFTA intelligence-led arrests include Ghost Click, Anonymous, Coreflood and multiple online frauds.

Professional and Industry Experience

Ron is a seasoned professional and recognized leader with experience in:

  • Cyber Incident response and investigation
  • Cyber Threat Intelligence
  • Cyber Crime Threats
  • Credit Card Fraud
  • Identity and Information Theft
  • Identity Management
  • Information Assurance
  • Risk and Compliance
  • Project Management
  • Brand Development/Management
  • Privacy

Publications and Speeches 2016-2017

  • Global Information Security Workshops
  • Why the age of related automobiles presents a 'very actual menace' in cybersecurity Cloud Computing and Help Desk
  • Why the age of connected cars presents a ‘very real threat’ in cybersecurity TechRepublic
  • Debt Buyers Association International Conference
  • Debt Buyers Association Annual Security Conference Cyber Security Roundtable
  • Detroit Auto Show speaker, Co-author Paper
  • Your Connected Car is Talking. Who’s Listening? KPMG
  • 5 Insights Into Venture Capital Entrepreneurs Need to Know Now Entrepreneur
  • ICBA (DC) Breaking Barriers Symposium
  • Fraud and Security Seminar hosted by FL West Coast Chapter of the Institute of
  • Internal Auditors
  • Understanding Cyber Security speaker
  • KPMG Real Estate CFO Roundtable (and Emerging Accounting Issues) speaker
  • ECCI Board of Advisors
  • Commonwealth of PA Innovation Showcase panel
  • Global Cyber Alliance Strategic Advisory Committee
  • LA Auto Show keynote speaker
  • Sutherland/KPMG FinTech Program on the Risk of Cyber Fraud in the Payments Industry
  • NASPP Data Jargon Workshop

Notable Media Appearances

  • CBS Evening News
  • CNBC
  • 60 Minutes
  • ARD Germany
  • Canadian Broadcasting Company

Honors and Awards

  • Winner, Most Influential People in Security, Security Magazine, December 2010
  • Winner, Editors’ Choice Award, Secure Computing Magazine, 2010


Mr. Siegel is General Counsel and Chief Compliance Officer of Galaxy Digital LP, a diversified financial services firm dedicated to the digital currency and blockchain sectors.

Prior to Galaxy Digital, Mr. Siegel served in a variety of legal and compliance roles for Perella Weinberg Partners, a financial services firm providing advisory and asset management services to a global client base.  Prior to joining Perella Weinberg, Mr. Siegel was General Counsel and Chief Compliance Officer of Stanfield Capital Partners LLC, an alternative asset manager based in New York. Prior to joining Stanfield, Mr. Siegel served in the law division of Morgan Stanley, initially advising the Mergers and Acquisitions Department. Ultimately, Mr. Siegel was the senior attorney responsible for advising Morgan Stanley Investment Management’s alternative investment funds, including its private equity funds, venture capital funds, hedge funds and fund of funds. Previously in his career, Mr. Siegel was a corporate attorney at Shearman & Sterling where he focused on public and private mergers and acquisitions, private equity transactions and join ventures.

Mr. Siegel is admitted to the Bar of the State of New York and has been designated a Certified Regulatory and Compliance Professional by FINRA.

Mr. Siegel received a Bachelor of Arts in Political Science, magna cum laude, from Tufts University and a Juris Doctor, summa cum laude, from Washington College of Law at American University where he was an editor of The American University Law Review.


Elaine Zacharakis specializes in technology and privacy law, managed care, corporate health care transactions and health care regulatory matters. Over the course of her career, Ms. Zacharakis has represented the full spectrum of health care entities, including hospitals, pharmaceutical and medical device companies, health technology vendors, health insurance companies, managed care organizations, physicians, home health organizations, ambulatory surgery centers, pharmacy benefit managers and disease management organizations.

Some of Ms. Zacharakis’ representations include:

  • Representation of numerous healthcare entities in:
  • Negotiating their health portal and health care exchange agreements and information technology agreements.
  • Digital/internet matters and information technology matters.
  • IT department personnel and security officers on a variety of technology contracting matters.
  • Represented a Fortune 500 health care company on privacy compliance matters.

  • Represented a Fortune 500 pharmaceutical and medical device company in the establishment of their HIPAA compliance program.

  • Served as privacy counsel to establish policies and procedures, data use agreements and HIPAA business associate agreement templates for a business associate.

  • Represented a pharmaceutical and medical device company in the draft of their fraud and abuse policies.

Prior to joining Garfunkel Wild, Ms. Zacharakis maintained her own health, technology and privacy law firm, served as in house counsel with Baxter Healthcare Corporation and consulted and programmed management information systems with Accenture.

Ms. Zacharakis is the current chair of the ABA Health Law Section’s eHealth, Privacy & Security Interest Group and member of the legal task force at Healthcare Information and Management Systems Society (HIMSS). From 2004 to 2016, Elaine was an adjunct professor at the Beazley Institute for Health Law at Loyola Law School and the Center for Information Technology and Privacy Law at the John Marshall Law School. She is a prolific writer and speaker.

Ms. Zacharakis graduated from Columbia University’s School of Engineering & Applied Science in 1988 and Notre Dame Law School in 1994.


After several years in-house, I now counsel clients with respect to a broad range of technology transactions, privacy and security issues. These predominantly touch:

  1. Technology licensing and services, especially with health applications and mobile solutions;
  2. Innovative uses of information and technology, particularly digital health and life sciences, wearables, and big data analytics;
  3. The international movement of personal data, especially with respect to the EU, GDPR preparedness, and Privacy Shield compliance; and
  4. Information security programs, security reviews, and post-incident responses with management of forensic teams.

These scenarios range from privacy compliance assessments and product development to venture/M&A deals and extensive commercial and technology transactions.

I have presented at: RSA Conference; mHIMSS; IAPP; HIPAA Summit; PLI; World IP Forum; and other organizations.


Deirdre Potts is an Associate Director of Compliance at Point72 Asset Management, L.P. in Stamford, Connecticut. From 2014 to 2016, she served as a Legal Associate at Renaissance Capital LLC. Prior to 2014, she practiced commercial litigation in Alexandria, Virginia. Ms. Potts received her B.A. from University of Virginia. She received her J.D., magna cum laude, from George Mason University School of Law.


Kelly Harris is Vice President, Privacy & Cybersecurity at Prudential Financial in Newark, NJ.  Before joining Prudential, Kelly spent 6 years helping to build the Privacy program at Wyndham Worldwide.  She started her legal career as an associate with Kirkpatrick & Lockhart (now K&L Gates) and then Gibbons, PC before going in-house to Japanese pharmaceutical companies Daiichi Sankyo and Otsuka.


Ken Mortensen, Esq., is the InterSystems’ Data Protection Officer promoting and leading Global Trust and Privacy for the company. He is based in their Cambridge headquarters and has global responsibility across the company to enhance information privacy, governance, and cyber risk processes not only in the development and deployment of InterSystems technology, but also in the management of operations and services. Ken focuses on enhancing global trust and privacy throughout InterSystems demonstrating to customers, clients, and stakeholders our commitment to investing and growing the capabilities of InterSystems in order to stay in front of emerging risks for privacy and cybersecurity.

Prior to joining InterSystems, Ken was a Senior Managing Director over at PwC specializing in data protection, privacy, and cybersecurity and led the expansion of PwC’s healthcare privacy offerings. Before that, Ken was the Vice President, Assistant General Counsel & Chief Privacy Officer at CVS Health, where he created the Information Governance Department and was responsible for overseeing enterprise information governance to deliver privacy compliance as well as leading the information security risk management organization to address cyber risks. While at CVS, he oversaw compliance with CVS’s FTC Consent Decree, OCR Corrective Action plan, and PCI program, including securing the first-ever closure letter from OCR. He was also the first Chief Privacy Officer for Boston Scientific responsible for implementing a global privacy and security program and introducing a governance emphasis for risk. 

Prior to that, Ken served in the Administration of President George W. Bush as the Associate Deputy Attorney General for the U.S. Department of Justice, where he was the primary counsel and policy advisor to the Attorney General and Deputy Attorney General on privacy and civil liberties matters. While at Justice, he led the U.S. delegation to negotiate privacy and cybersecurity terms with the European Union as well as oversaw the privacy and civil liberties processes for numerous national security and foreign intelligence programs, including work with the National Security Council related to FISA and EO 12333. Prior to going to Justice, Ken served at the U.S. Dep’t of Homeland Security as part of the team that stood up the Privacy Office at the beginning of the agency eventually as Deputy Chief Privacy Officer.

Before his government service, Ken was a partner in his own law firm as one of the early practitioners of privacy and security law, during which he served as Special Counsel to the Pennsylvania Attorney General. He taught computer law and information policy at Villanova Law School and was an electrical engineer at Burroughs in Large System Design focusing on information assurance and system test.

Ken is a former member of the board of directors for the International Association of Privacy Professionals (IAPP), including serving as Secretary for one year. He currently serves on the IAPP Research Advisory Board and the board of Shared Assessments, an organization focused on addressing third party information risks. Previously, Ken served on the board of the Health Information Trust Alliance (HITRUST) and participated in the development of the privacy control category of the HITRUST CSF. 

Ken currently teaches privacy law at Boston University Law School and cybersecurity law at the University of Maine School of Law. Ken is co-author with Andy Serwin of the West Publishing book, Healthcare Security and Privacy Law, and has authored chapters and sections for other privacy, cybersecurity, and governance risk books and publications. He is an internationally recognized expert on these topics and speaks globally on privacy, cybersecurity, and the governance of information.

Ken is admitted to the bars of Pennsylvania and New Jersey as well as the Supreme Court of the United States. He received his Juris Doctorate from Villanova University School of Law, his MBA from the Villanova University College of Finance, and his Bachelor’s of Science in Engineering degree in Electrical and Computer Engineering from Drexel University. He has a Certificate in Foreign Intelligence Law from the Judge Advocate General's School of Law. He has CIPP/US, CIPP/G, and CIPM certifications from IAPP.


Sandra Maliszewski is currently Vice President, Chief Compliance Officer at Maimonides Medical Center. Previously, she was the Privacy Officer/Research Institutional Officer at AdvantageCare Physicians, PC, one of the largest multispecialty physician practices in the New York metropolitan area. Ms. Maliszewski has more than 25 years of health care experience, having practiced as a family nurse practitioner and licensed midwife in hospital and private practices. Upon graduating from law school, she was an associate at a law firm where she was a member of its health law department and the senior housing, white-collar crime and investigations, HIPAA compliance and health care professionals practice groups. Subsequently, she was Deputy General Counsel, Chief Compliance, Privacy and Research Compliance Officer for the NuHealth System followed by working with a health IT start-up where she developed a mobile app certification program.


Sylvia Khatcherian is the Deputy General Counsel at Bridgewater Associates in Westport, CT.  Bridgewater is an American investment management firm founded in 1975.  The firm serves institutional clients including pension funds, endowments, foundations, foreign governments, and central banks. Bridgewater manages about $160 billion for approximately 350 of the largest and most sophisticated global institutional clients, including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.