PLI PLUS 2.0 is now available – click here to test drive the new platform.
Skip to main content

Fundamentals of Privacy Law 2018

Speaker(s): Andrew Siegel, Cécile Georges, Christopher J. Bender, Deirdre Potts, Elaine C. Zacharakis, Elise Houlik, Joseph V. DeMarco, Julissa L. Milligan, Kelly A. Harris, Ken Mortensen, Marshall L. Miller, Peter F. McLaughlin, Peter J. Guffin, Ronald E. Plesco, Sandra Maliszewski, Sylvia Khatcherian
Recorded on: Dec. 21, 2018
PLI Program #: 219400

Cécile Georges is the Global Chief Privacy Officer (CPO) of ADP. She has led the Data Privacy and Governance Team, which is part of the Global Compliance organization, since December 2016. The Team provides advice and operational guidance to all ADP business units globally, and is responsible for the design and implementation of ADP’s enterprise-wide compliance programs with respect to the protection of personal information.

In her previous role as the lead lawyer for the Asia-Pacific region, Cecile relocated from Paris, France to Singapore, where she supported the geographical expansion of ADP in the Asia-Pacific region. Cecile joined ADP in 1999 and was instrumental in building the Legal function in France. In 2006, she was appointed as the head of Legal for Europe and was promoted to VP, Assistant General Counsel. In 2011, her scope was expanded and she was responsible for all of ADP International Legal. Cécile has always been focused on the development of performance-driven teams that deliver excellent services to the business and ADP clients.

Most recently, Cécile has been involved in a number of international and domestic Webinars/Conferences providing expertise and thought leadership on the operationalization of the European General Data Protection Regulation, Binding Corporate Rules and Privacy compliance programs.

Cécile holds a Magistère (Masters) in Information Technology Law and passed the Paris Bar.

Christopher Bender is a systems security and integration professional with over 34 years of experience in the public and private sector.  Mr. Bender has worked with national and international clients in the financial services, healthcare, energy, defense, aerospace, and transportation sectors accomplish change and taking on new initiatives securely and effectively.

Mr. Bender has developed approaches and methods cybersecurity, integration, compliance and risk management that also focus on overall business value.   Mr. Bender has led initiatives that have transformed organizations such as introducing systemic risk management to oversight and governance programs; implementing enterprise level programs that span disparate systems and operating units while influencing the corporate culture for compliance.  Mr.  Bender has represented banking clients with regulators and has performed third party audit and assessments based on directed action by the OCC, SEC, and FDIC.

Mr. Bender is currently the President of the Northcross Group (NCG).  NCG provides professional consulting and program services for cybersecurity, mergers and acquisitions, program development, compliance, and risk management.

Prior to NCG, Mr. Bender was the Vice President of Technology for Millennium Information Systems, a systems engineering firm supporting the FAA and DOD, as well commercial aerospace.  Mr. Bender was the Lead Architect for the FAA’s Air Transportation Oversight System, which implemented a system safety approach for risk management to the oversight program of commercial air carriers.  Mr. Bender was an acting ISSO for the FAA’s Flight Standards Division immediately after 9/11 and led data classification efforts and control assessments for the Division. 

Mr. Bender is a Certified Information Systems Security Professional (CISSP) and a Certified Data Privacy Solutions Engineer (CDPSE). Mr. Bender holds a Masters of Science in Information Systems and a Bachelors of Arts in Economics from GW University.  Mr. Bender was adjunct faculty at GW from 1994-1995 in the Columbia College of Arts & Science, and Graduate Program instructor for the Engineering School’s Risk Management program from 2012-2017.  Mr. Bender has a graduate certificate from the University of Virginia in organizational development.

Elise Houlik is Senior Vice President and Assistant General Counsel on Mastercard’s Privacy and Data Protection legal team.  Based in the company’s Global Headquarters in New York, Elise is the company’s Privacy Lead for the North American and Latin American & Caribbean markets.  She manages a cross-functional team of lawyers responsible for ensuring privacy and data protection compliance while advancing business innovation utilizing a privacy by design methodology.  Her team is directly engaged in product development processes for the company’s digital partnerships, open banking, commercial, marketing, and enterprise partnerships divisions on a worldwide basis.  Elise further oversees detailed analysis of emerging data protection laws, regulations and policies across the globe, counseling teams on the impact the changing privacy regulatory environment has on the company and its strategic objectives.

Elise formerly served as Mastercard’s Vice President and Senior Managing Counsel for Privacy and Data Protection in North America.  She previously held the role of Associate General Counsel at Fannie Mae in Washington, D.C., acting as the company’s Lead Privacy & Cybersecurity counsel for several years. 

Active in the greater privacy community, Elise is on the Leadership Council of the Sedona Conference’s Working Group 11 (Data Security & Privacy Liability).  She is Senior Editor of the group’s first publication, the Data Privacy Primer.  In Washington, D.C., Elise served as Co-Chair of the International Association of Privacy Professionals (IAPP) Washington, DC KnowledgeNet Chapter.

Elise received a juris doctor from George Washington University Law School after completing her bachelor of arts studies in English at Johns Hopkins University.  She is a Certified Information Privacy Professional (CIPP-US) and is admitted in the State of Maryland, the District of Columbia, and as In-House Counsel in the State of New York.

Joseph V. DeMarco is a partner at DeMarco Law PLLC where he specializes in counseling clients on complex issues involving information privacy and security, theft of intellectual property, computer intrusions, on-line fraud, and the lawful use of new technology. His years of experience in private practice and in government handling the most difficult cybercrime investigations handled by the United States Attorney’s Office have made him one of the nation’s leading experts on Internet crime and the law relating to emerging technologies.

From 1997 to 2007, Mr. DeMarco served an Assistant United States Attorney for the Southern District of New York, where he founded and headed the Computer Hacking and Intellectual Property Program, a group of five prosecutors dedicated to investigating and prosecuting violations of federal cybercrime laws and intellectual property offenses. Under his leadership, cybercrime prosecutions grew from a trickle in 1997 to a top priority of the United States Attorney’s Office, encompassing all forms of criminal activity affecting e-commerce and critical infrastructures including computer hacking crimes; transmission of Internet worms and viruses; electronic theft of trade secrets; illegal use of “spyware”; web-based frauds; unlawful Internet gambling; and criminal copyright and trademark infringement offenses. As a recognized expert in the field, Mr. DeMarco was frequently asked to counsel prosecutors and law enforcement agents regarding novel investigative and surveillance techniques and methodologies, and regularly provided advice to the United States Attorney concerning the Office’s most sensitive computer-related investigations. In 2001, Mr. DeMarco also served as a visiting Trial Attorney at the Department of Justice Computer Crimes and Intellectual Property Section in Washington, D.C., where he focused on Internet privacy, gaming, and theft of intellectual property.

Mr. DeMarco is on the panel of approved neutrals of the American Arbitration Association (AAA) where he focuses on resolving disputes between businesses involving data privacy, high-technology and commercial law issues.  He speaks frequently on the benefits of ADR in the area of data security and privacy litigation.

Since 2002, Mr. DeMarco has served as an Adjunct Professor at Columbia Law School, where he teaches the upper-class Internet and Computer Crimes seminar. He has spoken throughout the world on cybercrime, e-commerce, and IP enforcement. He has lectured on the subject of cybercrime at Harvard Law School, the Practicing Law Institute, the National Advocacy Center, and at the FBI Academy in Quantico, Virginia, and has served as an instructor on cybercrime to judges attending the New York State Judicial Institute.

Prior to joining the United States Attorney’s Office, Mr. DeMarco was a litigation associate at Cravath, Swaine & Moore in New York City, where he concentrated on intellectual property, antitrust, and securities law issues for various high-technology clients. Prior to that, Mr. DeMarco served as law clerk to the Honorable J. Daniel Mahoney, United States Circuit Judge for the Second Circuit Court of Appeals.

Mr. DeMarco holds a J.D. magna cum laude from New York University School of Law. At NYU he was a member of the NYU Law Review. He received his B.S.F.S. summa cum laude from the Edmund A. Walsh School of Foreign Service at Georgetown University.  Mr. DeMarco is active in numerous professional associations including the:

  • International Bar Association (Technology and Litigation Sections);
  • International Association of Korean Lawyers (Regional Governor, New York Region);
  • New York State Bar Association, ADR Section;
  • New York State Bar Association, Commercial and Federal Litigation Section (Past Co-chair, Internet and IP Committee);
  • Connecticut Bar Association;
  • Fairfield County (CT) Bar Association;
  • New Haven County (CT) Bar Association;
  • New York City Bar Association (Co-Chair, Information Technology Law Committee; Past
  • Member, Copyright Committee); and
  • The Copyright Society of the U.S.A.

Mr. DeMarco is a Martindale-Hubbell AV-rated lawyer for Computers and Software, Litigation and Internet Law, and is also listed in Chambers USA: America’s Leading Lawyers for Business guide as a leading lawyer nationwide in Privacy and Data Security. He has also been named as a “SuperLawyer” for his expertise and work in the area of Intellectual Property Litigation. He has published numerous articles and appeared on major news programs in his practice areas; is a member of the Professional Editorial Board of the prestigious Computer Law and Security Review (Elsevier); and serves on the Board of Advisors of the Center for Law and Information Policy at Fordham University School of Law.

Mr. DeMarco has received numerous professional awards, including the U.S. Department of Justice Director’s Award for Superior Performance, as well as the Lawyer of Integrity Award from the Institute for Jewish Humanities. In his spare time he enjoys parenting, golf, and listening to classical piano.

Julissa Milligan is a visiting professor in the BU/MIT Technology & Cyberlaw Clinic, in which law students at BU advise MIT researchers and entrepreneurs about legal risks arising from innovative research and startups. Julissa teaches a technology and cyberlaw course and supervises students as they counsel clients on data privacy, cybersecurity, computer crimes, tort, and contract issues arising from innovation uses of technology. Her research focuses on cybersecurity and privacy issues, and she is a member of BU’s Cybersecurity, Law, & Society Alliance—an interdisciplinary collaboration between computer science researchers, law professors, and social scientists focused on cybersecurity issues.

Before joining the BU Law faculty, Julissa represented technology companies in privacy and data security litigation and regulatory enforcement actions at Perkins Coie LLP. Julissa’s practice spanned the legal lifecycle—she counseled companies on risks arising from innovative products, defended entities facing regulatory investigations and enforcement actions, and represented technology companies in privacy and data security-related litigation at the district and appellate levels. She briefed and advised communications companies on electronic surveillance issues, including questions under the First and Fourth Amendments. Julissa also analyzed issues arising from cyberterrorism investigations as an intern for the Department of Justice’s National Security Division, Counterterrorism Section.

Julissa received her JD from Harvard Law School, where she served as editor-in-chief of the Harvard National Security Journal and as an editor of the Harvard Journal of Law and Public Policy. While at Harvard Law, Julissa obtained a Mead Cross Cultural Research Grant to fund her research on Turkish constitutional law and received a Heyman Summer Fellowship. She graduated summa cum laude from Wheaton College (IL).

Marshall L. Miller is Of Counsel in the Litigation Department at Wachtell, Lipton, Rosen & Katz.  His practice concentrates on advising corporations, board members, and senior executives with respect to internal investigations, regulatory compliance, cybersecurity, data privacy, criminal defense, and related civil litigation.

Before joining the firm, Mr. Miller served as the Principal Deputy Assistant Attorney General and Chief of Staff of the Criminal Division of the Department of Justice, where he supervised over 600 federal prosecutors and oversaw DOJ’s most significant prosecutions.  In that position, Mr. Miller supervised, among other programs, the Foreign Corrupt Practices Act program, the Kleptocracy Asset Recovery Initiative, the Office of International Affairs, and the Computer Crimes & Intellectual Property Section, DOJ’s flagship unit that combats cybercrime.  He testified on Capitol Hill, briefed Congressional staff, and advised executive branch officials on initiatives ranging from improving cybersecurity to combating foreign corruption and kleptocracy.  Mr. Miller personally managed and coordinated the successful Senate confirmation process for the Attorney General of the United States.

Mr. Miller joined DOJ’s Criminal Division from the United States Attorney’s Office for the Eastern District of New York (EDNY), where he worked as an Assistant United States Attorney for approximately 12 years.  At the EDNY, Mr. Miller served in a number of leadership positions, ultimately as the Chief of the Criminal Division, overseeing all of its criminal prosecutions, including the groundbreaking FIFA case, and spearheading the launch of the Office’s National Security & Cybercrime section.

Mr. Miller taught at NYU Law School and Fordham University Law School as an adjunct professor from 2006 to 2012 and full-time from 2003 to 2005.  Mr. Miller clerked for the Honorable Allyne R. Ross, United States District Judge for the Eastern District of New York.  He earned both his J.D. and B.A. from Yale.

Peter Guffin is a partner at Pierce Atwood LLP and heads the firm’s Privacy & Data Security practice.  He regularly advises clients with respect to compliance with state, federal, and international laws and regulations relating to privacy and data protection, as well as with respect to data security incidents, ranging from internal investigations, incident response, breach notification obligations, communications with regulators, risk mitigation, and litigation strategies. 

Guffin also is a Professor of Practice and Director of the Information Privacy Law Program at the University of Maine School of Law (teaching information privacy and cybersecurity law).

Guffin is a graduate of University of Pennsylvania Law School and Rutgers College (magna cum laude; Phi Beta Kappa).  He has been listed since 2014 in the Best Lawyers in America for Copyright Law and Litigation-Intellectual Property.  In 2017, he was among a distinguished group of leading privacy law scholars and practitioners selected to serve as an independent arbitrator for EU-US Privacy Shield Program by the US Department of Commerce and EU Commission.  He is a Certified Information Privacy Professional (CIPP/US, CIPP/E), International Association of Privacy Professionals.

His publications include: co-author, Maine: Internet Privacy Law Advances Consumer Privacy Protection and Fills a Federal-level Regulatory Void, OneTrust Data Guidance, July 2020; author, Digital Court Records Access, Social Justice, and Judicial Balancing: What Judge Coffin Can Teach UsMaine Law Review, May 2020; co-author, Maine's New Internet Privacy Law in BriefMaine Lawyers Review, July 11, 2019; author, Why Study Privacy Law?, Maine Bar Journal, Volume 33, Winter/Spring 2018 ; co-author, Chapter titled “The Electronic Communications Privacy Act” in “Data Security and Privacy in Massachusetts, book published by MCLE Press (2021); founder and author of the blog, Privacy Law Perspectives,

Selected recent presentations include:

  • “Artificial Intelligence Technologies and Data Protection," AI webinar at University of Maine (May 2020)
  • “Why Privacy Matters,” Maine State Bar Association Annual Bar Conference (June 2018)
  • “Transparency and Privacy: Court Records and E-Filing in Maine,” Maine State Bar Association Annual Bar Conference (June 2018)
  • “The EU General Data Protection Regulation: What Researchers Need to Know,” presentation at Research Integrity Symposium (May 2018)
  • “The NAIC Insurance Data Security Model Law: What Insurers Need to Know,” presentation at education session of Members Participation Council meeting of the National Organization of Life and Health Guaranty Associations (April 2018)
  • “Beyond Ethics – Privacy, Cybersecurity and Data Breach Notification Laws Affecting Lawyers,” CLE presentation sponsored by the Maine State Bar Association and the Maine Board of Overseers of the Bar (November 2017)

Peter McLaughlin is a partner in the Boston office of Prince Lobel Tye LLP and co-chair of the firm’s Privacy & Data Security practice. He has nearly 20 years of experience advising U.S. and international clients on their handling of corporate and personal information and complying with cybersecurity, privacy, and data protection standards.

After having been Assistant GC (Privacy & Security) and global privacy officer for Cardinal Health as far back as 2005, with a total 7 years of in-house experience, McLaughlin appreciates the importance of practical guidance to clients. McLaughlin advises clients with respect to a broad range of technology transactions, privacy and security issues. These predominantly touch: 1) the domestic and global handling of personal data, including the CCPA, EU GDPR preparedness, and Privacy Shield compliance; 2) information security programs (across industries), Internet of Things, US and multinational security reviews, and post-incident responses with management of forensic teams; and 3) innovative uses of information and technology, such as digital health and life sciences, advertising and consumer marketing, Internet of Things, autonomous vehicles, facial recognition, and analytics.

Mr. McLaughlin is a regular contributor to blogs, magazines, and journals, and he has presented at events by: PLI; Privacy Xchange Forum; RSA Conference; mHIMSS; IAPP; HIPAA Summit; World IP Forum; and others.

McLaughlin received his J.D. from Georgetown Law in 1993 and his B.A. from Columbia in 1986.

Ronald Plesco, a former prosecutor, is an internationally known information security and privacy lawyer with more than 20 years of experience in cyber investigations, privacy, threat intelligence, information assurance, identity management, cyber threats and cyber-enabled frauds, data analytics and artificial intelligence.

Ronald's clients represent the top global retail, financial, manufacturing, automotive, technology, communications, defense, life sciences and private equity corporations. 


Ron is a seasoned professional and recognized leader with experience in:

  • Privacy
  • Cyber Incident response and investigation
  • Cyber Threat Intelligence
  • Cyber Crime Threats
  • Credit Card Fraud
  • Identity and Information Theft
  • Identity Management
  • Information Assurance
  • Risk and Compliance
  • Brand Development/Management

Prior Experience

Ronald previously served as CEO of the National Cyber Forensics & Training Alliance (NCFTA), where he managed the development of intelligence that led to more than 400 worldwide cybercrime arrests in four years and prevented over US$2 billion in fraud. 

Notable NCFTA intelligence-led arrests include Ghost Click, Anonymous, Coreflood and multiple online frauds.

Ronald also previously served under Governor Tom Ridge as the Director of Public Safety Policy for Pennsylvania. Immediately after 9/11, he was also selected to serve as chair of the Cyber Attacks Committee for the Pennsylvania Homeland Security Council. He also supported Secretary Tom Ridge at the US Department of Homeland Security in the development and deployment of the National Cyber Security Division, US-CERT, TSA Secure Flight and US-VISIT programs.

Prior to joining DLA Piper, Ron was a Principal in KPMG's Cyber Services practice and concentrated on the healthcare, manufacturing, financial, insurance, retail, and automotive industries. Ron joined KPMG in 2012 after a distinguished career in the private and public sectors and is a frequent speaker internationally.


  • Winner, Most Influential People in Security, Security Magazine, December 2010
  • Winner, Editors' Choice Award, Secure Computing Magazine, 2010


  • J.D., Oklahoma City University School of Law
  • B.A., History and Political Science, Washington & Jefferson College


  • Commissioned Member, Pennsylvania Homeland Security Council
  • Past President, Central Pennsylvania Infragard Chapter
  • Past Chief Counsel/Technology Counsel, International Association of Financial Fraud Investigators
  • NCFTA Board Member & Chair
  • Economic Crime Institute, Utica College Board Member
  • Infragard Board Member
  • Member, American Bar Association
  • Member, American Bar Association Science and Technology Committee (member sub¬committees or cyber crime and privacy)
  • Member, American Society for Industrial Security High Technology Crimes Investigators
  • Member, International Association of Privacy Professionals
  • Member, International Association of Chiefs of Police Member, International Association of Financial Fraud Investigators
  • Member, Pennsylvania Bar Association
  • Member, RSA Chairman’s Circle

Mr. Siegel is General Counsel and Chief Compliance Officer of Galaxy Digital LP, a diversified financial services firm dedicated to the digital currency and blockchain sectors.

Prior to Galaxy Digital, Mr. Siegel served in a variety of legal and compliance roles for Perella Weinberg Partners, a financial services firm providing advisory and asset management services to a global client base.  Prior to joining Perella Weinberg, Mr. Siegel was General Counsel and Chief Compliance Officer of Stanfield Capital Partners LLC, an alternative asset manager based in New York. Prior to joining Stanfield, Mr. Siegel served in the law division of Morgan Stanley, initially advising the Mergers and Acquisitions Department. Ultimately, Mr. Siegel was the senior attorney responsible for advising Morgan Stanley Investment Management’s alternative investment funds, including its private equity funds, venture capital funds, hedge funds and fund of funds. Previously in his career, Mr. Siegel was a corporate attorney at Shearman & Sterling where he focused on public and private mergers and acquisitions, private equity transactions and join ventures.

Mr. Siegel is admitted to the Bar of the State of New York and has been designated a Certified Regulatory and Compliance Professional by FINRA.

Mr. Siegel received a Bachelor of Arts in Political Science, magna cum laude, from Tufts University and a Juris Doctor, summa cum laude, from Washington College of Law at American University where he was an editor of The American University Law Review.

Elaine Zacharakis Loumbas is an experienced attorney who focuses her practice on corporate and regulatory health law, privacy, and information technology matters.   Over the course of her career, Elaine has represented the full spectrum of health care entities, including, but not limited to hospitals, pharmaceutical companies, medical device companies, pharmacies, retail health clinics, health insurance companies, pharmacy benefit managers, and physicians. 

In addition, she has a technology background with an engineering degree from Columbia University and work experience as a management information systems consultant.  This background enables her to consult with her clients and interact with their privacy, cybersecurity and information technology teams in a valuable way. 

Since 1999 (when the HIPAA regulations were first introduced), Elaine has counseled clients extensively on privacy compliance matters.  She also has worked on a panoply of health information technology agreements.  Elaine’s experience also extends to medical devices, pharma and the biotech industries where she advises on regulatory and intellectual property licensing matters and has negotiated a variety of contracts.

Some representative projects include:  negotiating numerous health information technology agreements for hospital clients, preparing privacy policies for a medical device company, negotiating telemedicine agreements, establishing a pharmacy benefit management program for an on-line pharmacy, drafting HIPAA policies and consulting for the privacy office of a global pharmaceutical company, serving as privacy counsel to an association that develops quality tools and data analysis for hospital systems, negotiating provider agreements with over 140 health plans on behalf of a national provider system, preparing HIPAA compliance documents and negotiating business associate agreements for a business associate of health plans, incorporating start-up health care businesses, and analyzing regulatory issues for a start-up telemedicine company. 

Elaine’s earlier work experience includes: in-house counsel with Baxter Healthcare Corporation. attorney with the law firm of Gardner, Carton & Douglas (now Faegre Drinker) and a management information systems consultant with Andersen Consulting (now Accenture).  At Baxter she established their HIPAA compliance program and served on the global privacy team.

Elaine is an adjunct professorship at the Biotechnology Management and Entrepreneurship Program at Yeshiva University for the Katz School of Science and Health in midtown Manhattan.  She also served as an adjunct professor in Chicago at the Beazley Institute for Health Law at Loyola Law School and the Center for Information Technology and Privacy at the John Marshall Law School from 2004 to 2016.   Elaine is the former Chair of the ABA Health Law Section’s e-health, privacy and security interest group.

Elaine received her law degree from Notre Dame Law School and her undergraduate from Columbia University’s School of Engineering & Applied Science.  She is admitted to practice law in New York and Illinois.  She lives in the New York City metropolitan area.

Kelly Harris currently serves as Assistant General Counsel for Cybersecurity, Privacy and Incident Response at Deloitte Global.   Before joining Deloitte, she spent 11 years building privacy and information security programs at Prudential Financial and Wyndham Worldwide.   She started her legal career as an associate with Kirkpatrick & Lockhart (now K&L Gates) and then Gibbons P.C. before going in-house to Japanese pharmaceutical companies Daiichi Sankyo and Otsuka.

Ken Mortensen, Esq., is the InterSystems’ Data Protection Officer promoting and leading Global Trust and Privacy for the company. He is based in their Cambridge headquarters and has global responsibility across the company to enhance information privacy, governance, and cyber risk processes not only in the development and deployment of InterSystems technology, but also in the management of operations and services. Ken focuses on enhancing global trust and privacy throughout InterSystems demonstrating to customers, clients, and stakeholders our commitment to investing and growing the capabilities of InterSystems in order to stay in front of emerging risks for privacy and cybersecurity.

Prior to joining InterSystems, Ken was a Senior Managing Director over at PwC specializing in data protection, privacy, and cybersecurity and led the expansion of PwC’s healthcare privacy offerings. Before that, Ken was the Vice President, Assistant General Counsel & Chief Privacy Officer at CVS Health, where he created the Information Governance Department and was responsible for overseeing enterprise information governance to deliver privacy compliance as well as leading the information security risk management organization to address cyber risks. While at CVS, he oversaw compliance with CVS’s FTC Consent Decree, OCR Corrective Action plan, and PCI program, including securing the first-ever closure letter from OCR. He was also the first Chief Privacy Officer for Boston Scientific responsible for implementing a global privacy and security program and introducing a governance emphasis for risk.

Prior to that, Ken served in the Administration of President George W. Bush as the Associate Deputy Attorney General for the U.S. Department of Justice, where he was the primary counsel and policy advisor to the Attorney General and Deputy Attorney General on privacy and civil liberties matters. While at Justice, he led the U.S. delegation to negotiate privacy and cybersecurity terms with the European Union as well as oversaw the privacy and civil liberties processes for numerous national security and foreign intelligence programs, including work with the National Security Council related to FISA and EO 12333. Prior to going to Justice, Ken served at the U.S. Dep’t of Homeland Security as part of the team that stood up the Privacy Office at the beginning of the agency eventually as Deputy Chief Privacy Officer.

Before his government service, Ken was a partner in his own law firm as one of the early practitioners of privacy and security law, during which he served as Special Counsel to the Pennsylvania Attorney General. He taught computer law and information policy at Villanova Law School and was an electrical engineer at Burroughs in Large System Design focusing on information assurance and system test.

Ken is a former member of the board of directors for the International Association of Privacy Professionals (IAPP), including serving as Secretary for one year. He currently serves on the IAPP Research Advisory Board and the board of Shared Assessments, an organization focused on addressing third party information risks. Previously, Ken served on the board of the Health Information Trust Alliance (HITRUST) and participated in the development of the privacy control category of the HITRUST CSF.

Ken currently teaches privacy law at Boston University Law School and cybersecurity law at the University of Maine School of Law. Ken is co-author with Andy Serwin of the West Publishing book, Healthcare Security and Privacy Law, and has authored chapters and sections for other privacy, cybersecurity, and governance risk books and publications.  He is an internationally recognized expert on these topics and speaks globally on privacy, cybersecurity, and the governance of information.

Ken is admitted to the bars of Pennsylvania and New Jersey as well as the Supreme Court of the United States. He received his Juris Doctorate from Villanova University School of Law, his MBA from the Villanova University College of Finance, and his Bachelor’s of Science in Engineering degree in Electrical and Computer Engineering from Drexel University. He has a Certificate in Foreign Intelligence Law from the Judge Advocate General's School of Law. He has CIPP/US, CIPP/G, and CIPM certifications from IAPP.

Deirdre Potts is an Associate Director of Compliance at Point72 Asset Management, L.P. in Stamford, Connecticut. From 2014 to 2016, she served as a Legal Associate at Renaissance Capital LLC. Prior to 2014, she practiced commercial litigation in Alexandria, Virginia. Ms. Potts received her B.A. from University of Virginia. She received her J.D., magna cum laude, from George Mason University School of Law.

Sandra Maliszewski is currently Vice President, Chief Compliance Officer at Maimonides Medical Center. Previously, she was the Privacy Officer/Research Institutional Officer at AdvantageCare Physicians, PC, one of the largest multispecialty physician practices in the New York metropolitan area. Ms. Maliszewski has more than 25 years of health care experience, having practiced as a family nurse practitioner and licensed midwife in hospital and private practices. Upon graduating from law school, she was an associate at a law firm where she was a member of its health law department and the senior housing, white-collar crime and investigations, HIPAA compliance and health care professionals practice groups. Subsequently, she was Deputy General Counsel, Chief Compliance, Privacy and Research Compliance Officer for the NuHealth System followed by working with a health IT start-up where she developed a mobile app certification program.

Sylvia Khatcherian is the Deputy General Counsel at Bridgewater Associates in Westport, CT.  Bridgewater is an American investment management firm founded in 1975.  The firm serves institutional clients including pension funds, endowments, foundations, foreign governments, and central banks. Bridgewater manages about $160 billion for approximately 350 of the largest and most sophisticated global institutional clients, including public and corporate pension funds, university endowments, charitable foundations, supranational agencies, sovereign wealth funds, and central banks.