TrustArc Privacy Consulting Team

TrustArc has a team of privacy experts and practitioners ready to help you
build, implement, and manage your privacy program.

The TrustArc Privacy Consulting Team has privacy experts all over the world, including the United States, Canada, Europe and Asia-Pacific. With over 200 years of collective privacy experience at globally recognized companies, our Team has a wealth of practical and hands-on experience with corporate executives, legal, information technology, marketing, sales, and other business functions to share. In addition, our Team has completed nearly a thousand successful engagements for companies at all levels of privacy maturity as we help them to build, implement and manage privacy compliance programs. Most team members have CIPP and security certifications, while some have the prestigious Fellow of Information Privacy (FIP) standing.

The TrustArc Consulting Advantage

 TrustArc’s unique offering of both an award-winning technology platform AND practical consulting expertise creates an opportunity for us to partner with any size business, from start-ups to multinational corporations, and deliver a practical approach to establishing and maintaining a privacy compliance program that is suited to your requirements. Our approach is centered around four core benefits:

  • Consultant Expertise – Every TrustArc consultant has experience working as a privacy practitioner, most with a decade or more of direct experience inside some of world’s largest companies and most respected brands across a wide range of industries. Every one of the consultants you will work with is a true subject matter expert with direct personal experience solving the most challenging data privacy issues.
  • Consulting Flexibility, Fixed Budget – Our consulting services flex to meet your business needs as your privacy program matures, priorities shift, and internal resources change. At the same time, most of our engagements are delivered on a no-surprises, fixed-price basis.
  • Reliable Engagement Management – Over the course of more than 1000 consulting engagements, TrustArc has built a time-tested set of project-based consulting offerings with defined levels of effort and realistic delivery timelines that help ensure projects come in on-time and on-budget.
  • Consulting plus Technology – Our unique mix of technology-based solutions and tailored consulting services help companies identify best-of-breed solutions that are right-sized for today and scalable for your future privacy program needs.

Consulting Leadership

terry-mcquay-logo

Margaret Alston

CIPM, CIPP/US/G/C, FIP
Senior Director, Consulting
California, USA
FIP_Image

Margaret leads TrustArc’s overall consulting practice and has been with TrustArc since 2016.

Margaret holds several CIPP privacy certifications including CIPP/US, CIPP/Government, CIPP/Canada, CIPM (Certified Information Privacy Manager) and has received the International Association for Privacy Professionals’ Fellow of Information Privacy (FIP) designation, which is awarded to privacy professionals who can demonstrate a level of skill and experience in data privacy.

READ MORE

Margaret has more than 20 years of privacy experience, much of that at the vice-presidential level. She started out in the consulting world, managing the consulting arm of a privacy boutique, Privacy Council. She scoped, bid, planned, resourced, managed, and in some cases performed hands-on engagements for EU, HIPAA, GLBA, COPPA, and Web site privacy projects.

Most recently employed as a Senior Privacy Manager for Intuit, as well as Intuit’s Canadian Privacy Officer, Margaret helped create privacy sensitive strategies, business models, and products. She also has set up and managed privacy by design and privacy compliance programs in both the technology realm as well as for specific sets of rules, such as HIPAA, IRS Section 7216, Privacy Shield, and GLBA.

terry-mcquay-logo

Beth Sipula

CIPM, CIPP/US, FIP
Director, US Western Consulting
Arizona, USA
FIP_Image

Beth leads TrustArc’s US western region consulting team. She has two decades of experience as a privacy and compliance professional working in various leadership roles focusing on data privacy, data security and risk. She is a Fellow of Information Privacy (FIP) with the IAPP and also holds their Privacy Professional and Certified Information Privacy Manager credentials and was one of the original members of TrustArc’s Consulting team. Beth is very hands-on in her approach and is most passionate about helping organizations use privacy as a differentiator to build trust as they grow.

READ MORE

Beth worked for Citrix Systems, Inc. from 2004-2015 and during that tenure she led global data privacy assessments, implemented privacy by design programs, created and conducted privacy training, monitored and analyzed legislation, provided digital marketing/CRM data guidance, evaluated new and emerging technologies, and managed PCI-DSS compliance programs. Her last role with the company was as Senior Director, Privacy and Compliance.

Prior to joining Citrix, Beth worked for Expertcity.com (technology start-up) where she built the Company’s privacy program, managed call center operations and supervised customer support and for Charter Communications where she managed customer care for the corporate office and supported the company’s call center operations.

terry-mcquay-logo

Noël Luke

CIPM, CIPP/US/A/E, FIP, J.D.
Director, US Eastern Consulting
California, USA
FIP_Image

Noël leads TrustArc’s US eastern region consulting team and has been with TrustArc since 2015. Prior to joining TrustArc Noël was in private practice and is licensed to practice law in California and Washington State.

READ MORE

Noël holds several CIPP privacy certifications including CIPP/U.S. Private Sector, CIPP/Europe, CIPP/Asia, CIPM (Certified Information Privacy Manager) and has received the International Association for Privacy Professionals’ Fellow of Information Privacy (FIP) designation, which is awarded to privacy professionals who can demonstrate a level of skill and experience in data privacy. In her work with TrustArc over the last five years, she has worked with organizations of all sizes, across industries and with clients of varying degrees of privacy maturity. Her areas of experience include cross border transfers involving Europe and the APEC region; digital advertising; and operationalizing privacy including privacy program management and data governance.

terry-mcquay-logo

Paul Iagnocco

Director, Consulting Operations & Canada/EMEA/Asia-Pacific Regions
Michigan, USA

Paul is responsible for TrustArc’s consulting operations and leads the consulting team outside the U.S., namely Canada, EMEA and Asia-Pacific.

Paul is a leader, visionary and change agent, with over 26 years of experience in privacy, data protection, information systems management, digital marketing and operations. He has worked in various industries including higher education, marketing and advertising, consumer goods and consumer packaged goods.

READ MORE

Prior to joining TrustArc, Paul served as Kellogg’s first Chief Privacy Officer (CPO). In this role, he was responsible for the development and implementation of a global privacy office (governance structure) and global privacy program. This program both developed and implemented policies, procedures, data protection addendums, privacy impact assessments, training and education for both consumers and employees.

Beyond privacy, Paul has led the additional development and implementation of several corporate capabilities, including: 1. Kellogg’s global digital marketing practice; 2. Kellogg’s global corporate equity protection services; and 3. Kellogg’s US ecommerce program.

In addition to the above, Paul has developed digital marketing strategies and user experiences for Fortune 500 clients in consumer goods, healthcare, and the automotive industry. Still further, he has served as a university divisional CIO, and an assistant dean of student life.

North America

terry-mcquay-logo

Nadya Elizabeth Aswad

CIPM, CIPP/US/E, FIP, J.D.
Senior Privacy Consultant
Arizona and Wisconsin, USA
FIP_Image

Nadya is a senior-level certified privacy professional with advanced degrees in law and technology. She has twenty years of experience as a privacy professional for global companies in various industries, and has built, implemented, and led information management and privacy compliance programs. Nadya’s in-house positions include Chief Privacy Officer and other privacy roles at a Fortune 25 Corporation, Fannie Mae, and Privacy Director, and Director of Governance, Risk, and Compliance in the financial services, healthcare, and hospitality sectors. As a consultant, Nadya was a Director in the Cybersecurity and Privacy Practice at PriceWaterhouseCoopers and held similar positions with other privacy and security consulting firms.

READ MORE

Nadya has specialized experience developing and executing privacy strategies and reporting results. She has a mastery of privacy and information management laws, regulations and industry standards, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), process and data flows, data and system inventories, risk assessment and management, data breach response, data loss prevention, frameworks, and privacy policies.

oleg-lemeshko

Estella Cohen

CIPM, CIPP/C, FIP
Senior Privacy Consultant
Ontario, Canada
FIP_Image

Estella holds dual designations from the International Association of Privacy Professionals (IAPP) as a Certified Information Privacy Professional (CIPP/C), and a Certified Information and Privacy Manager, (CIPM) and just recently was accepted as an IAPP Fellow of Information Privacy (FIP).

READ MORE

Estella is the former Executive Director at the Office of the Information and Privacy Commissioner of Ontario (IPC), the independent body that oversees the privacy and access laws in Ontario, Canada. She supported the commissioner’s development of “Privacy by Design” – unanimously adopted an international framework for privacy and data protection in 2010.

Prior to this position, Estella was charged with developing and implementing a comprehensive privacy awareness program for the Ontario Government. The program was awarded a Public Sector Quality Award and has become the template for how to develop a culture of privacy in government departments.

Currently, Estella is providing consulting and research services to a number of private sector companies who do business with Europe and will need to demonstrate compliance with both the Privacy Shield Framework and the General Data Protection Regulation. Fluent in Spanish with an excellent working knowledge of French, she has shared her knowledge of access and privacy issues internationally.

terry-mcquay-logo

Rob Gilbert

CIPM, CIPT, CIPP/C/E
Senior Privacy Consultant
Ontario, Canada

Rob, CIPP/C/E, CIPT, CIPM has worked as a senior-level privacy professional since 2009. An expert in government relations and regulatory affairs, Rob became the Canada Border Services’ Manager for Privacy Policy in 2009. In 2014, as Manager for Privacy Operations with the Treasury Board of Canada Secretariat, Rob trained other privacy professionals on the complexities of Canada’s privacy legislation and policies. In 2017, working for the Department of Justice, Rob led national consultations on modernizing Canada’s Privacy Act.

READ MORE

Following 30 years of service Rob retired from government in 2018 to start his own consultancy, and has since helped public and private sector clients around the world strengthen their privacy programs and meet their compliance obligations. An IAPP Canadian Advisory Board member, Rob is a strong advocate of privacy rights at the national and international level. A digital nomad, Rob lives and works in Ottawa, Canada but follows the sun whenever he can.

oleg-lemeshko

Martin Gomberg

CIPP/E, CISSP
Senior Privacy Consultant
Florida, USA

Martin, CISSP, CIPP/E, has spent over thirty years in information technology, as Vice President of Technical Strategies for a major bank, CIO for a major cable television and media brand, and as SVP and Global Director of Information Security, Privacy, Data and Business Protection. He served as the Data Systems Protection officer for an Italian affiliate. As a consultant and ‘Ask an Expert’ advisor he has provided guidance to numerous companies in conforming to GDPR and CCPA requirements.

READ MORE

He is an active speaker, blogger and the author of the recently released “CISO REDEFINED,” focused on the globalization and digital transformation of business, and the protection and privacy of personal and company consequential data, domestic and global.

terry-mcquay-logo

Damayanthi Jakubowski

CIPP/E, PRINCE2
Privacy Consultant
California, USA

Damayanthi (Dama) is a privacy consultant with the US western region consulting team. Drawing upon her knowledge and experience in global privacy compliance, data security and risk management (GRC), she loves helping organizations navigate the complex and constantly shifting data privacy landscape.

READ MORE

Over the past 10 years, Dama has advised and worked with companies on diverse topics such as employee privacy, health privacy, cross-border data transfer mechanisms, risk assessments, privacy by design, and information security best practices. She has helped multiple organizations comply with a range of laws and standards including GDPR, CCPA, LGPD, HIPAA, Privacy Shield, as well as ISO27001/2, ISO 9001, CIS20, etc.

Dama brings a blend of business, technology and privacy expertise to her clients. She holds an MBA and an MS degree. She is a CIPP/E certified privacy specialist as well as a PRINCE2 certified Project Manager. She has worked with companies of all sizes, from startups to Fortune 500, across a wide range of industries (Software and Services, Electronics, Health Care, Government, Education; and Hospitality).

oleg-lemeshko

Jim Keese

CIPM, CIPT, CIPP/US, FIP
Senior Privacy Consultant
Colorado, USA
FIP_Image

Jim is a proven and quantified data privacy/breach and information governance specialist with over 20 years’ experience and as a forerunner in this field, he has aided over twenty Fortune 500 Companies in building, implementing and managing international data privacy, information governance and data security programs. He has the vision to define a multiyear strategic and operational framework that encompass regulatory requirements, external and internal risks, business objectives, data protection technology and has managed numerous domestic and international data breaches activities.

READ MORE

His leadership as a forerunner in the privacy field has resulted in successful and highly rated global privacy and data protection programs as the Chief Privacy Officer for Western Union and Eastman Kodak. He has knowledge across several sectors to include healthcare, cloud services, pharmaceutical, medical, financial services, and retail. In addition, he has published multiple articles related to privacy and data protection.

As the Managing Officer for Privacy International, LLP, he has assisted over 70 international companies in data breach obligations, privacy program enhancements, GDPR, HIPAA, GLBA, GAPP and CCPA assessments and developed numerous remediation plans. His comprehensive regulatory, operational and consulting experience enables organizations and clients to approach privacy/data protection and information governance holistically, and is based on practical implementation and resulting in enhanced organizational governance and compliance.

terry-mcquay-logo

James Koons

CIPP/US
Senior Privacy Consultant
Pennsylvania, USA

James is a data privacy and data protection expert with over 28 years of experience in privacy, security, information systems management and digital marketing. He has worked in various industries including healthcare, education, security, retail and ecommerce. James most recently served as Chief Privacy Officer for a large digital marketing automation firm, where he served over 3,500 companies with marketing compliance, risk assessment and data privacy consultation. During his career as an international privacy professional, he has developed, implemented and maintained global privacy programs, introduced streamlined processes using privacy technology, created privacy policies and data protection agreements, and helped major organizations foster a culture of data protection.

READ MORE

James has served as a member of the board of directors for an impressive number of industry organizations and is a very active member of the International Association of Privacy Professionals (IAPP), serving on multiple boards. He has also been a featured speaker at both marketing and privacy events such as the DMA, IAPP, and IRCE. He has testified in US Senate committee hearings as a witness on both data privacy and information security matters as well as serves as an active member of the FBI’s InfraGard focusing on data privacy matters. James is a decorated US Army veteran and is a Certified Information Privacy Professional (CIPP/US).

oleg-lemeshko

Wendi Lozada-Smith

CIPP/US/E, CISM, CISSP
Senior Privacy Consultant
Texas, USA

Wendi is a global privacy and ethics leader with a unique combination of experience in Global Privacy, Information Security, and IT for Fortune 100 financial services and telecommunications companies. With specialized expertise in CCPA, GDPR, health and financial privacy, and Internet of Things (IOT), she has led teams large and small and provided data protection guidance to global business units operating in more than 60 countries. She has consulted on a broad range of privacy issues including privacy program and policy development, information security best practices, cross border data transfers, risk assessment, and privacy by design.

READ MORE

She has held a variety of IT/Data Protection leadership positions, including serving as AVP Global Public Policy/Privacy for AT&T; VP Corporate Information Security for Wachovia; and Information Security Officer for SACU. She received her Master’s degree from Vanderbilt University and holds four privacy and security certifications: CIPP/US, CIPP/E, CISM, and CISSP.

terry-mcquay-logo

Philip Pyburn, Ph.D.

CIPP/E, CAMS, CSSMBB
Senior Privacy Consultant
Massachusetts, USA

Dr. Philip Pyburn is a senior consultant and technology innovator with 25 years hands-on experience leading digital transformation and regulatory compliance programs in financial services, insurance, healthcare, distribution and technology services. His work combines a detailed understanding of global privacy regulations (including CCPA and GDPR) with an in-depth knowledge of the process and technology capabilities needed to operationalize privacy and ensure compliance.

READ MORE

Phil is a Certified Six Sigma Master Black Belt as well as a Certified Information Privacy Professional (CIPP/E) and Anti Money Laundering Specialist (CAMS). He is also a Certified Scrum Master who brings agile project management principles to each engagement.

Phil holds a Master of Science degree in Finance from the MIT Sloan School of Management and a Doctorate in IT and Operations from the Harvard Business School. In addition, he has completed several certificate programs in Cybersecurity, Artificial Intelligence, and Distributed Ledger Technology at the MIT Computer Science and AI Lab (CSAIL.)

oleg-lemeshko

Betty Robinson

J.D.
Senior Privacy Consultant
Texas, USA

Betty is an attorney and compliance professional with over 10 years of experience providing data privacy and security solutions for clients in both the government and private sectors. She obtained her Juris Doctor and Bachelor’s degrees from the University of Arkansas. Betty is well-versed with both U.S. and global privacy laws including GDPR, PIPEDA, HIPAA, CCPA, GLBA and FERPA as well as industry standards such as PCI DSS.

READ MORE

Prior to joining TrustArc, Betty worked extensively with healthcare privacy for her former client, the U.S. Department of Health & Human Services. Betty has also routinely worked with data privacy for the financial services industry. While working across these industries, she provided guidance regarding data breaches, risk assessments, implementing data protection measures and cybersecurity controls, and protecting the privacy rights of individuals. Betty’s accomplishments include partnering with organizations ranging from sole proprietors to Fortune 100 companies to resolve defects and compliance gaps in their privacy programs.

terry-mcquay-logo

Kristy Sawyer

CIPP, CIPT, J.D.
Senior Privacy Consultant
Florida, USA

Kristy is responsible for creating and operationalizing Privacy Programs across several industries. She develops and implements data protection and privacy policies in accordance with local government laws and best practices. She advises her clients on how to identify and manage privacy and information security risks across the enterprise. With 10+ years of Privacy experience, Kristy brings broad global legal expertise to her clients. Notably, her partnerships include consulting with clients to create a global initiative focused on standardizing a scalable privacy program that conforms with cross-jurisdictional legislation and mitigates the risk of a data breach.

READ MORE

Prior to joining TrustArc, Kristy worked for the for the Department of Homeland Security where she served many roles, lastly as a Verification and Biometrics Division Privacy Officer. In that position, she managed all Privacy Office functions, including developing privacy policies, conducting initial and periodic privacy risk assessments, responding to data incidents and developing privacy policies and procedures. She played a critical role in the negotiation and development of information sharing arrangements with domestic and foreign partners ensuring compliance with domestic and foreign laws. This innovative practice set a new standard for the industry.

Kristy’s clients span industries and sectors, including, Accounting, Entertainment, Web Publishing, Customer Relationship Management, Technology and Artificial Intelligence. She is a recognized thought leader in her field and within the privacy community.

Kristy has a JD from the University of Cincinnati College of Law and a Bachelor of Science degree from George Washington University. She is a member of the International Association of Privacy Professionals, a Certified Information Privacy Professional (CIPP/CIPT) and is licensed to practice law in Virginia and Ohio.

oleg-lemeshko

Jamie Sorley

CIPM, CIPP/US, J.D.
Senior Privacy Consultant
Texas, USA

Jamie advises clients of all sizes on effective privacy compliance programs and helps them navigate data breaches, security incidents and government investigations. As an attorney and Certified Information Privacy Professional with more than 15 years’ experience in the healthcare and information privacy and security fields, Jamie works with clients to understand the changing requirements and to develop and implement solutions. A former supervisor for the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), Jamie served as the lead HIPAA breach investigator for the Southwest Region and worked with the Health Information Privacy Division in Washington, D.C. on policy issues stemming from the passage of the HITECH Act. Jamie also served in the U.S. Department of Justice as a Special Assistant United States Attorney. Prior to law school, Jamie worked in healthcare administration.

READ MORE

Jamie earned her Bachelor’s degree and MBA from Texas Tech University and her JD from the Southern Methodist University Dedman School of Law. She is a frequent speaker on HIPAA, HITECH, and information privacy and security.

oleg-lemeshko

Patricia D. Wynne

CIPP/US, J.D.
Senior Privacy Consultant
Pennsylvania, USA

Pat is a subject matter specialist in the areas of data privacy, cybersecurity and regulatory compliance with both industry and consulting experience.

READ MORE

She has worked in the healthcare industry as Chief Privacy and Security Officer and In-house Counsel for a multi-state behavioral healthcare provider. She was responsible for HIPAA/HITECH privacy and security strategy and program development/implementation including enterprise-wide data governance framework, policies and procedures, workforce training and awareness programs, complaint and breach investigation and notification processes, business associate and vendor management processes and risk audit/ risk management processes. Her experience also includes HiTRUST Scoping, as well as FERPA, RedFlag, GLBA, FINRA assessments. She also served as the organization’s in-house legal counsel.

Since 2012, Pat has been consulting in the areas of risk assurance and risk advisory services, and advising clients building compliant and accountable Data Privacy and Cybersecurity programs. Typical projects include risk analysis and gap assessment procedures, gap remediation and on-going consultancy services to ensure required implementation. She also worked with companies defining and building their data governance frameworks and supporting team development responsibilities for data privacy and security programs.

A strong focus of her consultancy services has been HIPAA/HITECH, GDPR and other international data privacy regulations as well as CCPA compliance and implementation. Clients include healthcare providers and insurers, pharma, medical devices and healthcare solutions companies, business associates of various types of service providers, cloud services providers, employment services providers, international professional credentialing organizations, financial services providers and real estate investment companies.

Europe, Middle East & Africa

oleg-lemeshko

Xavier Alabart

CIPP/E, CIPT, IGP, PMP
Senior Privacy Consultant
Switzerland

Xavier is a well-recognized professional with more than two decades experience in advisory and program management in various fields of information governance. His education as a telecom engineer and as a business administrator has led him through a maze of data-related and business disciplines: privacy and data protection as well as information governance, auditing, information security, records and information management, data scientist, systems development, quality management and corporate compliance.

READ MORE

In the recent past, Xavier served as a group data protection officer, a privacy program manager and a privacy consultant in the healthcare and banking industries where he deployed and maintained corporate programs to ensure that Data Protection and Privacy are present in the corporate agenda. In doing so he has dealt with requirements from many jurisdictions and sectors around the world.

Xavier holds several relevant certifications such as CIPP/E, CIPT, International Governance Professional (IGP) and PMP.

terry-mcquay-logo

Farida Betit

J.D.
Senior Privacy Consultant
United Kingdom

Farida is an experienced international privacy expert, with nearly ten years of experience in privacy and data protection. Recently, she has been working as senior data protection counsel in various financial institutions in Europe, including Paris and London. She is a graduate of the Université de Paris and is a member of the Paris Bar.

READ MORE

As a member of the Barclays International privacy team, she was in charge of providing data protection support to the European entities and advised them on the implementation of the GDPR program. During this time, Farida conducted privacy training, managed privacy impact assessments and handled data subject requests (DSARs). Moreover, she developed expertise in EU labor law, banking secrecy regulation (impacting data protection), and International data transfers.

Furthermore, while with Barclays International privacy team, Farida was placed on assignment in the Barclays Singapore office where she provided privacy oversight within the APAC region.

Prior to joining Barclays, Farida was part of the legal department of various banks where she dealt with European regulatory authorities and the management of technical contracts.

terry-mcquay-logo

Richard Kilpatrick

CIPM, CIPT, CIPP/E, CISSP, CCSK
Senior Privacy Consultant
United Kingdom

Richard is a consultant with over three decades of global experience as a privacy and security professional working in various technical, leadership and program roles focused on data privacy, data security, and data governance.

READ MORE

Skilled in EU General Data Protection Regulation compliance and alignment, and other global privacy and cybersecurity regulations and standards such as Australian privacy, ISO27k, PCI-DSS, and NIST.

He has in-depth experience across many sectors including banking, finance, insurance, telecommunications, property, and media industries.

Richard holds IAPP certifications for CIPP/E, CIPM, and CIPT and also ISC2 CISSP and CSA CCSK, and occasionally delivers IAPP CIPP/E and CIPM training.

With a technical background, Richard knows electronics, computing and radio systems down to their individual component/chip level.

oleg-lemeshko

Ralph T. O’Brien

CIPM, CIPT, CIPP/E, BSi LA, CISMP (Dis), FIP
Senior Privacy Consultant
United Kingdom
FIP_Image

Ralph has spent over two decades working at the intersection of privacy, security and risk management. Ralph is an experienced consultant, speaker, trainer, auditor, negotiator and manager. His key passion is in using his knowledge of privacy laws and information governance standards to help businesses develop and grow, engaging stakeholders, and delivering complex projects within the information governance sphere.

READ MORE

Ralph is a trusted advisor on Global Privacy and Security compliance, practices and management for the past two decades. He believes good information governance adds business value to achieve business objectives and return on investment. His role includes acting as a senior level “translator” between IT, business and compliance professionals, thought leadership, business development, partnerships and product development. His experience includes strategic Privacy Management and GDPR adoption programs, advisory services and assurance delivery in global multinational environments.

Prior to that, he has been an experienced Product and Services business development lead, Principal Consultant and Manager, delivering training, consultancy and audit of data protection, business continuity and information security – Management of consultancy and audit teams across multiple topics, responding to tenders and delivering solutions proposals.

He has worked in a wide variety of industry sectors including the with a focus on Defense, Public Sector, Technology, Pharma and Financial Services, representing both multinational corporations and boutique specialist consultancies.

He continues to be a hands-on practitioner, combining business level consultancy with training and technical experience across ISO/IEC 27001, BS 10012, ISO 9001 and ISO 22301 standards through to certification. He was responsible for the first global joint 27001/25999 management system to be certified and sits on the international and British committees responsible for ISO 27001, BS 10012 and ISO 27701.

With a focus upon business processes and the protection of information, and an ethos of management assurance, risk management and knowledge transfer he continues to ensure effective protection of assets appropriate to the business needs of the client.

Asia Pacific

terry-mcquay-logo

Annelies Moens

CIPT, FAICD, CMgr FIML
Senior Privacy Consultant
New South Wales, Australia

With close to 20 years’ experience, Annelies is a widely recognized global privacy expert and thought leader, trusted by business executives, government and privacy professionals. She works with clients globally to uplift privacy maturity.

READ MORE

She has held several senior leadership roles in privacy and related fields. Annelies’ career in privacy started in 2001 at the Australian privacy regulator where she managed privacy audits and investigations. Annelies co-founded the International Association of Privacy Professionals in Australia and New Zealand in 2008. She held elected roles during her six-year Board term, including as President.

Annelies has been a Group Manager and Chief Privacy Officer at a copyright licensing agency, External Relations Manager at an online legal publisher, and Deputy Managing Director of a privacy consultancy. In the latter role she directed and led a team of consultants and supervised hundreds of client deliverables, including privacy strategies, privacy health checks, privacy impact assessments, data breach notifications, cross-border data flows, cloud, and privacy by design. She also helped transform a major New Zealand government agency with the lowest trust and confidence score to being a lead agency exemplifying privacy best practices.

Annelies has presented at many national and international forums (including APEC, APPA, IAPP, CIPL, AICD, AISA) on the convergence of competition and privacy regulation, artificial intelligence and privacy, data breaches, and the cross-border privacy rules system.

Learn how TrustArc Privacy Consulting can help
you build and manage your privacy program.