Janalyn Schreiber, CIPM, CISSP

About Janalyn

A founding partner at Data Privacy & Security Advisors LLC, Ms. Schreiber has 20+ years’ experience consulting with companies on the complexities of managing privacy, protecting data and responding to high profile investigations, and is retained by both domestic and multinational organizations to develop broad-based data protection and privacy compliance programs.

Ms. Schreiber’s privacy management philosophy helps her clients mitigate the pervasive feeling of “death by a thousand cuts” - she designs programs tailored to their organization and purposely centered on the overlapping core requirements of all relevant global privacy and security regulations, keeping the program nimble to allow for the rapid integration of new or amended regulations and requirements. For example, her streamlined and adaptable approach has allowed her clients to effectively leverage the extensive documentation requirements of the General Data Protection Regulation (GDPR) in addressing challenges posed by other prominent regulations, most notably the California Consumer Privacy Act (CCPA).

Prior to DPS Advisors, Ms. Schreiber was a Managing Director in Navigant Consulting’s Disputes & Investigations practice, specializing in data management and protection strategies, managing e-Discovery and computer forensic investigation response teams, and using technology and advanced analytics to increase efficiencies and mitigate risk.  For one of the country’s largest mortgage banks, Ms. Schreiber led an enterprise application development engagement to link federal regulations to internal policies; map employees to requirements; and allow the bank to rapidly identify and rectify policy and compliance gaps. 

As a Principal at Deloitte, Ms. Schreiber assisted corporate and law firm clients with the technology, process and data privacy challenges inherent in complex Data Management engagements. Notably, Ms. Schreiber assisted an international Investment Bank build the necessary frameworks to centralize oversight of global data through targeted risk assessments, technology audits, and system and data-flow mappings. For a Consumer Products/Services client, she led a Data Risk Assessment engagement that identified gaps in IT, Legal and Business Unit processes, with remediation efforts focused on retention and archiving policies; integration verses isolation of legacy systems; and incident response and disaster recovery procedures. Ms. Schreiber also led global teams in digital forensic collection and investigation response, ensuring compliance with stringent foreign privacy protection acts and domestic regulations for handling PHI, PII and other sensitive data, including:

  • A DOJ/HHS investigation involving forensic collection of more than 22 million digital records from ~1,000 employees in hospitals across 7 states, in full compliance with HIPAA regulations. 
  • A Foreign Corrupt Practices Act (FCPA) investigation with data collection in 10 countries, including the UK, Singapore, and across Europe and the Middle East.
  • A US class-action lawsuit against a major Korean corporation requiring complex Data Subject interview protocols and project execution under government supervision to ensure compliance with Korean privacy laws.

As a Vice President at Xerox Litigation Services, a division of Xerox Corporation, Ms. Schreiber grew the professional services practice five-fold, entering 4 new markets over 5 years. 

An (ISC)2 Certified Information Systems Security Professional (CISSP) and International Association of Privacy Professionals (IAPP) Certified Information Privacy Manager (CIPM), Ms. Schreiber’s recent speaking events include:

  • CCPA & Privacy Summit - The Current State of Privacy Compliance, Presenter (January 2019)
  • 2018 New York CISO Executive Summit Q4 - Data Privacy - GDPR & What Comes Next,Executive Boardroom” Moderator (November 2018)
  • GDPR & Privacy Summit - Did GDPR-Like Regulations Just Go Worldwide? - The State of GDPR Compliance, Presenter (November 2018)
  • GDPR Privacy Management Workshop - Presenter (October 2018)
  • IT GRC Forum Webcast - GDPR 101: Monitoring & Maintaining Compliance After the Deadline, Presenter (August 2018)
  • Compliance Week Webcast Forum - GDPR Readiness: Mapping your way to meet GDPR Article 30 Requirements, Presenter (April 2018)
  • IAPP Global Privacy Summit 2018 - Follow the Data: Best Practices & Tips on Meeting GDPR Article 30 Requirements, Presenter (March 2018)
  • Privacy Insight Series - Best Practices for Managing Individual Rights Under the GDPR, Presenter (February 2018)
  • IAPP Web Conference - What’s the Risk of Not Complying with the GDPR?, Presenter (January 2018)
  • CBI’s Data Privacy for Life Sciences Summit - Updates on Global Privacy Regulations, Panelist (October 2017)
  • U.S. Securities & Exchange Commission FCPA Unit Annual Training - Requesting Information Held by Foreign Affiliates, Presenter (2014)
  • Continuing Legal Education (CLE) Seminars - Global Data Privacy Briefing, Author and Presenter (2014) 

Schedule an Appointment with Janalyn