We work with our clients and develop a common sense approach to meet your needs.



We use standards and controls applicable to your privacy and security posture including:

  • California Consumer Privacy Act of 2018, Amendments and Rulemaking

  • HIPAA/HITECH Security, Privacy and Breach Notification Rules

  • Generally Accepted Privacy Principles (GAPP)

  • EU’s General Data Protection Regulation (GDPR)

  • ISO/IEC 27001-2:2013

  • CIS Top 20 Critical Security Controls (CA AG requires)

  • SEC OCIE Cybersecurity Initiative

  • NIST Cybersecurity Framework

  • U.S. Sentencing/DOJ/OIG Guidelines for Effective Compliance (program foundation) 

  • Applying Risk Management Program Management and Principles




We arm you with the knowledge, tools and more importantly the confidence to establish a practical program.


We gain an understanding of your company’s operations, identify risks and compliance gaps, then formulate a road-map towards a legally defensible posture.


We support delineating clear roles and responsibilities for operationalizing privacy and security policies and practices, including Privacy/Security-by-Design to continuously identify and acceptably mitigate these risks.



We help secure your organization’s commitment to overcome cultural and organizational resistance.

  • LinkedIn Social Icon

        Speaking Events

  • LinkedIn Social Icon
IAPP logo
(ISC)2 logo
AIIM logo
CIPP logo
CISA Certification Logo


We serve U.S. and international companies wishing to do business in the United States. Our clients range in size from 8 people to a Fortune 1000 company for whom we have performed gap and risk assessments across multiple business units and subsidiaries, including three acquisitions shortly after close. We have conducted M&A privacy and security due diligence on behalf of our clients and built a FTC consent order client’s security program in multi-state locations, helping them pass four consecutive biennial audits.
Our experience and expertise allow us to serve a wide range of industries covered by different laws and regulations. Our work is commonly performed at the direction of referring counsel under attorney-client privilege. Representative examples of our clients include:

Life Sciences, 

High Tech / Internet

  • Genetic testing laboratories

  • Hospice Organization

  • Health technology Co.

  • Google Glass tele-health application

  • Laboratory information management systems company

  • Email security service

  • Web security / threat defense service

  • Database marketing analytics

  • Robotics

  • Online direct auto lender

  • Event management service

Financial Services 

  • Hedge fund

  • Bitcoin company

  • Traditional loan company

  • Asset management company

Mobile Apps

  • Health fitness app

  • Lab testing requests and payment application

Since 2008, we've built a successful boutique consulting practice strictly through repeat referrals, primarily from privacy lawyers at major law firms, as well as some from client referrals and speaking engagements.

Michael is a terrific, detail-oriented compliance guru on privacy and data security issues.  He takes charge of a project, and ensures that both the big picture and small details get addressed in a practical, comprehensive fashion.  I highly recommend Michael as a team partner.

- Alysa Hutnik, Partner

Advertising, Privacy & Information Security Practice

Kelley Drye & Warren, LLP

Michael is one of those privacy professionals who reflects the skills we all want to exhibit.  He understands the strategy and big picture issues in the evolving arenas of health, genetic, and international data, while concurrently managing the detail of program rollouts and compliance operations.

- Peter F. McLaughlin,


Privacy & Cybersecurity Practice

Womble Bond Dickson, LLP

Paul is a motivated self-starter who works toward solutions that are in his client's best interests. He keeps his client's needs at the forefront of all he does and is dependable and trustworthy. His positive energy and willingness to get the job done right are inspiring to all.

- Lisa Larson Meuser

Accredited Financial Counselor (AFC)

Wells Fargo


© 2017 by SoCal Privacy Consultants