Joseph Emerson Managing Director Joe Emerson is a Managing Director, leader in Protiviti’s Data Protection and Privacy practice, and privacy subject-matter expert with comprehensive knowledge of privacy and compliance requirements to strategize, develop, and deliver complex privacy and compliance solutions for some of the world’s largest and most innovative companies. This has included serving, on numerous occasions, as an independent assessor pursuant to FTC Consent Orders, acting as a HIPAA Compliance Officer and Privacy Officer for major corporations and government agencies, managing privacy regulation readiness and compliance assessments, and collaborating to develop, implement, and ensure the ongoing success of solutions within organizational privacy programs.Throughout his career, Joseph has also developed a comprehensive knowledge of compliance programs and helping organizations meet their compliance goals based on FDIC, Federal Reserve, HIPAA, SOC2, ISO27 series, GLBA, U.S. – E.U. Privacy Shield, NIST 800-53, and other compliance-related standards.Prior to joining Protiviti, Joseph worked as a Director at a boutique consulting firm and as a Principal at Promontory Financial Group, an IBM company, overseeing and addressing challenges related to privacy, security, risk, and compliance management and the FBI. Joseph holds certifications with CIPP/US CISM, CDPSE, and CCSFP with the IAPP, ISACA, and HITRUST, respectively.Major ProjectsSpearheaded an assessment for the Federal Trade Commission (FTC) as an independent assessor for an ad-tech platform, successfully auditing the organization's comprehensive privacy program, performing detailed code and control review related to geolocation opt-in compliance and the Children's Online Privacy Protection Act (COPPA).Acted in the capacity of HIPAA Compliance Office for one of the largest metropolitan statistical areas in the U.S., ensuring alignment and compliance with global, federal, and state regulations.Designated Privacy Officer for an international security client, providing oversight in all matters related to breach response, incident identification and management, vendor management, and overall data privacy compliance.Designed internal audit programs and led internal audit responsibilities while providing guidance and directing companies through initial SOC2 and ISO 27001 and 27701 certifications.Areas of ExpertisePrivacy StrategyIT / Privacy Risk ManagementHIPAA, GDPR, CCPA, and ISO assessment, remediation, program developmentRegulatory experience with FTC and OCRIndustry ExpertiseTechnologyAd-TechHealthcareFinancial ServicesFood and BeverageEducationMA – University of Denver, Josef Korbel School of International StudiesBS – University of Central FloridaProfessional Memberships and CertificationsCertified Information Security Manager (CISM)Certified Information Privacy Professional (CIPP/US)OneTrust Certified ProCertified Data Privacy Security Engineer (CDPSE)Certified CSF Practitioner (CCSFP)
