Heather is a Vice President in Stroz Friedberg’s Houston office. She provides proactive cybersecurity risk mitigation services, information security incident response, digital forensic investigations, and electronic discovery matters for law firms and corporations. Heather also manages privacy compliance services including; GDPR, PII, HIPAA risk assessments and GAP analysis, breach response and SOC program management.
Heather has over 20 years’ experience in risk management, HIPAA privacy and security and state data breach notification laws. Prior to joining Stroz Friedberg, Heather was the HIPAA Privacy Officer for a national litigation support company for over eleven years. In that capacity, Heather created and implemented a nationwide HIPAA privacy and security program in compliance with federal and state regulations. She also developed employee training, created computer and PDA policies, and managed Business Associate Agreements with over 3000 vendors and subcontractors, She coordinated physical, technical and administrative safeguards across 75 offices. Heather also conducted privacy and security risk assessments for law firms and corporate clients across the country.
Heather is also a frequent speaker and author on topics related to HIPAA, HITECH, data breach notification laws and third party privacy requirements. She has been published in US LAW Magazine, ALA National Magazine and several publications by the Texas State Bar.
Prior to her legal experience, Heather was a healthcare social worker and risk manager in behavioral health.
Heather is certified in Healthcare Privacy Compliance (CHPC) and is a Certified Healthcare Information Security Privacy Professional (HCISPP). She is a graduate of Florida State University where she earned a Bachelor’s of Science degree in Psychology. She earned her law degree from South Texas College of Law in Houston.