Bala Subramanyam G
Privacy Compliance & Infosec
Hyderabad
Summary
Customer Success Stories
"Lead Consultant & Internal Auditor for Data Privacy & Infosec program"
-
Project brief: Data Privacy and Security advisory, implementation and internal audit for supporting large scale clinical trials, with over 100k participants for Huma Therapeutics, London (for COVID-19 Vaccine of AstraZeneca)
- Conducted briefings with the CTO about Data Privacy risks with risk management strategy
- Researched and identified comprehensive global data privacy regulations in the EU region and North Americal geographies that are barriers to go-to market
- Lead a cross functional team of 50 consisting of data Privacy specialists, cybersecurity consultants, Quality Assurance professionals and Legal counsel to design a IT-GRC program to comply with regulations related to EU-GDPR, US-HIPAA and US-FDA 21 CFR part 11
- Helped business analysts translate the regulatory requirements into technical specifications for the DevOps team to implement controls for ensuring confidentiality, Integrity and Availability of e-records and e-signatures of Clinical Trails data.
"Data protection Officer and vCISO for a Inc. 5000 Data Analytics company in the United States"
-
Project brief: The analytics company required an expert consultant to provide guidance on complying with various federal and state level data privacy regulations in the USA. Further the company is looking forward to expand it's footprint in the European Union region. The challenges are identifying key risks associated with their business model where the company acts as a data processor for several multi-billion dollar organizations in healthcare, financial services and retail
- Conducted Data Protection Impact Assessments (DPIA) or Privacy Impact Assessments (PIA) for high risk clients
- Audit readiness assessments conducted for achieving and renewal of the coveted SOC 2 Type 2 attestation from a Big-5 audit firm for 3 years in a row
- Broke regulatory barriers for the company to enter into the European Union Region by preparing for self-assessment and registration with the EU-US DPF by aligning the privacy controls for the Regulation (EU) 2016/679 (GDPR or General data Protection Regulation)
- Broke regulatory barriers for the company to enter into Switzerland market by preparing for self-assessment and registration with the Swiss-US DPF by aligning the privacy controls for FADP (Federal Act on Data Protection)
- Managed compliance with employee PII records for the company's consultants in the UK region, as mandated by the UK-Data protection Act
Overview
16
16
years of professional experience
4
4
years of post-secondary education
5
5
Languages
Work History
Privacy Compliance & Infosec
Bellwether
Hyderabad
12.2009 - Current
- Enterprise Risk Management consulting specializing in Data Privacy Regulatory advisory services (related to PII and PHI) with a focus on European Union and North American geographies
- Readiness assessment consultant for EU-GDPR, UK-DPA, Swiss-FADP, California-CCPA, SOC 2 Type Type 2, HIPAA, FDA 21 CFR Part 11
- Lead consultant for self-assessment for EU-US DPF (with UK addendum) and Swiss-US DPF (Privacy Shield 2.0)
- Collaborated with operations and functional teams to ensure data protection and privacy initiatives' implementation.
- Analyzed existing policies, processes, and controls, recommending changes for data protection.
- Worked closely with legal teams to identify regulatory requirements related to privacy and data protection.
- Translated regulatory requirements into actionable process improvements.
- Developed and supported a framework for compliance monitoring and reporting.
- Assisted in responding to data protection inquiries, supporting internal audits, and reviewing privacy impact assessments.
- Managed day-to-day privacy matters, including drafting of Data Processing Addendums (with SCCs), Transfer Impact Assessments/TIAs, Legitimate Interest Assessments enabling compliance during international data transfers.
- Conducted research and analysis on privacy law developments.
- Played a key role in the development and management of the privacy program across geographies, including governance, compliance, training, and reporting.
Technical Solutions Engineer
Akamai Technologies
Bangalore
01.2008 - 08.2009
- First point of contact for customers encountering issues with Akamai's Content Delivery Network (CDN) solution.
- Provide timely and professional technical support to address customer inquiries, troubleshoot problems, and resolve issues related to Akamai CDN services.
- Collaborate closely with customers to understand their specific requirements, concerns, and technical challenges.
- Diagnose and troubleshoot issues related to content delivery, cache configurations, performance optimization, and security within the Akamai CDN.
- Utilize Akamai's tools and resources to investigate and resolve technical problems efficiently.
- Escalate complex issues to higher-level support or engineering teams when necessary, and follow up on the resolution.
- Offer expert guidance and best practices to help customers maximize the benefits of Akamai CDN solutions.
Education
Bachelor of Technology - Computer Software Engineering
Jawaharlal Nehru Technological University
Hyderabad 04.2000 - 03.2004
Skills
US DPF (EU-US & Swiss-US)
undefinedAffiliations
ISC2 Candidate (International Information System Security Certification Consortium)
Timeline
Privacy Compliance & Infosec
Bellwether
12.2009 - Current
Technical Solutions Engineer
Akamai Technologies
01.2008 - 08.2009
Bachelor of Technology - Computer Software Engineering
Jawaharlal Nehru Technological University
04.2000 - 03.2004
Similar Profiles
Allie Pashby-RockwoodAllie Pashby-Rockwood
Preschool Teacher at The Bellwether SchoolPreschool Teacher at The Bellwether School
Alondra EspinozaAlondra Espinoza
Marketing Intern at Bellwether CommunicationsMarketing Intern at Bellwether Communications
Ryan DiercksRyan Diercks
Full Stack Software Engineer at Bellwether CoffeeFull Stack Software Engineer at Bellwether Coffee