Learn More About Our Team

Joe is a Co-Owner and Principal of Lakeside Consulting Group. He is a Minneapolis-based Privacy Consultant and has over 15 years of operational experience in privacy, security, and operations, including being a Privacy Officer at a healthcare company, Sr. Director of Privacy at PwC, and leading a Fortune 500 privacy team during one of the nation’s largest data breaches. He has spent the last 7 years assisting companies with developing comprehensive data protection strategies and programs, conducting assessments, developing remediation plans, and implementing reasonable solutions to be compliant with privacy regulations such as HIPAA, CCPA and GDPR. Joe has worked locally in Europe to understand the practical and most effective methods to operationalize GDPR program capabilities. ​
​
Joe has experience covering numerous privacy and security regulations and frameworks, which include PIPL, HIPAA, LGPD, CCPA/CPRA, CSL, GDPR, TCPA, FCRA, CAN-SPAM, PIPEDA, GLBA, NIST, ISO, VA6500. Joe has a BS in Biology, Masters of Science in Management (MSM), and is a Certified Information Privacy Professional (CIPP/US). He is also a Marine Corps veteran with 8 years of service and multiple combat deployments.
Select experience:​

• Led OCR investigation prep and HIPAA program development for multiple healthcare organizations​
• Has worked in nearly every industry including Healthcare, Finance, Retail, Insurance/Re-Insurance, Telecom, and Tech​
• As the Sr. Director at PwC he led a team of over 50 consultants for a multi-million dollar 9 month project at a Fortune 10 company to assess CCPA compliance and develop comprehensive program capabilities across 14 company brands. ​
• Led over 15 large scale GDPR, Global Privacy Programs, and CCPA program builds for Fortune 500 companies including the assessment and integration of privacy and cybersecurity technologies​
• Led the privacy and cybersecurity assessment of 21 APAC regulations for a global financial institution leveraging PwC’s global network of in-country subject matter experts to deliver clear and effective remediation roadmaps​
• Developed Data Strategies for companies to unlock the value of their data while concurrently operating within privacy obligations​
• Developed and operationalized GDPR roadmap for multinational Fortune 500 medical device company​
• Led over 20 HIPAA privacy and security risk assessments, which included remediation planning and execution​
• Built and implemented over 15 full Global Privacy Programs ​

Matt is a Co-Owner and Principal of Lakeside Consulting Group. He is an information security and data privacy professional with over 15 years of industry experience. He has over 10 years of experience providing consulting and management services, including strategic planning, development and management to build multiple security/privacy consulting practices. Matt has successfully developed and led programs in the areas of information security, data privacy, governance, risk management, compliance and assurance.​
​
Matt utilizes a pragmatic, common sense approach to achieving client goals, meeting customer needs and providing value. Prior to co-founding Lakeside Consulting Group, Matt worked as an independent consultant helping both existing consulting firms as well as end-clients (large enterprises and SMBs) to build and mature their information security and data privacy practices and programs. He spent 8 years at Target Corporation as an information security expert and as an IT Auditor. Matt has implemented compliance and assessment programs focused on authoritative sources such as HIPAA, PCI, Sarbanes-Oxley, CAN-SPAM, TCPA, EU GDPR, CCPA, and ISO 27001/2. He holds CISA, CRISC, and CIPP certifications, and has an educational background in Information Systems and Finance.

Select experience:​

• ​Implemented several information security programs based on ISO 27001/2 at large retailers, including Fortune 50​
• Helped develop the information security governance function, with a focus on security policy and exception management, at Fortune 50 retailer​
• Helped develop GDPR privacy assessment program (DPIA) at large medical device manufacturer​
• Conducted over 20 GDPR DPIA privacy assessments at large medical device manufacturer, and identified and measured the risks in order to develop accurate remediation plans​
• Created go-forward plans for both HIPAA and CCPA privacy program compliance at large medical device manufacturer​
• Updated and enhanced the information security policies at Fortune 10 health insurer​
• Achieved PCI compliance and facilitated annual onsite QSA audit (4 years running) at large retailer​
• Audited and remediated Sarbanes-Oxley IT general controls at Fortune 50 retailer​