Mary Lee Brown
Associate Vice President Audit, Compliance and Privacy
firstname.lastname@example.org | 215-898-7958
Mary Lee Brown is the Associate Vice President for Audit, Compliance and Privacy at the University of Pennsylvania and the University of Pennsylvania Health System. She is responsible for the assessment of enterprise and entity level business risks, developing and leading the execution of institution-wide audit, compliance and privacy work plans that focus on enhancing systems of internal control and compliance and privacy infrastructures that support and advance Penn's core missions of research, teaching and patient care. She leads and directs a highly skilled professional services team of 23 staff members. The Associate Vice President reports to the Board of Trustees Audit and Compliance Committees for the University and Penn Medicine, the President, the Executive Vice President(s), and the CEO of the Health System.
Mary Lee is a certified internal auditor and joined the University of Pennsylvania, Office of Audit and Compliance in March 1997 as Director of Audit for Information Technology. Between 2000 and 2004, she assumed increasing responsibilities within the Office of Audit and Compliance as Executive Director. Mary Lee has dedicated her professional career to higher education administration and management.
Executive Director, Audit
email@example.com | 215-898-1932
As the Executive Director of Internal Audit, Frank provides leadership to the 14 dedicated professionals comprising the Operational and Information Technology Audit function. He is responsible for planning and overseeing the delivery of the function's services to the University and Penn Medicine. These services include risk-based operational, financial, compliance, and information technology audits as well as various advisory and consulting engagements and investigations.
Frank is a Certified Internal Auditor with expertise in the design and evaluation of internal controls, sponsored projects administration and compliance, accounting, business process design, business administration, and audit/project management. He has served the Penn community in positions of increasing responsibility within OACP since 1997, starting as an internal auditor servicing the Health System and subsequently University Internal Auditor, University Audit Manager, Director of Operational Audits and, since May 2011, Executive Director of Internal Audit.
Director, Construction Audit
firstname.lastname@example.org | 215-573-4491
As Director of Facilities Real Estate Services (FRES)/Construction Audit, for the University of Pennsylvania, Ms. Glattes is responsible for the leadership of the audit function of FRES and capital construction projects. Gwen has established the Construction Audit Department's parameters, risk assessment criteria and various audit work-plans. Typical audits include contractor audits, process reviews, participation on system implementation teams, and on-going monitoring and awareness of campus construction and development activity. She is currently serving as Treasurer, for the Construction Owners Association of America (COAA).
Ms. Glattes holds an MBA in Accounting from St. Joseph's University, and a BA from Penn State University.
Institutional Compliance Officer
email@example.com | 215-573-3347
Linda Egerter Yoder joined Penn in 2006 as the assistant compliance officer in the Office of Institutional Compliance (OIC). In July of 2009, she assumed the position of Institutional Compliance Officer, a position she currently holds. In this position, she is responsible for overseeing the 215-P-COMPLY confidential reporting and help line investigations, administering the Clery Crime reporting online training and reporting module, maintaining the compliance universe inventory of the range of compliance requirements at Penn, and serving as a resource to individuals at the University and Health System who have compliance responsibilities through the Compliance Leads Forum and compliance oversight committees. Ms. Yoder also raises the awareness of compliance through presentations on the confidential 215-P-COMPLY reporting line and the Principles of Responsible Conduct at new employee orientations and staff meetings.
Ms. Yoder earned her B.A. from the College of William and Mary, her M.A. in corporate public relations at Rowan University, and her J.D. at Rutgers University School of Law-Camden. She is also licensed to practice law in New Jersey and Pennsylvania.
University Privacy Officer
firstname.lastname@example.org | 215-898-1934
As University Privacy Officer Maura has a leadership role in Penn's privacy program, focusing on raising awareness about privacy risks and choices, identifying evolving areas of risk, and mitigating privacy risks. Particular areas of focus include managing the University-wide Security and Privacy Impact Assessment program, assessing third-party data privacy/security protections in the cloud and raising awareness regarding mobile device security. The privacy program also focuses on compliance activities around FERPA and other laws.
Maura has an MBA from the Wharton School, a J.D. from the University of Pennsylvania Law School and a B.A. in English from Clark University. She is also a Certified Information Privacy Professional (CIPP).
Penn Medicine Privacy Officer
email@example.com | 215-746-7379
In her role as Penn Medicine Privacy Officer, Torie is responsible for all facets of the Health Insurance Portability and Accountability Act (HIPAA) privacy program for UPHS and the University covered entities. Torie's areas of focus include HIPAA training and education, policy and procedure development, assessing compliance and raising awareness around the proper use and disclosure of Protected Health Information.
Torie holds a BA from Howard University and a JD from Tulane Law School. She is a member of the International Association of Privacy Professionals, (IAPP) and the American Health Lawyers Association.
Senior Advisor for Privacy and Compliance
firstname.lastname@example.org | 215-573-3348
Lauren Steinfeld serves as Senior Advisor for Privacy and Compliance. In that position, Ms. Steinfeld works on privacy issues involving medical information, student records, electronic data, Social Security numbers, and other personal information. Recently, Ms. Steinfeld has worked extensively on developing policies, procedures and tools to mitigate risks in the information technology area. Ms. Steinfeld has also taught a Privacy Law course at Penn Law.
In the compliance area, Ms. Steinfeld focuses on coordinating and improving communications at all levels regarding the many compliance activities that take place at Penn, as well as developing and sharing compliance tools, resources, and best practices, and promoting Penn's confidential reporting line.
Ms. Steinfeld received her B.A. from the University of Pennsylvania, graduating Phi Beta Kappa and magna cum laude. She received her J.D. in 1992 from New York University School of Law. She also holds the Certified Information Privacy Professional (CIPP) certification.