Stephen B. Kaplan, JDChief Privacy and Security Officer

Steve-Kaplan-Head Shot-300x300-lock
areas of expertise
  • Policy & Procedure Development
  • Risk Assessments
  • HIPAA/HITECH
  • PCI DSS Readiness Assessment
  • GDPR
  • Training
education
  • Bachelor of Arts, University of Florida
  • Juris Doctorate, Emory University Law

Stephen serves as a Chief Privacy and Security Officer for GoldSky Security.

Stephen has served companies across in a compliance, security, and privacy roles since 2002, including acting as the Chief Privacy & Security Officer for multiple organizations. Mastering diverse roles in technology, policy, regulations, and risk management, he accumulated extensive experience and knowledge in a wide breadth of industries.

In addition to delivering results on a project basis, Stephen holds increasing responsibilities in executive level privacy and management roles for various companies, improving and overseeing the completion of information management initiatives.

As a consultant, he advises on and assists with the development and implementation of the entity’s data privacy policies and practices, working across business groups to drive data privacy excellence.

Recently, he has led the security and privacy improvement of companies in the Healthcare, SaaS, Insurance Industries as well several 501c(3) organizations, performing gap assessments against applicable frameworks and regulatory mandates. From the gap assessments, Steve and his team facilitated implementation of remediation efforts and proper missing controls, including:

  • Information Security Policies and Procedures
  • Risk Assessments
  • System Security Plans
  • Incident Response Plans, Training and Testing
  • Configuration Management Plans

Stephen approaches his work from a “Client Up” perspective, taking great care to learn a client’s business functions and objectives and then applying a privacy & security framework overlay rather than beginning with a regulatory schema or baseline and simply “draping it” over the business.  He is a consummate professional and extremely passionate about helping his clients reduce the risks of cyber-attacks and assist in achieving regulatory compliance mandates.

contact details

111 North Orange Avenue, Suite 800, Orlando, Fl 32801

Social Profiles

Stephen's Articles

  • Cybersecurity & Privacy Risks In The Legal Domain

    Why Small to Midsized Law Firms Must Protect Themselves Before Defending Others Cybersecurity and privacy risks are top issues plaguing law firms today. The volume of sensitive data managed by law firms makes them a prime target for cybercriminal activities. Therefore, the absence of a comprehensive data risk management framework exposes organizations in the legal

  • Protecting Clients’ Personal Data

    Are Law Firms Ready For Cybersecurity Risks and Regulatory Compliance Challenges of The 21st Century? It is a fact that every industry in the 21st century will face cybersecurity risks and regulatory compliance challenges. These challenges exist as a result of the growing complexities of conducting business across multiple domains of technology. For legal firms,

  • Democratizing Data Security By Leveraging Best Practices

    Democratizing Data Security By Leveraging Best Practices Of Big Firms For Small & Mid-Sized Firms A clear vision and prudent decision-making can help small and mid-size firms effectively handle sensitive and confidential data. Small and medium-sized enterprises can leverage some of the cyber security best practices of big firms to protect their critical assets from

How can GoldSky Security help you?

Contact GoldSky Security today for a Free Consultation.

GoldSky Newsletter

Sign up below to receive the latest news and security updates from GoldSky Security.