In her current role, Yvette specializes in advisory services related to all aspects of information management, including data privacy, information security and breach notification under the U.S. and EU laws and regulations, such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), New York Department of Financial Services Cybersecurity Regulation, Children’s Online Privacy Protection Act (COPPA), and Family Educational Rights and Privacy Act (FERPA).
Prior to joining Kroll, Yvette was Chief Compliance Officer for Automated Collection Services, Inc., where she established and led the corporate compliance and training departments. Earlier in her career, Yvette oversaw the development and implementation of several companies’ overall data security and risk management programs in the banking and financial services industries. Her accomplishments include developing and executing plans to comply with consumer financial privacy and data security regulations, such as the Gramm Leach Bliley Act (GLBA). She has also liaised between companies and the regulators and law enforcement, and she has handled compliance requirements under the Bank Secrecy Act, USA PATRIOT Act, Dodd-Frank Act, Fair Credit Reporting Act (FCRA), Health Insurance Portability and Accountability Act (HIPAA), Fair Debt Collection Practices Act (FDCPA), Telephone Consumer Privacy Act (TCPA) and state laws. She has a proven track record of successful efforts that have reduced the risk of compromise to the consumer’s private information and the company’s regulatory and reputational risks. Yvette has additional hands-on experience with establishing programs to comply with the Payment Card Industry Data Security Standards (PCI DSS) and SEC-OCIE Guidance on Cybersecurity.
Throughout her career, Yvette has helped organizations comply with diverse regulatory regimes and evolving mandates related to anti-money laundering, know your customer, consumer privacy and security, and data breach detection and notification processes. She translates this knowledge and experience into pragmatic guidance for clients, helping them with strategic efforts such as developing and implementing policies, procedures, and processes; training programs; consumer complaint and dispute portals; credit reporting processes; identity theft prevention/remediation management; and third-party vendor management.
Yvette holds a J.D. from Loyola Law School, Los Angeles, and a B.S. (magna cum laude) from Woodbury University. She is admitted to the State Bar of California. Yvette holds the Certified Information Privacy Manager (CIPM) and the Certified Information Privacy Professional/U.S. (CIPP/U.S.) credentials from the International Association of Privacy Professionals. She is also a Certified Data Furnisher under the Fair Credit Reporting Act. Yvette is a member of the Los Angeles County Bar Association (LACBA), and she serves on the board of directors of Los Angeles Educational Partnership (LAEP).