Biography

Robert J. Hudock is a Strategic Advisor for EBG Advisors, Inc. Mr. Hudock focuses his practice on e-health issues, including information security, privacy, data forensics/e-discovery, legal and business issues of outsourcing, encryption (FIPS/ ISO Standards), legal implications of expert systems, and knowledge management systems. Mr. Hudock conducts risk assessments, designs and implements cost-effective strategies for managing electronic documents, and advises on privacy and security legislation and managed computer security incidents.

Mr. Hudock has been at the forefront of information privacy, information security, data mining/aggregation, and the forensic practice areas for the last eight years. During this time, he has regularly advised leading financial and health institutions, as well as innovative startup companies, on identifying, evaluating, and improving the security posture and mission critical processes of their organizations. Most recently, Mr. Hudock has assisted Fortune 500 clients with their security and risk analysis obligations under U.S., Canada, and European Union law.

Mr. Hudock formerly served as the Chief Privacy and Data Security Officer and Senior Vice President of a major intelligence, military, aerospace, engineering, and systems contractor, where he managed all aspects of privacy and cyber-security compliance across the company.

Representative Experience

  • Conducts risk assessments and IT audits for health care and financial services companies following HIPAA, FDIC, Federal Reserve Bank (FRB), OTS, OCC Information Security Guidelines, GLBA, and other best practices
  • Designs and implements cost-effective strategies for managing electronic documents (including collecting, preserving, reviewing, analyzing, and producing electronic data) utilizing his broad knowledge of e-discovery hardware and software technologies, such as (traditional) Boolean, conceptual, clustering, and taxonomic search methodologies
  • Advises clients regarding privacy and security legislation: HIPAA Privacy and Security Regulations, the GLBA, the EU Commission's Directive on Data Protection (95/46) and the Department of Commerce's EU Safe-Harbor, the Personal Information Protection and Electronic Documents Act (Canada), the U.S. Patriot Act, the Sarbanes-Oxley Act, state-based security breach notification legislation (both acquisition- and risk-based variations), OIG Corporate Integrity Agreements and the Medicare and Medicaid Patient Protection Act of 1987 (the "Antikickback Statute"), and NIST/ISO privacy and security standards
  • Manages computer security incidents for various clients in both the health care and financial sectors, and performs and creates procedures for system security audits, penetration tests, and vulnerability assessments to define real metrics by which an organization can evaluate and demonstrate its privacy and security due diligence

Memberships & Affiliations

  • Certified CSF Practitioner, Health Information Trust Alliance (HITRUST)
  • Certified Information Systems Security Professional (CISSP)
  • Certified by the National Security Agency to perform INFOSEC Security Methodology (IAM) audits under FISMA.
  • Certified Ethical Hacker (CEH)

Distinctions

Mr. Hudock is a Certified CSF Practitioner, a designation given by the Health Information Trust Alliance (HITRUST), an organization that provides training to develop and maintain effective security programs for health care and life sciences companies that comply with security laws, regulations, and standards, including HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, and various other federal, state, and business requirements. Mr. Hudock is also a Certified Information Systems Security Professional (CISSP) and certified by the National Security Agency to perform INFOSEC Security Methodology (IAM) audits under FISMA.

In addition, Mr. Hudock is a Certified Ethical Hacker (CEH). The CEH certification is a professional certification provided by the International Council of E-Commerce Consultants. Mr. Hudock is a skilled security and legal professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker to secure client’s information systems.

Most noteworthy, Mr. Hudock has twice won the internationally recognized Capture the Flag event held each summer in Las Vegas at Defcon.

Education

  • Cornell University Law School  (J.D., cum laude)
  • St. Lawrence University  (B.S., cum laude)