Ryan has extensive experience in the areas of compliance consulting, system and controls (SOC), HITRUST and internal audit reporting. He has experience managing both domestic and international engagements that include SOC audits, compliance assessments and technology control reviews. His experience encompasses working with federal regulations including Sarbanes-Oxley (SOX), the Gramm-Leach-Bliley Act (GLBA), HIPAA, the Health Information Technology for Economic and Clinical Health Act (HITECH), the Federal Financial Institution Examination Council (FFIEC) and the National Institute of Standards and Technology (NIST). Ryan also leads DHG’s Microsoft Supplier Security & Privacy Assurance (SSPA) Data Protection Requirements (DPR) independent assessments as a Microsoft Preferred Assessor. His client base includes financial services, insurance, healthcare and technology organizations.
Ryan led the development of the HITRUST practice for DHG. Through consulting with and advising clients, Ryan has assisted clients implement the HITRUST MyCSF tool, validate MyCSF requirements and report the validated assessment to HITRUST for certification.
He has led multiple consulting engagements with a variety of clients to assist with IT strategic alignment; data conversions; mergers and acquisitions; governance; security and operations; internal audits; SOC audits; compliance assessments; and technology control reviews for financial statements.