Samantha is a director with Baker Tilly’s risk advisory practice. She has more than10 years of experience working in information technology (IT) risk advisory and has been with Baker Tilly since 2011. She helps assist clients in navigating complex compliance and regulatory frameworks in information security and privacy. Her client base includes higher education, healthcare, technology and government agencies.
- Performs assessments including Health Information Trust Alliance (HITRUST), National Institute of Standards and Technology (NIST), minimum acceptable risk standards for exchanges (MARS-E), Health Insurance Portability and Accountability Act (HIPAA), international organization for standardization (ISO) 27001 and organizational controls (SOC2), as well as other regulatory frameworks
- Provides assistance in identifying, documenting and testing internal control in relation to compliance from both a financial and IT perspective
- Performs consulting services to plan, develop, execute and improve internal control procedures for suitability of design and operational effectiveness
- Performs information privacy and security reviews, focusing on current information privacy and security policies, procedures and practices and the monitoring mechanisms in place to identify new information privacy and security laws and regulations
- Manages IT audit engagements to coordinate corporate objectives with external audit risks to ensure integration between internal and external audit teams
- HITRUST External Assessor Council
- Healthcare Information and Management Systems Society (HIMMS)
- Junior League of Minneapolis, chief financial officer
- Certified Information System Auditor (CISA)
- HITRUST CCSFP/CHQP
- ISO27001 Lead Implementer/Lead Auditor
