Tueoris serves multinational clients across industries, including health and life sciences, financial services, business technology and travel and leisure.

Details about our experience and client references are available upon request.

Tueoris Team

Dan Goldstein
Co-Founder and Partner 

Dan is a co-founder and partner of Tueoris.  He advises clients operating in complex business and regulatory environments on privacy and data risk mitigation strategies and solutions.  He focuses on enterprise-wide information risk management strategies and solutions in accord with applicable requirements across industry.  His career has centered on guiding U.S. and multinational clients through complex international data protection requirements in order to provide business solutions that can be implemented across large organizations.

Dan is a graduate of the University of California, Los Angeles and the Golden Gate University School of Law.  He is a member of the State Bar of California, and has over 15 years of professional experience focused specifically on data protection. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Privacy Professional (CIPP – US and European certifications.)

Kamal Govindaswamy
Co-Founder and Partner 

Kamal is a co-founder and partner of Tueoris.  With over 20 years of consulting services experience, Kamal’s information security and privacy consulting philosophy is rooted in his facts-based-pragmatism for furthering his clients’ business agility and objectives (and not Fear, Uncertainty and Doubt that often characterize our profession). He oversees our consistent track record and exceptional focus on delivering outcomes that truly matter to our clients, for each of their business, risk or regulatory compliance contexts.His specialties include security or privacy programs – development and implementation of strategies, security or privacy risk or compliance assessments, identity management – strategy or roadmap development and program management, security or privacy operations – develop strategy for and implement monitoring and response capabilities and regulatory compliance.His clients include large and medium size organizations across Healthcare or Life Sciences, Retail, Financial Services and Consumer Business industries.

Shawna Doran
Senior Manager
Shawna has advised a wide range of multinational companies on data privacy issues in various capacities. As outside counsel, Shawna focused her practice on data privacy and security and information technology transactions. She assisted companies with compliance with state, federal, and international data privacy regulations, including regarding global data transfers and data breach notification. She also regularly drafted privacy statements, privacy policies, and other internal and external policies and procedures to comply with data privacy laws, and regularly negotiated data privacy and security provisions in vendor agreements.
As in-house counsel, Shawna was involved in evaluating and providing counsel to colleagues and executive staff on matters pertaining to data privacy across the globe. Her work included providing guidance on marketing activities, company initiatives involving the processing of personal data in the European Union, Latin America, and the Asia-Pacific region, eligible data transfer mechanisms, and incident response procedures. She has also advised on privacy program development, Privacy Shield self-certification, data breach notification requirements, and requirements under the General Data Protection Regulation (GDPR). Most recently, she managed the privacy program of a $15B technology company and led their GDPR readiness efforts.

Shawna is a graduate of Indiana University at Bloomington and the University of Chicago Law School. She is a member of the State Bar of Illinois. Shawna is a Certified Information Privacy Professional (CIPP – US and European certifications).

Shankar Subramaniyan
CISSP, CISM, CIPP/US, PMP, AWS-SAA, Splunk Certified Power User
Senior Information Security Architect

Mr.  Subramanian brings more than 20 years of IT security, privacy and related regulatory compliance experience, serving clients across banking, healthcare, entertainment, insurance, oil and gas industries. Much of his work over the last six years has been focused on implementing third party risk assessment and security frameworks to global clients. He has served a variety of healthcare organizations, including a large pharmaceutical company in Japan and health care providers in US.

He has implemented and maintained an information security framework and processes based on industry standards such as ISO 27001/2 and ITIL to meet various compliance and client requirements. He is trained and experienced in IT security regulations such as HIPAA, PCI, SOX, SOC, GLBA and has an extensive background in the formulation and implementation of enterprise security policies and procedures.  such as IT security incident management, vulnerability management and change management procedures.

He has assisted clients in implementing third party risk assessment programs including IT service providers and cloud application service providers. He has performed vendor profiling, various types of assessment based on the vendor classification, security architecture review, remediation tracking and reporting across vendors and established enterprise wide program. In addition to experience with risk or compliance assessment efforts, he has been involved in assisting vendors to implement client requirements and certifications/attestations such as SOC 1/2.

In addition to GRC, he brings specialist skillsets and experience in the following security verticals, which help him deliver more effective and meaningful risk and compliance assessments:

  • Business Continuity/Disaster Recovery – strategy or roadmap development and program management or testing or implementations
  • Data Leakage Prevention – strategy or roadmap development and program management
  • Security Information and Event Management (SIEM) – strategy, planning, advisory support for implementations and operations
Mayra Cavazos
Senior Consultant
Mayra has a substantial background in privacy strategy and compliance.  Her experience includes data protection, cybersecurity, cloud computing, and data analysis.
Mayra started her career in privacy at the Organization of American States in Washington, D.C.  where she interned for the Department of International Law and analyzed the distinct privacy and data protection approaches in Ibero-America.  Thereafter, she worked for two of the most prominent law firms in Mexico City where she advised large-scale public and private organizations on privacy compliance, risk management matters, and data processing in the European Union and Latin America regions, with an eye towards smooth integration of protocols to avoid interference with ongoing business operations.  Mayra assessed controlling statutory requirements, analyzed internal data flows to identify risks, prepared plans to mitigate those risks, presented the plans to all-level personnel in the organization, and implemented the plans into the organization.  She has also managed an e-commerce platform, programmed online web applications, and worked on search engine optimization.

Mayra earned her LL.M from the George Washington University Law School and her LL.B from the Monterrey Institute of Technology and Higher Education School of Law.  She is fluent in English and Spanish, and has an advanced understanding of French.  She is an active member of the American Bar Association (ABA) and the American Association of International Law (ASIL) where she has edited and published numerous privacy and international law articles.

Katharina Winkler
Senior Consultant
Katharina is an attorney in Germany and New York with experience in US and EU privacy and technology law. She obtained her legal education from the University of Hamburg in Germany, Université de Strasbourg in France and a LL.M. degree in Intellectual Property and Information Technology Law from the Fordham University Law School in New York City. At Tueoris, she supports multinational clients across industry (including pharmaceuticals and biotech) to navigate complex EU and global privacy requirements.
Katharina previously worked in the digital business department at an international law firm where she drafted e-commerce policies and software contracts and advised German and U.S. tech businesses on E.U. consumer and data protection laws. She also worked at the Fordham Intellectual Property Institute and spent three months at a law firm in New York City where she drafted memoranda on the EU-US Privacy Shield and other international regulatory developments.

She is fluent in English and German and has an advanced understanding of French. She is a member of the German American Lawyers’ Association, New York Sate and City Bar Associations and International Association of Privacy Professionals (IAPP).

Tamara Lev
J.D., LL.M., LL.B.
Tamara has interned and worked for several companies and a government agency focusing on intellectual property and privacy. While working as a legal intern, she drafted legal memoranda, helped research key issues relating to Europe globalization, privacy in the workplace, and intellectual property rights.
During her law school studies, Tamara has traveled to different Universities taking part in intellectual property seminars and discussions. While traveling to the WIPO (World Intellectual Property Organization), Tamara was chosen to present her findings on her research paper on the topic of Traditional Knowledge.

After graduating from law school, Tamara moved to New York to further her studies, and obtained an LLM in Intellectual Property and Information Technology. She participated in classes solely on those topics, where she gained a better understanding on the topics of information technology, e-law, privacy, and intellectual property. Tamara is a law graduate from Ono Academic College with a LLB in Law. She also graduated from Fordham Law School with a LLM in Intellectual Property and Information Technology. Tamara is a member of the State Bar of New York.

Somy Kim
Somy has gained exposure to many aspects of healthcare through her work as an Application Consultant for Cerner Corporation. Her duties encompassed building relationships with providers, and being a subject matter expert for multiple department applications to ensure that the hospital, as a whole, is exercising best practices when documenting patient care. The departments she managed include: Radiology, Laboratory, Labor and Delivery/ Maternity, and Infection Control. She has extensive knowledge with Cerner’s Electronic Health Record and has the aptitude to learn other EHRs.
Somy’s curriculum at Northwestern University encompassed aspects of healthcare regulatory compliance including Healthcare Compliance Programs, Healthcare Regulatory Enforcement, and Risk and Decision Management. She has experience reviewing hospital policies and procedures, ensuring that they are HIPAA compliant, and is proactive to stay current with regulatory changes in the space.

She has shown agility in her ability to transition to the larger scope of privacy through her efforts supporting client GDPR initiatives and is currently preparing to become a Certified Information Privacy Professional (CIPP), and to attain her Certification in Healthcare Privacy Compliance (CHPC).Somy is a graduate of the University of Illinois at Urbana-Champaign with a Bachelors in Healthcare Administration. She graduated from Northwestern University with a Masters of Science in Regulatory Compliance. Somy is a member of the Health Care Compliance Association (HCCA).

Jaymarie Capalac

Jaymarie is a former Associate Consultant in the Medication Process team from Cerner Corporation. She has implemented and supported the PharmNet Inpatient solution for nearly a dozen hospital conversions under Intermountain Healthcare. Her work on an Enhanced Medication Request process was awarded for creating a positive influence on the client project.

She has collaborated with hospital providers and project management to develop and execute workflows that optimize the software while achieving patient safety goals. Her time with Cerner has allowed her to become well-versed in the working and troubleshooting knowledge of several Cerner Millennium solutions, being a subject matter expert over the Pharmacy, Physician and Nursing applications.

Jaymarie has experience in several Electronic Health Record and management systems through her career as a Licensed Pharmacy Technician. She has proven her ability to learn and adapt to new systems, quickly becoming responsible in leading training for onboarding employees in each role.

Jaymarie is a graduate from the University of Illinois at Urbana-Champaign with a Bachelors in Community Health, concentrating in Health Education and Promotion. She is a member of the National Association of Asian American Professionals (NAAAP).

Joseph Peng
Joseph obtained his expertise in healthcare through his work across the nation as a Cerner Application Consultant. He has implemented and supported RadNet solution in over twenty hospitals and led the RadNet configuration team on several projects. He also learned to construct and navigate other Cerner applications such as PowerChart, PathNet, PharmNet, and many configuration tools that are essential to applications’ functionalities. He collaborated with several industry giants in healthcare, such as Intermountain Healthcare, Trinity Health, Catholic Health Initiative, and Dignity Health.
In his work, Joseph utilized his knowledge as a radiology subject matter expert to enhance and optimize his clients’ workstreams while ensuring clients’ ability to be HIPAA compliant. His work on Enhanced Medical Request as well as his involvement with workstream designs during implementation has greatly assisted hospitals to advance through the stages of Meaningful Use. He has demonstrated his adaptability by cooperating with healthcare providers, nurses, receptionist, and contractors in high-pressure settings, such as emergency rooms and surgeries.
Joseph is a graduate from the University of Illinois at Urbana-Champaign with a Bachelors in Molecular Cellular biology, and concentrations in both Chemistry and Psychology.