Skip to main content

Handout - 2019 - National - Higher Education

Higher Education Compliance Conference

June 3 - 6, 2018 | Austin, TX

CEU Application | Conference Brochure



1:00 – 2:30 pm Breakout Sessions

P1 | Privacy Boot Camp: A Pragmatic Approach to Surviving the Regulatory Wilderness

  • Get out of the weeds! Explore how application of fundamental privacy principles and promotion of “privacy by design” across the spectrum of institutional operations can mitigate compliance risk, result in more resilient data governance processes, and inform audit and compliance work plans.
  • Get up to speed! Identify opportunities across the regulatory landscape to (re)assess your institution’s highest risk exposures and leverage organizational privacy partnerships, in light of expanding operations, changing technologies, and enforcement trends.
  • Get real! Participate in lively interaction with your peers, and take away practical tips and tools to conduct “spot checks” of your privacy program. (This is not an IT/security-focused session – but be sure to bring your phone or laptop!)

Presentation (2 slides/page)
Presentation (3 slides/page)

Handout (.xlsx)

Kathleen A. Sutherland, Audit Manager-Compliance, Department of Internal Audit, University of Colorado

Deborah A. O’Connor, Director Campus Compliance/Privacy Officer, University of CO Colorado Springs

Holly B. Benton, University Privacy Officer, Office of Audit, Risk & Compliance, Duke University


P2 | Participating, Developing, Leading, and Nurturing Lean-In Circles for Fellow Compliance Officers and Members of Your Organization

  • Develop a more robust relationships with your co-workers and fellow compliance officers
  • Seek a personal growth goal—be an active participant in a nurturing and supportive group of higher education compliance officers discussing the Lean-In Circle themes at this session
  • Develop a train the trainer goal—use techniques and study guides discussed in this session to contemporaneously or subsequently develop, lead, and nurture a Lean-In Circle for your organization

Presentation (2 slides/page)
Presentation (3 slides/page)

Judith W. Spain, Professor, Business Law, Eastern Kentucky University


2:45 – 4:15 pm Breakout Sessions

P3 | Monitoring Mentor: The Workshop

  • Explore best practices for monitoring of compliance risks, activities, and projects
  • Identify key compliance monitoring activities and controls for top higher education compliance risks and requirements
  • Develop a compliance monitoring methodology and work plan

Presentation (2 slides/page)
Presentation (3 slides/page)

Handout 1
Handout 2

Jessica Wasserman, Assistant Compliance Officer, New York University


P4 | Title IX: The Changing Landscape

  • Beyond sexual assaults
  • Consent
  • Trauma informed investigations

Presentation (2 slides/page)
Presentation (3 slides/page)

James C. Dockery, Director, Accessibility Operations, USAA



General Session 8:15 – 9:15 am

General Session 1 | Higher Education Year in Review

  • Provide a Year-In-Review perspective of Higher Education Compliance, as well as what the current environment and the past year suggest for the changes to come in 2019 and beyond
  • Recap major changes in the regulations impacting higher education and significant ‘current events’ impacting higher education, with a focus on the response of the impacted institution, the industry and the community at large
  • Cover the broad spectrum of higher education compliance areas including student administration, research and federal contracting, the Bill of Rights on campus, Title IX, NCAA, etc. as well as compliance program models for higher education

Presentation (2 slides/page)
Presentation (3 slides/page)

Marisa Zuskar, Higher Ed Consulting Director, Huron Consulting Group

Matthew Staman, Managing Director, Huron Consulting Group

9:45 – 10:45 am Breakout Sessions

101 | Overcoming the Challenges and Silos with Title IX, Clery Act, FERPA, OSHA, State Laws, and More!

  • Understand how conventional approaches (case/conduct management systems, spreadsheets, emails, meetings, paper, etc.) lead to disconnected silos with lots of gaps for compliance failures and expensive liabilities
  • Learn how to tap into and collect important information from the community, including organizations [employees, HR, legal, etc.], local community, friends & family, and social media communities where most of your vital information resides
  • Understand and harness community-wide strategies to meet compliance obligations and prevent more incidents and tragedies from happening in order to avoid compliance, reputational, and bottom-line nightmares

Presentation (2 slides/page)
Presentation (3 slides/page)

Rick Shaw, President, Awareity


102 | Don’t Let Your Conflict of Interest Make You a Person of Interest: Perspectives from a University and Academic Medical Center

  • Creating a Comprehensive COI Policy
  • COI Red Flags
  • Industry Funded Speaking; Attending industry sponsored lectures and meetings; Vendors on Campus

Presentation (2 slides/page)
Presentation (3 slides/page)

Julia A. Hamilton, Director, Vanderbilt University Medical Center

Christy Hooper, Assistant Vice Chancellor, Vanderbilt University

103 | Viewing Policy Development Through an Equity Lens

  • Do your policies have a disparate impact on diverse audiences (e.g., people of color, gender, ethnicity)? The University of Minnesota undertook an effort to explore the potential for applying an equity lens to administrative policy development
  • Ten process and tool improvements we identified to support the addition of an equity lens
  • Sharing our post-implementation successes and challenges, including “quick hits” that were tackled

Presentation (2 slides/page)
Presentation (3 slides/page)

Boyd Kumher, Chief Compliance Officer, University of Minnesota

Michele Gross, Director of Policy, University of Minnesota


11:00 – 12:00 pm Breakout Sessions

201 | Auditing at the Speed of Risk: Georgia Tech’s Data-Driven Fraud Risk Assessment

  • Understand why your fraud risk assessment should be updated more than once a year, and how to make that happen in a data-driven way
  • Understand visual reporting basics, and how Georgia Tech is using these principles in its data-driven risk assessment
  • How to link fraud and other risk assessments to institutional data sources

Presentation (2 slides/page)
Presentation (3 slides/page)

Joe Oringel, Managing Director, Visual Risk IQ

Melissa Hall, Associate Director Forensic Audits, Georgia Institute of Technology


202 | Promoting the Pull: Wouldn’t You Rather They Ask?

  • You’ve been to every conference, read all the literature; you know the importance of embedding a culture of compliance, getting people to report misconduct, and having an anonymous Hotline. Now what?
  • In this session, we go beyond the Hotline to mechanisms that allow your community to seek guidance and support before ethical violations occur. Two-way communication builds trust, promotes personal accountability, and empowers your community
  • Two-way communication promotes collaboration, bringing you and your campus community together as partners in accountability. Open communication and trust help create a culture that goes beyond compliance to commitment

Presentation (2 slides/page)
Presentation (3 slides/page)

Handout 1
Handout 2

Stephanie N. Suerth, Program Director, University of Maryland Baltimore

Susan C. Buskirk, Deputy Chief Accountability Officer, Asst. Vice President, Office of Accountability and Compliance, University of Maryland, Baltimore


AD203 | Saying No to Power: A Must-Have Skill for a Compliance Officer

  • Dynamic, visionary, and innovative leaders often take short cuts that can lead to ethical lapse saying no and helping find a different path are skills that are vital to your success
  • An interactive discussion to help you identify when to engage with your organizational leaders and how to work through difficult conversations
  • Review of real life situations and scandals that could have been managed differently


Joshua B. Toas, Chief Compliance Officer, Research Foundation for SUNY


1:00- 2:00 pm Breakout Sessions

301 | All In for Camps: Centralizing Youth Program Review on an Decentralized Campus

  • Providing programs and activities for youth participants is an exciting outreach opportunity for colleges and universities, but the related concerns are diverse and significant
  • A key focus of Compliance at The University of Alabama is to simplify and streamline the processes related to risk assessment and control, including the risks associated with youth programs
  • Explore the steps we have taken to bring together decentralized campus departments to create a cohesive, centralized approach to youth program support

Presentation (2 slides/page)
Presentation (3 slides/page)

Marcy R. Huey, Executive Director of Institutional Compliance, The University of Alabama


302 | New Perspectives in Compliance Awareness and Training

  • Traditional views on compliance training requirements and sources of authority
  • Awareness vs. Training- a risk based approach: addressing the challenges of attendance, engagement, and relevance
  • The benefits of a tailored and matrixed approach

Presentation (2 slides/page)
Presentation (3 slides/page)

Jennifer Weddle, Compliance Consultant, Indiana University

Marcia N. Gonzales, Chief Compliance Officer, Indiana University


303 | Doing More with Less: Coordinating a Decentralized Compliance Function with Limited Central Resources

  • Understand how to better identify and leverage sponsors and supporters throughout your institution
  • Learn ways to streamline your compliance processes and activities across business and academic units
  • Identify alternative traditional and non‑traditional resources to improve your compliance program

Presentation (2 slides/page)
Presentation (3 slides/page)

Jessica Wasserman, Assistant Compliance Officer, New York University

John Powers, Manager, PwC


2:30 – 3:30 pm Breakout Sessions

401 | Crisis Management for Compliance Officers: Who’s In Your Foxhole?

  • Any crisis reveals the strengths—and weaknesses—of an institution’s decisional culture. This session will identify and apply decisional tools to be tested and used in periods of calm, and deployed in a crisis
  • No crisis should be wasted. Using specific examples, this session will deliver lessons learned on managing a crisis as well as leveraging the opportunities a crisis presents
  • All institutions experience crises, and the role of Compliance extends beyond any given event. Participants will be provided tools to develop team operating principles, to improve both individual officers’ effectiveness and organizational resiliency

Presentation (2 slides/page)
Presentation (3 slides/page)

Gates Garrity-Rokous, Vice President and Chief Compliance Officer, The Ohio State University

Chris Glaros, Assistant Vice President for Compliance Operations & Investigations, The Ohio State University


402 | You’ll Thank Me for This One Day (Just Maybe Not Today): Measuring Compliance & Ethics Program Effectiveness and Improvement Efforts in a Decentralized Campus Environment

  • Overview of NC State’s approach to measuring campus-wide compliance effectiveness and developing improvement strategies with campus units
  • Open Discussion: Appropriate reporting and documenting results—Employee Evaluations, Governing Boards, Open Records Acts, Accreditation, External Agency Reviews, Audits, etc
  • Provide examples and templates for other universities, including key lessons learned

Presentation (2 slides/page)
Presentation (3 slides/page)

Brad C. Trahan, Compliance, NC State University

Rob Hoon, NC State University


403 | Encryption Fails and Other Tales of International Travel, Borders, and Mobile Devices

  • Why current best-in class informaiton security solutions such as encryption fail at international borders and may itself constitute a violation
  • Why suffering a breach makes the organization the offender—not the victim
  • Mitigation challenges, tactics, strategies and actual solutions designed around the 7 Elements of an Effective Compliance Program

Presentation (2 slides/page)
Presentation (3 slides/page)

Brian M. Warshawsky, Systemwide Manager of Export Control Compliance and Empowered Official, University of CA Office of the President


General Session 3:45 – 4:45 pm

General Session 2 | Higher Education and Evolving Technologies: Strategies for Cybersecurity

  • Where evolving technologies provide convenience, they also present serious risks to our security and privacy. In higher education institutions, protecting user data needs to be balanced with managing user expectations and providing the most effective services
  • If an institution is faced with a cybercrime event, the outcome represents a great expense either way. However, the prioritization of cybersecurity poses a financial cost, while the effects of its lack also harm an institution’s reputation
  • Higher education institutions face an ever-increasing number and type of devices connected to their networks. With this multitude, many devices become “low-priority” in the cybersecurity strategies, and vulnerabilities go unnoticed until an attack occurs. Proper prioritization and understanding the risks posed by the IoT is imperative in higher education setting. User education and access management is critical in mitigating these problems

No presentation or handouts available

Mark Lanterman, Chief Technology Officer, Computer Forensic Services, Inc.



General Session 8:15–9:15 am

General Session 3 | Ready or Not, GDPR Is Here!

  • The application of the new EU data privacy to higher education including admissions, HR, research, and IT
  • Working with third party applications and software providers to ensure coverage
  • Other implementation issues and emerging best practices

Presentation (2 slides/page)
Presentation (3 slides/page)

Handout (.docx)

Kenneth J. Liddle, Chief Compliance Officer, Rice University

Robert Bond, Partner & Notary Public, Bristows LLP


9:45 – 10:45 am Breakout Sessions

501 | Positive Campus Climate: A Missing Ingredient in Your Compliance Program?

  • Identify strategies used in a rapidly growing campus to build an ethical and conflict-competent environment that drives compliant behavior, reporting of noncompliance and overall wellbeing
  • Learn how strong leadership commitment to structure, communication and resources can aid students, staff and faculty to navigate through change and conflict, and can help identify and mitigate compliance issues
  • Understand how perception workshops and discussion groups may be used to effectively drive awareness, identify compliance and ethical issues and control environment risks, and solicit potential improvement opportunities from all levels of the workforce

Presentation (2 slides/page)
Presentation (3 slides/page)

Sheryl A. Ireland, Director, Ethics and Compliance Program Office, University of CA Merced

Luanna K. Putney, Associate Chancellor and Senior Advisor to the Chancellor, University of CA Merced


502 | Modern Slavery: A Practical Perspective for Higher Education Institutions

  • Emerging Risks: Why identifying and addressing issues of slavery and human trafficking in your supply chain is crucial to the success of your institution’s compliance program. Special focus on legal requirements and reputational liabilities
  • Risking It All: How a risk based approach to due diligence can help your institution meet compliance expectations and future proof its supply chain.
  • Best Practice & Practical Tools: Learn from the successes and failures of other institutions of higher education to inform your own compliance program. Includes open source tools to help you collect vital data on risk and support your reporting effort

Presentation (2 slides/page)
Presentation (3 slides/page)

Sarah Carpenter, Senior Business & Human Rights Analyst, Assent Compliance

Kirill Boychenko, CCEP-I, Campaign Coordinator, International Labor Rights Forum

AD503 | New Approaches Towards Assessing Compliance Effectiveness of Internal Programs

  • The evolving seven elements—a review of new and updates sources of guidance from federal agencies, professional societies and private organizations
  • Assessment approaches—based on the available guidances, determining which approach best addresses the needs of your organization
  • An example of the approach taken by Indiana University which is a decentralized and matrix organization

No presentation or handouts available


Marcia N. Gonzales, Chief Compliance Officer, Indiana University


11:00 – 12:00 pm Breakout Sessions

601 | The Needless Complexity of Writing in Higher Education: What is Plain Language and Why Should Compliance Care?

No presentation or handouts available



602 | Can I Be the Good Cop this Time? Building Trust without Sacrificing Compliance

  • This program will explore the natural conflicts that occur at a major research university and creative ways to deal with those conflicts
  • Examples from around the country will be used to demonstrate the eternal struggle that all Compliance Officers face
  • Some best practices will be presented in a audience interactive manner

Presentation (2 slides/page)
Presentation (3 slides/page)

John B. Hughes, DirectorEthics/Ethics Liaison Officer, Rutgers, The State University of New Jersey

Casey Woods, Ethics Training Officer, Rutgers, The State University of New Jersey


603 | Championing a System-wide Approach to Compliance and Ethics Programs: Challenges and Successes

  • This case study will review the successes and challenges in championing the development of effective compliance and ethics programs across the State University System of Florida. Absent this effort, such programs varied in formality and centralization
  • How to educate governing boards, collaborate with university compliance counterparts, set common expectations, and monitor implementation for accountability at the university and system level
  • Case examples will illustrate that compliance and ethics programs are not one-size-fits-all and will highlight some of the unique challenges for both larger and smaller institutions

Presentation (2 slides/page)
Presentation (3 slides/page)


Joseph K. Maleszewski, Inspector General, Board of Governors, State University System of Florida

Lori Clark, Compliance & Audit Specialist, State University System of Florida


1:00 – 2:00 pm Breakout Sessions

701 | A Collusion Case Study on Embezzlement, Travel Fraud, and Misappropriation at the University: How Collusion Evaded Detection and Rendered the Control Environment Ineffective for Six Years

  • Collusion Case Study: How collusion between a university employee and a high level supervisor rendered the control environment ineffective for six years leading to a university loss of $2.3 million and a media scandal
  • Analysis: A number of behavioral indicators from this case have been identified which could be used to detect collusive activities before reputations are tarnished
  • Discussion: How the university’s prompt action lead to improvements in both the financial control environment and the ethical culture of the university

Presentation (2 slides/page)
Presentation (3 slides/page)

Amy Block Joy, Faculty/Specialist Emeritus, University of California, Davis


702 | Building a Culture of Compliance: Two Years into the Journey

  • Discuss why “building a culture of compliance” was the approach taken to change and improve the university’s overall compliance environment
  • Learn about factors throughout the university that assisted in successes towards changing the compliance culture and those that distracted from the university making progress
  • Discuss what the Office of University Compliance learned during these first two years to help it continue on its journey of “building a culture of compliance”

Presentation (2 slides/page)
Presentation (3 slides/page)

Cathy Smock, Chief Compliance Officer, Prairie View A&M University

Whitney Glenz, Compliance Officer II, Prairie View A&M University


703 | Rethinking Organizational Relationships to Strategically Align Compliance, Audit, Risk, Ethics, and ERM Functions

  • Discuss how institutions identify & leverage opportunities to combine valuable resources & organizational relationships within their institutions. What are the important distinctions between these relationships & their responsibilities to the institution
  • Provide Ideas for utilizing limited resources to better position your institution for improvement opportunities and efficiencies, while maintaining the necessary lines of separation
  • Learn about effective and interesting ways to communicate compliance to educate and build awareness across your institution. Creative and easy ways to inform the university community i.e. Faculty, Staff and Administrators, Students, others

Presentation (2 slides/page)
Presentation (3 slides/page)

Cassandra Walsh, Director, Baker Tilly

Vicki Duggan, Chief Compliance, Risk and Ethics Officer, Montgomery College


2:15 – 3:15 pm Breakout Sessions

801 | Service Animals and Emotional Support Animals (ESAs): Increasing Complexities in Developing an Effective Policy and Process to Withstand Legal and Public Relations Scrutiny

  • Be prepared; be proactive. Know what constitutes disability discrimination under ADA, ADAAA, and the Fair Housing Act to develop an effective institutional policy and definitions using statutory language, case law, and evidenced-based best practices
  • Using policies submitted by attendees as examples, attendees will learn how to design processes to be in compliance with the law, to be fair for the student/employee and the institution, and to be manageable to implement
  • Attendee may submit their institutional service/ESA policy before the seminar to be individually reviewed by the presenters and discussed with attendee during pre-arranged times during the conference

Presentation (2 slides/page)
Presentation (3 slides/page)

Judith W. Spain, Professor, Business Law, Eastern Kentucky University

April Barnes, Executive Director, Housing and Residence Life, Eastern Kentucky University


802 | Minding the Gaps: Undertaking a Large Scale Compliance Gap Analysis in Higher Education

  • Practical tips on how to approach an institution-wide gap analysis to assess your university’s compliance with federal regulations
  • Getting beyond the who to understanding the how: why knowing more than just the operational owner of a compliance requirement is critical
  • The array of benefits conducting a thorough gap analysis can have for your organization

Presentation (2 slides/page)
Presentation (3 slides/page)

John D. Lawley, Deputy Chief Compliance Officer, Emory University

Scotty Jenkins, Compliance Manager, Emory University


803 | Immigration: Paying Fines Is the Easy Part: Are Institutions Prepared for the Increase in Immigration Enforcement?

  • Learn how current and proposed changes to immigration rules can effect the institution, its student body and its bottom line
  • Understand the liability incurred by universities when immigration compliance processes are not established and maintained
  • Discuss best practices and hot topics in order to develop successful immigration compliance programs

Presentation (2 slides/page)
Presentation (3 slides/page)

Tracy Schauff, Senior Attorney, Fakhoury Law Group

Brooke Stokdyk, Assistant Director, Michigan State University


General Session 3:30–4:30 pm

General Session 4 | Compliance and Greek Life: Tools for Oversight and Collaboration

  • Define causes and potential mitigation underlying the existing crisis in university Greek programs
  • Define applicable compliance tools useful in addressing risks in Greek organizations
  • Describe different approaches used in universities that either provide direct compliance oversight, or that seek to assist other university departments

Presentation (2 slides/page)
Presentation (3 slides/page)

Gates Garrity-Rokous, Vice President and Chief Compliance Officer, The Ohio State University

Regis Becker, Chief Ethics & Compliance Officer, Penn State University




8:30 – 10:00 am Breakout Sessions

W1 | Panel Discussion: Tools, Strategies, and Lessons Learned to Address Unique HIPAA Issues for Universities and AMCS

  • Discussion of how to evaluate the different HIPAA legal structures, how to assess and re-assess
  • Ongoing assessment of privacy program needs: doing more with less, buy-in, annual workplan development, etc.
  • Sharing of tools to help perform assessments

Presentation (2 slides/page)
Presentation (3 slides/page)

Marti Arvin, Vice President, Audit Strategy, CynergisTek, Inc.

Kristin H. West, Chief Compliance Officer, Emory University, Office of Compliance

Tanisha Raiford, Compliance & Privacy Officer, Weill Cornell Medicine

Karen Pagliaro-Meyer, Privacy Officer, Columbia University Medical Center


W2 | Conducting Coordinated Compliance Investigations

  • Learn how institutions conduct coordinated compliance investigations by leveraging resources that may already be available to a compliance function
  • Discuss the roles of key stakeholders in the investigation process. Who are they & how can each add value in this critical process. How to leverage Compliance, General Counsel, Internal Audit, and other key departments and partners throughout the process
  • Review investigatory guidelines, leading practices for conducting successful investigations, and what is meant by a standard of proof. Discuss how to issue findings and recommendations to support the investigations conclusion

Presentation (2 slides/page)
Presentation (3 slides/page)

Vincent A. Lacovara, Chief Ethics and Compliance Officer, Catholic University

Corey Parker, Manager, Baker Tilly


10:15 – 11:45 am Breakout Sessions

W3 | Compliance Officer’s Roundtable

  • In-depth, detailed discussion of real-time and emerging challenges faced by compliance and ethics officers on campuses of varied sizes and within compliance programs at every stage of maturity
  • Strategies for strengthening compliance programs surrounding campus-affiliated entities—including fraternities, sororities, and athletic associations—and events on and off campus property
  • Balance and program success in a shifting landscape: Maintaining focus and integrity in the face of unprecedented regulatory, political, and media scrutiny

No presentation or handouts available

Joel Mayer, Managing Director and Heald of Government Investigations, Navient


W4 | Say What? Your Policy on Free Speech

  • A discussion of free speech, both from a legal and philosophical viewpoint
  • How to draft and implement a policy on speech, protests and demonstrations that will satisfy (almost) everyone

Presentation (2 slides/page)
Presentation (3 slides/page)

Handout (.docx)

Kenneth J. Liddle, Chief Compliance Officer, Rice University

Dan Sharphorn, Vice Chancellor and General Counsel, The University of Texas System