Andrew Mahler, JD, CIPP/US, CHC, CHPC, CHRC
Vice President of Privacy, Compliance Services at CynergisTek, a Clearwater Company
Andrew Mahler, JD, CIPP/US, CHC, CHPC, CHRC is the Vice President of Privacy, and Compliance Services at CynergisTek, where he leads data privacy and health care compliance professional, consulting, and managed services.
Andrew has supported diverse clients with privacy and compliance assessments, advisory support, and consulting, and in Interim Chief Privacy Officer roles. Before CynergisTek, Andrew served as the Chief Privacy and Research Integrity Officer for the University of Arizona, where he was responsible for implementing privacy and research compliance programs for the colleges, departments, clinics, hospitals, and academic health sciences throughout Arizona. Andrew started his career in data privacy and information security with the U.S. Department of Health & Human Services, Office for Civil Rights (OCR), where he investigated and managed cases related to HIPAA Privacy, Security, and Breach Notification Rule compliance, as well as cases related to civil rights laws. While at OCR, Andrew designed corrective action plans and resolution agreements, including the first resolution agreement resulting from a breach report required by the HITECH Act. Andrew is a lawyer and holds the CIPP/US, CHC, CHRC, and CHPC certifications. He has developed courses in health care law and data privacy and is a guest lecturer for other law and business courses in law, health care, and compliance. In addition, he has published and presented on topics including health law, data privacy and HIPAA, research compliance, and risk management.
