Introduction to Compliance

Compliance isn’t only about preventing problems and ensuring that everyone is abiding by laws, rules, and regulations. It’s also about the positive impact a robust and ethical compliance program can have on a business or organization.

In this course we will discuss why compliance is important – from the needs facing businesses in highly regulated industries to avoiding fines and penalties to preventing reputational and economic nightmares. We’ll examine real-world examples of compliance and governance failures and their impact, and consider strategies for avoiding similar situations in our own organizations. You’ll be able to think about risk management in new ways and apply strategies to manage it.

Lecturers: Andrew Kandel and Lauren Steinfeld

Andrew Kandel

Mr. Kandel is the Global Chief Compliance Officer & Senior Legal Officer and Senior Managing Director of Cerberus Capital Management, L.P. Mr. Kandel joined Cerberus in 2007. Prior to joining Cerberus, Mr. Kandel was First Vice President and Assistant General Counsel at Merrill Lynch from 1998 to 2007, where he was in charge of state regulation, legislation and government relations and also handled various SEC, NYSE, NASD and compliance-related matters. From 1995 to 1998, Mr. Kandel was the Chief of the Investor Protection & Securities Bureau at the New York State Attorney General’s Office, where he also served as Assistant Deputy Attorney General and assisted in the oversight of the other Public Advocacy Departments: Antitrust, Charities, Civil Rights, Consumer Fraud, Environmental and Real Estate Finance. From 1993 to 1995, he was Senior Special Counsel, then Trial Counsel, at the Enforcement Division of the New York Stock Exchange. From 1986 to 1993, Mr. Kandel was an Assistant District Attorney in Manhattan where he investigated and prosecuted hundreds of criminal matters ranging from Arson and Robbery to Grand Larceny and Murder. Mr. Kandel is a member of the Cerberus Capital Management Compliance and Risk Management Committee, Securities Compliance Committee, Valuation Committee, Allocation Committee, Financial Risk Management Sub-Committee, Environmental, Social and Governance Committee, and Brokerage Selection Committee.

Lauren Steinfeld

Lauren B. Steinfeld serves as Chief Privacy Officer for Penn Medicine and Senior Advisor for Privacy for the University of Pennsylvania. In this position, Ms. Steinfeld leads and oversees the HIPAA compliance program and other privacy initiatives for Penn’s four hospitals, over 200 physician practices, and the School of Medicine research program. She works on institution-wide training, policy development, and systems monitoring initiatives as well as evaluating individual strategic partnerships with data sharing elements.

Ms. Steinfeld previously served as Senior Advisor for Privacy and Compliance and as Chief Privacy Officer focusing on University-specific issues. In those positions, she created, for the first time in higher education, an infrastructure for an institution-wide privacy program. Ms. Steinfeld developed and implemented policies, procedures, risk assessment models, risk mitigation strategies and other initiatives to protect the privacy and security of personal information. She addressed issues in cloud computing, social media, electronic information, courseware, location data, internal information systems risk assessments, FERPA compliance, HIPAA compliance, and incident response.

Ms. Steinfeld also helped create Penn’s infrastructure for its institutional compliance program, with components including a telephone and web-based hotline, non-retaliation, policy coordination and awareness, self-assessments in functional compliance areas, and reporting to senior leadership on priority compliance activities.

Ms. Steinfeld has previously taught a Privacy Law course, with Professor Anita Allen at Penn Law. She will teach again this Spring with Professor Christopher Yoo.

Prior to her work at Penn, Ms. Steinfeld worked at the Office of Management and Budget as the Associate Chief Counselor for Privacy. At OMB, Ms. Steinfeld helped the Clinton Administration develop the HIPAA medical privacy regulations. She was also responsible for a wide range of other privacy issues, including financial and online privacy, identity theft, genetic information, cybersecurity, government information systems, and tax data confidentiality..

Before arriving at OMB, Ms. Steinfeld served as Attorney Advisor to Federal Trade Commissioner Mozelle Thompson. As an advisor, she was involved in the legal and policy aspects of some of the first Internet- and privacy-related cases brought by the FTC.

Ms. Steinfeld received her B.A. from the University of Pennsylvania, graduating Phi Beta Kappa and magna cum laude. She received her J.D. in 1992 from New York University School of Law.