SHengeliSteve leverages his background in Computer Science to help U.S. and international corporate clients respond to the rapidly evolving legal and technological environment behind data privacy, security, and information governance challenges.  Steve is a Certified Information Privacy Professional for the U.S. and Europe (CIPP/US; CIPP/E).

Steve has assisted clients with enterprise content management & defensible disposition projects (e.g., developing U.S. and international records retention schedules; drafting data mapping recommendations; preparing employee onboarding and offboarding processes; conducting paper, electronic and microform legacy information review and defensible disposition; and developing a wide variety of  information governance policies and procedures); enterprise technology projects (e.g., drafting vendor assessments; preparing Enterprise Content Management (ECM) System project plans; recommending business, legal and technical requirements for ECM System); data privacy and security projects (e.g., analyzing impact of HIPAA on client’s mobile app development; preparing cross-border transfer recommendations; drafting data privacy and information security policies, standards, procedures and guidelines; developing Bring Your Own Device (BYOD) recommendations; providing mobile application privacy and security compliance advice; and assisting client in obtaining EU-U.S. Safe Harbor certification); internet law and e-commerce projects (e.g., drafting website privacy policies, terms of use and cookie policies; and conducting audit of website cookie practices to assess compliance with EU Cookie Law); regulatory compliance projects (e.g., memoranda and checklists for export of encryption software outside the U.S.); and a variety of information governance and data privacy training projects for executives and employees.

Steve received his law degree from the University of Kansas School of Law, where he was inducted into the Order of the Coif.  While at KU, Steve interned with the Honorable David J. Waxse, who is a leading expert in the field of eDiscovery.  Steve also served as an Articles Editor on Volume 61 of the Kansas Law Review and helped lead the transition from paper to electronic editing.  He received CALI Excellence for the Future Awards for achieving top scores in Contracts, Constitutional Law, Torts I, Lawyering Skills I and II, Intellectual Property, Secured Transactions, Federal Courts, Trusts and Estates, and Conflict of Laws.

Selected Presentations

  • Speaker, Recent Developments in State and Federal Privacy and Security Laws and Regulations, Association of Corporate Counsel, Mid-America Chapter, Omaha, Nebraska, April 12, 2017.
  • Speaker, Inviting Legal to the BYOD Party, Douglas County Bar Association, Lawrence, Kansas, August 18, 2016.
  • Speaker, Connected Medical Devices: How to Reduce Risks Inherent in an Internet-of-Things-that-Can-Help-or-Harm, Missouri Health Information Management Association (MoHIMA) Annual Meeting, Blue Springs, Missouri, April 21, 2016.

Selected Publications

  • Co-Author, No HIPAA, No Problem? Not Necessarily. State Law Privacy and Security Challenges for Consumer Health Devices, The Data & Security Dispatch, Vol. 2, No. 1, May 2016.
Print Friendly, PDF & Email