Legal WritER,  Data Privacy Advocate, Contract& Vendor Compliance Management Expert

  • IU Health- West Patient and Family Advisory Committee
  • Received an award or special recognition
  • Real Estate Title Abstracting
  • IAPP Member Networked with other professionals
  • Widener University School of Law 2015 Ball State University 2013 Tidewater Community College 2001
  • Limited-edition achievement recognizing early members of Workfolio
  • Valentina Research & Management
  • Endorsed by co-workers or clients
  • Local school volunteer IPA Annual Christmas Charity Hendricks Co Sheriff's Shop With Cop AM Vets

WISP Member

Lisa Marie  Waugh
Consulting Services below:

  Regulatory Compliance and Corporate Integrity
• Best Practices 
• Compliance Program Drafting, Analysis, and Auditing
• Compliance implementation and Training management
• Integrity Program Drafting Analysis and Auditing
• Policy Drafting
• Code of Conduct Drafting
  • Corporate Training in compliance, risk management, data privacy and organizational imprint

            Corporate Intelligence Consulting
  • Corporate Investigations
  • Market Research

           Data Privacy
  • Corporate and Organizational Training
  • Risk Management (including third parties)
  • Compliance
  • Projects and Campaigns
            Oversight Consulting
  • Corporate
  • Governance & Community Engagement

             Vendor Risk Management 
  • Onsite Audits
  • Identify and Mitigate Risks 
• Change Management
• Risk Assessment (ISO Standards & Industry Standards)
  • Due Diligence Determination
  • Trust and Verify 
  • KYC

  • Contracts
  • Onsite

             Professional Research
  • Regulatory
  • Federal and State Legislative (Pending Bills)
  • Legal
  • Best Practices and Industry
           Professional Writing
  • Contract Administration (Drafting, Analyzing, Redlining,  Risk identification, Negotiations, Abstraction)
  • Technical Writing
  • Legal Writing
•  Executive Summaries/Abstracts
•  Business Writing 
•  Investigative   Writing 



  1. CIPM (Cert. Info. Privacy Mgr.) -2019 anticipated, IAPP International Association of Privacy Professionals
  2. -
    Graduate Cert. Regulatory Analysis & Compliance, Widener University School of Law
  3. -
    Masters of Jurisprudence: Corporate & Business Law, Widener University School of Law

    Masters of Jurisprudence Degree in Corporate and Business Law

  4. -
    BGS, Consumer Finance & Criminal Justice Criminolo, Ball State University

    I earned my undergrad in general studies while working on molding my my degree with two minors in criminal justice & criminology and consumer finance to broaden my knowledge in concentrate in corporate law and white collar crimes.

  5. -
    Associates Degree AAS Legal Assisting- Litigation, Tidewater Community College

    My two associates degrees (in litigation and general practice) gave me insight to the legal field and the fundamental knowledge required to begin my legal career as a paralegal.

  6. -
    Associates Degree (AAS), Legal Assist, Tidewater Community College

    Some of my best college experience was at Tidewater Community College while I was earning my associates degrees in paralegal/legal assisting. I had some of the most fascinating professors (attorneys) as well as fellow classmates wherein the platform for teaching was engaging and always challenging. I am very proud of this degree and find it is of more worth than a certificate in the same field.

Experience Highlights

  • Corporate Intelligence Consultant
    Always Open to new projects
  • Contract Coordinator
    IEA Renewable Energy, Inc.
  • Global Information Security - Intake Specialist
    Liberty Mutual via a consulting contract
  • Compliance, Regulatory Affairs & Contract Administration Consulting
  • Sr. IT Contract Administrator
    Franciscan Alliance, Inc.
  • Patient Family Advisory Board (PFAC)
    Indiana University Health- West Hospital
  • Vendor Risk Management Contract Administrator
    Navient Solutions/f.k.a  Sallie MAE Bank - Consultant on dissolution and entity formation Project
  • Managing Director
    Valentina Research & Management LLC
  • Quality Analyst
    JPMorgan Chase
  • Corporate Procurement Paralegal
    Eli Lilly and Company
  • Commercial Real Estate and Corporate Paralegal
    Spotts Fain PC
  • Creditors Rights Paralegal
    OPN Law (Osterhoudt, Prillaman, Natt, helscher, Yost, Maxwell & Ferguson)
  • Residential Real Estate Paralegal
    l. Richard Padgett, Jr., PC
  • Legal Receptionist/Admin
    Roussos, Langhorne & cARLSON, plc

Education Highlights

  • MJ - Masters of Jurisprudence degree in Corporate and Business Law
    Widener University Delaware Law School
  • Certificate in Regulatory Analysis & Compliance
    Widener University dELAWARE lAW sCHOOL
  • BGS - Bachelors of General Studies degree in Consumer Finance & Criminology/Criminal Justice
    Ball State University
  • AAS - Associate of Applied Sciences  Legal Assistant/Paralegal: Litigation
    Tidewater Community College
  • AAS - Associate of Applied Sciences Legal Assistant/Paralegal: General Practice
    Tidewater Community College

Career Focus

  • Consumer Data Privacy Protection
    Think before you answer: is all that information necessary ? What can they do w/it?  Less is more.
  • Vendor Risk Management
    Trust & Verify; auditing; training
  • Operational Risk Management
    CORPORATIONS and Small Businesses
  • Corporate Intelligence
    Research, Audits, aNALYSIS
  • Corporate Law
    cOMPLIANCE: Sarbanes Oxley; Dodd Frank; PCI-DSS; PI; HIPAA; FISMA; iso: 27001 (SIG); SOC 1 & SOC 2
  • Enterprise Information Technology
    iNNOVATIONS, Forward Thinking, agile, Holistic
  • Reducing the Incarceration of American Youth
    Get involved
  • Onboarding Reform
    Employee Privacy
  • Environmental Protection
    Return of the Small American Farm
  • Small American Farmer Protection
    Contract Administration; RevitaliZATION
  • Baby Boomer Protection
    Assisting with Contracts - Abstracting and Vetting Brokers


  • Risk Management
  • vendor Risk Management
  • Regulatory Compliance
  • Legal Research
  • sUBJECT mATTER Research
  • Analysis
  • Legal Writing
  • Legal Compliance
  • Business Intelligence
  • cORPORATE Legal Support
  • Sarbanes Oxley (SOX)
  • aUDITS
  • Policy Drafting
  • Word
  • SAP
  • Consumer Law research'
  • Entity Framework
  • Data Privacy
  • Excel
  • aRIBA
  • Westlaw
  • aRCHER
  • Skip Tracing
  • Judgment research
  • Real Estate Transactions
  • Commercial Lease Drafting
  • Real Estate
  • Escrow Management
  • Real Estate Title Analysis
  • Title Insurance
  • Document Management
  • Lease Administration

Questions & Answers

What is compliance?
Adhering to the laws, rules and policies. This is achieved through maintaining the highest standards in not just your professional life but your personal life, as well. Integrity is everything.

While it sounds like a cliché, it is true that the tone for a company is set at the top and you know that they say about things rolling down hill- they do.

Pressure to Produce will cause Compliance violations

In expanding on micromanagement and the pressure to produce is one of the leading causes of compliance and ethics violations.

What is this SOX all about?
SOX is the acronym for the 2002 Sarbanes Oxley Act. The Act is a direct result of the Enron Scandal (news clip is in the Resources Section). SOX is an act that put Corporate America in the mainstream legal hot seat with all kinds of regulations that when violated will result in expensive fines, criminal and civil penalties. While SOX was geared towards only publically traded companies the financial industry and its regulators see most of the provisions to be applicable to all companies as a form of ethical business  practices (e.g. Best Business Practices).  Some of the main points are that a CEO must certify financial reports as to their accuracy; there must be an audit of the records and systems and this time the auditor is banned from doing other work for the company being audited (the auditor is only there to do the audit), and of course there must be a compliance program.  The best way to think of SOX is this- even if you are not a publically traded company (i.e. a private company) you better have a working compliance program and ethical business practices.


Dodd Frank?

Another financial industry compliance act implemented in 2010. It is a direct result of the 2008 financial crisis.
In looking at Dodd-Frank and comparing it to SOX, Dodd has more of a consumer or tax payer protection focus. For one The CFPB (Consumer Financial Protection Board) was formed with this Act. And lets look at section 165. It requires large financial institutions to file annual reports that provides the plans for their institution to be liquidated in a "rapid and orderly fashion"  to avoid any harm to or bail out from the American taxpayer. In the event they are unable to do so in such plan (as regulated or determined by the Fed and FDIC) then they will need to simplify their plan or liquidate assets to do so.  That is a tall order for large financial institutions but paves the path of transparency and protection for the American market place and tax money.

What is the CFPB?

The Consumer Financial Protection Bureau. A place to begin before you do anything with your money or credit or if you are having issues with a creditor.

Stay tuned on the legal structure of the CFPB. As a result of

Gramm Leach Bliley Act (aka GLBA aka Financial Services Modernization Act of 1999)
  • Repealed the Glass–Steagall Act which prevented a financial institution from functioning as a bank, insurance company and an investment firm and the conflict of interest provision that kept an officer of one of those such companies from being employed simultaneously in the consolidated or one of  new ones.
  • While GLBA allows for the option to consolidate the placement  and workability of consumers money and other intangible assets, it prohibits the disclosure of their personal financial information via The Financial Privacy Rule
  • GLBA also requires financial institutions and any companies to ensure safeguards to such information via The Safe Guard rule. 
  • ATM Fee Disclosure
  • Full law here it is only 145 pages:
Did you know?
According to Brian K. Payne's White Collar Crime book that "...the same technology that makes Facebook possible is the same technology that provides the opportunity for computer crimes..." @241

Did you also know that "... Mark Zuckerberg- the founder of Facebook- has been accused of various white collar crimes relating to [the] creation of [Facebook] and the administration of it." ibid

It's true! "As an undergrad at Harvard he worked... on a network called ConnectU." ibid [Facebook was created  after his time there and he was sued for stealing ConnectU's source code] ibid

What on earth is a Source Code you ask?

According to Oxford Dictionary: A Source Code is: A text listing of commands to be compiled or assembled into an executable computer program.  2014

However what you should really know is- Black Law  defines a Source Code as:

A text listing of commands to be compiled or assembled into an executable computer program.If it is not included with the software sold to the public, source code is protected by trade secret laws as well as copyright and patent laws.SOURCE CODE, Black's Law Dictionary (9th ed. 2009)

the two "Did you knows"are cited from:
White Collar Crime by Brian K. Payne 2014 page 241


  • Always Question for it is to your own demise should you not.
    Always Question for it is to your own demise should you not.
  • A true heroic socioeconomic intellect  or hypocrite?
    A true heroic socioeconomic intellect  or hypocrite?
  • My Name in lights at Victory Field!
    My Name in lights at Victory Field!
  • Society of Corporate Compliance and Ethics
    Society of Corporate Compliance and Ethics
  • Indiana  State Parks
    Indiana  State Parks
  • Jamestown Virginia
    Jamestown Virginia
  • Project #1: Preservation and Renewal of Small American Farming
    Project #1: Preservation and Renewal of Small American Farming
  • Toxic People
    Toxic People


Due Diligence NOT dENY, dENY, dENY

Another Example of Needing to hire Third Party Risk Management Consultants

Please read the article from (link below)


Health information of 1,708 Aetna clients in Ohio exposed online

Updated on June 23, 2017 at 7:53 PM Posted on June 23, 2017 at 5:40 PM

CLEVELAND, Ohio -- Personal health information for 1,708 Ohio residents who have health insurance through Aetna was exposed online, Aetna Inc. said in a statement Friday.


Interested in helping

Share on