Headshot of David Manek

David Manek
Senior Managing Director

Data Privacy & Data Protection Officer; Forensic Investigations

David Manek is a Senior Managing Director at Ankura. He leads a team of data privacy, information security and data management experts that have a passion for helping corporations and outside counsel implement complex data privacy compliance solutions. Dave specializes in providing expert consulting services to organizations involved in large, complex, data-intensive regulatory change management projects.

 

  • Experience

    Dave is leading Ankura’s solution to assist organizations demonstrate compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and other emerging privacy regulations. He is currently serving as a Data Protection Officer for his clients. Dave holds many professional certifications, including the CIPP/E and CIPM issued by the International Association of Certified Privacy Professionals. He is also a Certified Public Accountant.

    Dave’s professional experience includes:

    • Implementing over 150 GDPR and CCPA readiness programs;
    • Serving as a Data Protection Officer for organizations in the following industries: biopharmaceutics, technology communications and peer-to-peer review;
    • Executing assessments and developing compliance roadmaps using the NIST Privacy Framework and other privacy law specific control frameworks;
    • Advising Counsel in complex biometric data litigation proceedings;
    • Assisting organizations through California AG CCPA investigations;
    • Building large-scale data inventories and maps;
    • Developing consumer response processes and drafting standard operating procedures;
    • Creating Transfer Impact Assessments for EU to U.S. data transfers;
    • Implementing target operating models to support third party vendor risk management programs
    • Developing data strategy and defensible deletion programs
    • Implementing Privacy by Design processes and Data Protection Impact Assessments
    • GDPR readiness project for San Francisco-based social media company. This company’s processing operations require regular and systematic monitoring of data subjects on a large scale and, as a result, it was determined that they would need to assign a data protection officer (DPO) under the GDPR. The client made the decision to assign Dave to act as an interim data protection officer (DPO) under the GDPR;
    • GDPR readiness project for $12 billion distributor of healthcare products and services. He was engaged by a medical and healthcare products distributor and supplier to assess and implement their privacy program driven by the requirements of the European Union’s General Data Protection Regulation (GDPR) and the German Bavarian Data Protection Authority (DPA);
    • Information governance project centered around the legal hold process for a large natural gas utility;
    • GDPR readiness program for large transportation company;
    • Privacy Shield and GDPR program for biotech company;
    • Data mapping project for a global technology solutions provider in the food processing and air transportation industries;
    • GDPR readiness assessment for satellite communications organization;
    • GDPR readiness program for private medical device manufacturer;
    • GDPR Data Protection Officer and readiness program for organization focused on product reviews of enterprise software products;
    • GDPR readiness project for travel technology company;
    • GDPR readiness assessment for large multinational automobile part manufacturer;
    • GDPR Data Protection Officer for biopharmaceutical company beginning stage two trials in the EU;
    • Global data privacy compliance program for a maker of smart garage doors;
    • Global data privacy compliance program for a technology-oriented education organization;
    • CCPA readiness program for manufacture of ATVs, Jet Ski personal watercrafts and motorcycles;
    • CCPA readiness program for top five retail shoe manufacturer and sports equipment;
    • CCPA and GDPR readiness program for telehealth organization;
    • CCPA and GDPR readiness program for largest privately held manufacturer and distributor of medical supplies providing products, education and clinical programs;
    • CCPA and GDPR readiness program for one of the largest plastics, chemicals and refining companies in the world;
    • CCPA and GDPR readiness program of international distributor of promotional products and recognition products.

  • News & events
    • GDPR: The Beginning of a New Era in Privacy?” PLUS 2018 Cyber Symposium, 05/2018
    • GDPR “How to Protect Client and Witness Personal Data in the Era of Cyber Crime,” American Bar Association, 04/2018
    • “GDPR CLE – What you need to know now,” Panel with Jones Day, 03/2018
    • “Data Privacy in the US and EU Practical Data Protection Considerations,” Transunion, 03/2018
    • “GDPR: What Litigators Should Know. Webinar for American Bar Association,” American Bar Association, 03/2018
    • “Global Breach Response – How to Select Your Key Partners,” Advisen, 01/2018
    • “Cyber Insights: General Data Protection Regulation & Cyber Insurance,” Willis Towers Watson. 10/2017
    • “Unlocking the GDPR – Overview Training,” Medispend, 06/2017
    • “Practical Solutions to Demonstrating GDPR Compliance,” Medispend, 06/2017
  • Insights & innovation
    • “Cyber Insights: General Data Protection Regulation & Cyber Insurance”. Willis Towers Watson. October 2017.
    • “Global Breach Response – How to Select Your Key Partners”. January 2018.
    • “GDPR CLE – What you need to know now”. Panel with Jones Day. March 2018.
    • “GDPR: What Litigators Should Know. Webinar for American Bar Association”. American Bar Association. March 2018.
    • “Data Privacy in the US and EU Practical Data Protection Considerations”. Transunion. March 2018.
    • “How to Protect Client and Witness Personal Data in the Era of Cyber Crime”. American Bar Association. April 2018.
    • “GDPR: The Beginning of a New Era in Privacy?” PLUS Cyber Symposium. April 2018.
    • “After the GDPR – How to build a sustainable privacy program by harmonizing existing and emerging privacy regulations”. Associate of Corporate Counsel. November 2018.
    • “Privacy and Security Issues: Impact of the New CA Privacy Law on Big Data”. Panel with BakerHostetler at UCLA Anderson School of Management. November 2018.
    • “After the GDPR – How to build a sustainable privacy program by harmonizing existing and emerging privacy regulations.” Association of Corporate Counsel Webinar. November 2018.
    • Regulatory Panel: GDPR, California Privacy Laws, Credit Monitoring. February 2019. PLUS Cyber Symposium
    • Regulatory Round-Up: OCR, State AGs, GDPR, & the California Consumer Privacy Act. February 2019. PLUS Cyber Symposium Panel.
    • California Consumer Privacy Act: Managing Your Program Beyond July 1st – Webinar. May 2020. Ankura
    • CCPA What to Expect When July 1st Enforcement Date Takes Effect – Webinar. June 2020. Association for Data and Cyber Governance.
    • Practical Next Steps: What the Schrems II Decision Means for Your Data Transfers. August 2020.  Ankura Webinar Series.
    • KnowIt 2020 Panel: States Take the Lead on Privacy. May 2020. KnowIt.
    • 2020 CCPA Final Regulations: Approved Modifications and Extensions of Employee and Business-to-Business Exemptions. November 2020. Strafford.
    • California Consumer Privacy Act and Prop 24. November 2020. Chicago Bar Association.
    • Global Data Privacy Update: India Personal Data Protection Bill 2019. December 2020. Ankura Webinar Series.
    • Vendor Risk Management: Best Practices and Impact of Schrems II. November 2020. International Association of Privacy Professionals, KnowledgeNet – Austin, Texas.
    • Drafting Vendor Agreements to Comply With California Privacy Rights Act (CPRA): Requirements Beyond CCPA and GDPR. January 2021. Strafford
    • US Consumer Privacy Program Workshop:  Lessons Learned and the Challenges Ahead to Address Evolving and Expanding Laws. May 2021. Privacy and Security Academy – Webinar.
    • Living it Up in Privacy Law California: Hot Topics in CCPA and CPRA. May 2021. University of Texas 2021 Technology Law Conference.