Browse Skills

Expert in Data Subject Access Request (DSAR) processing covering GDPR Articles 15-22, technical implementation, response automation, and cross-system data discovery for privacy compliance.

Designs regulatory change management frameworks including horizon scanning processes, impact assessments, compliance calendars, and reporting obligation tracking. Helps organizations stay ahead of evolving regulatory requirements.

Create and improve ISO 9001:2015 quality management system documentation including quality manuals, procedures, SOPs, work instructions, and audit preparation materials.

Design, implement, and audit compliance controls for high-risk AI systems under the EU AI Act and aligned frameworks, covering risk management, data governance, traceability, human oversight, and conformity assessment.

Drafts API Terms of Use covering rate limits, usage restrictions, data ownership, liability, SLA commitments, and developer responsibilities for platform businesses exposing APIs.

Expert drafting and analysis of licensing agreements for IP, software, patents, and technology transfers.

Comprehensive AML/KYC compliance for cryptocurrency exchanges and VASPs. Covers risk assessment, transaction monitoring, blockchain analytics, Travel Rule implementation, suspicious activity reporting, and sanctions screening across FATF, EU MiCA, and US FinCEN frameworks.

Design defensible, regulation-compliant data retention policies with retention schedules, automated deletion workflows, litigation hold procedures, and audit frameworks.

Guides the design of compliance programs including framework selection, risk assessment methodology, training development, audit procedures, and regulatory mapping. Applies ISO 37301 and DOJ guidance. This is NOT legal advice — always consult qualified compliance counsel.

Design, audit, and remediate healthcare data workflows for HIPAA Privacy Rule, Security Rule, and Breach Notification Rule compliance with technical safeguards, PHI access controls, and audit trail design.

Creates GDPR-compliant Data Processing Agreements (DPAs/Art. 28 contracts) for processor-controller relationships, including sub-processor schedules and technical/organizational measures.

Conduct rapid needs assessments, conflict analysis, and security risk evaluations in active and post-conflict environments using OCHA MIRA, UNDP CDA, Sphere standards, and UNDSS security frameworks.

Drafts comprehensive, regulatory-compliant clinical trial protocols following SPIRIT 2013, ICH-GCP, and FDA/EMA guidelines, covering study design, endpoints, statistical analysis, safety monitoring, and operational feasibility.

Design, test, and manage Sarbanes-Oxley internal controls over financial reporting with COSO-based control matrices, ITGC frameworks, deficiency evaluation, and remediation planning.

Draft legally robust non-disclosure agreements — from scope definition and obligation structuring to jurisdiction selection, remedies, and negotiation guidance.

Systematically review commercial and residential lease agreements to identify risks, unfavorable terms, hidden costs, and negotiation opportunities with clause-by-clause analysis and market benchmarking.

Navigate and optimize municipal building permit processes including zoning compliance, plan review, inspection scheduling, and digital workflow transformation for faster approvals.

Generates comprehensive terms of service agreements covering liability limitations, IP ownership, dispute resolution, acceptable use policies, account management, and multi-jurisdiction consumer protection compliance.