Enterprivacy Consulting Group

Top-tier privacy consultancy led by world-renowned expert R. Jason Cronk.

  • Author of Strategic Privacy by Design.
  • Founder of the Institute of Privacy by Design.
  • Developer of the FAIR Privacy Model.
  • Contributor to the NIST Privacy Framework.
  • Holder of a Certificate of Management in Information Systems.
  • Member of the International Association of Privacy Professionals Privacy Engineering Advisory Group and of the Information Systems Security Association.
  • Privacy by Design Ambassador to the Information and Privacy Commissioner of Ontario.

Two Decades of Experience

With over two decades of experience, Cronk has worked with clients across the spectrum – from small businesses to high-profile companies. He is an active member of the privacy community and a pioneering voice in the development of privacy by design. His team of experts is ready to assist you with your most pressing privacy concerns.

Enterprivacy Consulting Group is a dynamic consulting firm which draws on a pool of independent consultants based on project needs and consultant skills and availability. We view each engagement as a unique challenge and opportunity and while we leverage past experience and work products, we approach new projects with an open mind to meet the needs and expectations of our client. The primary team assembled for this project, including, certifications, past and present affiliations as well as relevant work experience are presented below. The team is subject to change based on project demands, timelines and team member availability.

Principal Privacy Consultant

R. Jason Cronk (Florida, USA)

CIPM, CIPT, CIPP/US, FIP, JD, PbD Ambassador

  • Author: CIPT Textbook Strategic Privacy by Design
  • Chair: Institute of Operational Privacy Design
  • Member: NIST Privacy Workforce Working Group
  • Member: IAPP Privacy Engineering Advisory Board
  • Co-Chair: ISSA Privacy SIG
  • Privacy Engineer: NCR Corporation


NIST Privacy Framework Related Talks and Blogs

  • IAPP: ISO 27701 versus NIST PF: Choosing the Right One for You
  • PEPR: Engineering Ethics into the NIST Privacy Framework
  • NIST: X Marks the Spot: Using Privacy Framework Regulatory Crosswalks
  • Blog: Ecosystem Risk Management in the NIST Privacy Framework

Related Work Experience

Engaged in a NIST Privacy Framework effort as the subject matter expert, in 2019, by an early adopter, Jason Cronk was perhaps the first consultant to align a company the NIST Privacy Framework, even prior to formal adoption of V1.0.

Jason was active in the drafting of the framework, providing commentary, blogging and developing the Privacy Framework – GDPR crosswalk and has continued his work in the area by being an active member of the NIST Privacy Workforce Working Group creating task, knowledge and skills statements for framework CORE subcategories.

Jason has previously completed privacy program maturity assessments using GAPP – Generally Acceptable Privacy Principles.

Senior Privacy Consultant

Janelle Hsia (Colorado, USA)


  • Board of Directors: Cloud Security Alliance
  • Co-Chair: ISSA Privacy SIG
  • Director of Privacy and Compliance: ACSM

Related Work Experience

As a CISA, Janelle Hsia implemented and assessed systems against NIST 800-53 (Rev 4) for the US Department of Commerce from 2013 through 2016 and was an early adopter of Appendix J, the Privacy Controls. 

Since then, she has been a consultant focusing on creating and assessing privacy programs for organizations using NIST, ISO, GDPR, and the AICPA Privacy Maturity Model.  In 2021, she conducted three readiness assessments for organizations certifying under the relatively new ISO 27701:2019.

Privacy Project Management

Junior Privacy Analysts

Enterprivacy Consulting Group leverages a number of junior privacy analysts and interns for project support in various capacities. Principal consultants will provide training around NIST Privacy Framework, maturity models and related topics to all junior analysts working on the project.

Andre Morganfield (Georgia, USA)

DAWIA Certification (Program Management 1)

  • Privacy Project Management: Facebook
  • Privacy by Design Project: Wells Fargo
  • CCPA Compliance Project: Warner Media
  • GDPR Transformation Project: NCR, Inc.

Schedule a Consultation

Privacy should always be a guarantee… together we can make it so! Your contact information will only be used to discuss potential services with you.