Maria L. Howland
University of Illinois at Chicago, Chicago, IL
L.L.M. in Taxation, Certificate in Employee Benefits. June 2002.
University of Louisville School of Law, Louisville, KY
J.D. May 1997.
Miami University, Oxford OH
B.S. in Business. May 1994. Major in Marketing. Minor in History.
Illinois, Florida, and Connecticut (retired).
International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional/United States (CIPP/US)
Certified Information Privacy Professional/Europe (CIPP/E)
Certified Information Privacy Manager (CIPM)
Fellow Information Privacy (FIP)
Member of IAPP Appeals Board
Heath Care Compliance Association (HCCA)
Certified in Healthcare Privacy Compliance (CHPC)
Fifth Third Bank, Cincinnati, OH (March 2015-Present)
Fifth Third Bank is one of the largest regional banks in the US. It is located in 10 states and has assets over $200 billion.
VP, Senior Ethics Officer
Managed the Conduct Risk Dashboard process, including leading the Conduct Risk Dashboard meetings and pre-meetings. Made significant changes in the cadence of the dashboard, metrics, and presentation to improve the process.
Oversaw the Bank’s EthicsLine. The EthicsLine is available for employees, suppliers and customers to make 24/7 reports of potential misconduct. Responsible for case management, reporting, and vendor management.
Formulated Ethics Office reporting for board committee review.
Prepared application and initiated supporting projects that led to the Bank’s recognition as one of the 2021 World’s Most Ethical Companies® by the Ethisphere Institute.
Secretary for the Conflicts Council. Responsible for the creation of submissions for the consideration of the council as well as tracking of decisions.
Led annual efforts to update the Code of Business Conduct and Ethics.
Created ethics policy and procedure documents including the creation of the initial Ethics Office Framework document.
Collaborated with other Bank partners to implement first Ethical Culture survey.
Responsible for the creation and review of Bank ethics training, including the presentation of the Ethics Lunch and Learn for the compliance division and enterprise wide annual training.
Worked with Corporate Communications to distribute communications supporting Ethics Office initiatives.
Successfully transitioned the Bank’s anti-bribery/anti-corruption program from Financial Crimes.
Worked on the Bank’s inaugural ESG report and ethics sections of rating surveys, resulting in a substantial increase in the Bank’s ratings.
VP, Compliance Manager - Privacy
Responsible for investigating, documenting, and ensuring appropriate Bancorp response to all GLBA privacy incidents and non-GLBA incidents including incidents involving corporate entities and HIPAA incidents.
Conducted annual GLBA risk assessment. Participated in Red Flags and compliance risk management assessments.
Member of GLBA, and Red Flags Councils. Chair of GLBA Council, past Chair of HIPAA Council. Councils are responsible for overseeing respective programs and conducting risk assessments.
Conducted due diligence reviews of vendors to ensure that the vendor could comply with privacy laws.
Evaluated new initiatives and processes for the Bancorp to identify and mitigate privacy risks.
Reviewed marketing materials to ensure compliance with applicable privacy laws.
Participated in internal audits and regulatory exams from Federal Reserve Bank.
Researched issues in areas all areas of privacy responsibility including: GLBA, HIPAA, FCRA, FACTA, COPPA, TCPA, CAN-SPAM.
Updated policies, procedures, and training for privacy functions. Made revisions to privacy processes to increase efficiency.
Reviewed new legislation and worked on implementation.
Participated in audits and exams.
Florida Hospital, Orlando, FL (April 2013-March 2015)
Florida Hospital was a seven campus hospital system with over 2,200 beds treating more patients than any other hospital in the US. Currently known as AdventHealth.
Director of Privacy, Chief Privacy Officer
Responsible for receiving, investigating, responding to, tracking, and documenting complaints from patients, employees, business associates, and other parties.
Led investigations into inappropriate use and or disclosure of patient information including notification, coordination with law enforcement, corrective actions, and other mitigation.
Prepared Hospital's response to Office of Civil Rights investigations.
Authored and presented materials to senior management on privacy risks to organization that led to additional staff in privacy area.
Ensured that staff was adequately trained in patient privacy matters including conducting in-person training to campus leadership and departments.
Wrote numerous privacy and data security reminders for communication to all employees.
Created and presented reports on privacy metrics to management.
Conducted on-going review of privacy policies and assisted in the implementation of new policies and procedures.
Ensured requests from external parties for patient data complied with federal and state law before release.
Confirmed that business associates agreements were in place and compliant with law.
Executed ongoing risk assessments of policies and procedures.
Performed privacy audits to ensure the program was working as intended.
COUNTRY Financial®, Bloomington, IL (April 2005-March 2013)
COUNTRY Financial is multi-line, multi-state insurer and financial services company. COUNTRY is a Fortune 1000 company with revenues over $3.6 billion.
Senior Compliance Specialist
Tracked federal and state privacy legislation and coordinated company compliance actions.
Responsible for content and delivery of GLBA and HIPAA privacy notices.
Authored company breach response plan and selected vendor to provide credit monitoring services to impacted individuals of data loss events.
Coordinated company responses to data loss incidents.
Reviewed company contracts for compliance with privacy legislation and implemented changes mandated by new laws and regulations.
Wrote company policies and procedures on privacy and data security topics.
Worked on committees responsible for information security and security awareness. Duties included development of annual training, development of company policies, awareness news articles, and special events.
Ensured that release of corporate data to third parties complied with laws and company policy.
Responsible for selection, training and supervising daily work of interns.
Completed Lean Six Sigma Yellow Belt certification during successful project to save the company millions a year in costs associated with the annual privacy statement distribution.
Compliance Specialist – COUNTRY Trust Bank®
Conducted compliance risk assessments and issued reports to management on topics including: Bank Secrecy Act, Privacy, Conflicts of Interest, Insurance Products, Employee Benefit Accounts, and Advertising.
Drafted and revised department and Bank compliance procedures.
Wrote annual compliance reports for Bank.
Assisted with regulatory examinations.
Prepared customer disclosure statements.
Reviewed advertising for legal, tax and securities related problems.
Financial Planning Compliance Coordinator – COUNTRY Capital Management Company®
Inspected email of employees in all levels of the organization for violations of law and compliance problems.
Authored company responses to NASD inquiries into the terminations of employees.
Composed company responses to customer complaints.
Evaluated compliance questionnaires and conducted further inquiries where necessary to ensure compliance.
Wrote sales and supervisory compliance procedures on market timing, fingerprinting procedures, and protection of customer information.
McLean County State’s Attorney, Bloomington, IL (November 2003-April 2005)
Assistant State’s Attorney
Prosecuted misdemeanor and felony cases for the People of Illinois.
Tried twelve cases to a jury, and dozens of bench trials.
Engaged in thousands of pretrial conference, plea, motion, review and sentencing hearings.
Conducted order of protection hearings.
Screened police reports in misdemeanor cases to determine whether charges should be filed.
Negotiated plea agreements with private attorneys and public defenders.
Trained new misdemeanor attorneys.
Attended National District Attorney’s Association’s Trial Advocacy I and trial advocacy course sponsored by Illinois Appellate Prosecutor.