Bigger Isn't Better


At least not for us. And probably not for you, if you've explored our site long enough to read this far. Lots of experience with resource-rich corporate environments has helped drive our desire for direct connection to help solve concrete problems for smaller organizations. We aspire to nothing greater.
Call us for more information.
816.226.6759
816.2Comply

Our Background


Cover Compliance is currently a single-member LLC. Most of the work product we produce and the direct client consulting Cover Compliance does is delivered by Cover Compliance's principal, Glenn Mills.

Cover Compliance also, from time to time, relies on limited subcontracting with a small group of trusted individuals that we've known professionally and personally for many years, to provide assistance in key areas such as document proofing and editing, records and information management advice, healthcare operations and mental health healthcare practice information, and legal advice. In such cases where we involve subcontracting related to specific client deliverables, we only do this with full agreement and understanding on the part of affected clients.

Glenn Mills' Professional Bio

Glenn's 2003 start in the privacy profession came as a move from independent consulting in IT, where he’d already had several years’ experience with writing policies and procedures related to data management and that involved several core privacy principle concepts. This technology writing experience and his prior background in energy trading from the days when Enron was still a real energy company (and an understanding of the compliance and ethics failures that led to the need for regulations like Sarbanes-Oxley) came together to help him earn a place as H&R Block's first compliance hire reporting to the new chief compliance officer.

At H&R Block, Glenn helped create their first non-accounting, cross-functional compliance program that started mainly as a Bank Secrecy Act/USA-PATRIOT Act, anti-money-laundering program, but quickly took on a heavy privacy and security focus with the growth in state data breach laws, the creation of federal and state "do-not-call" (or "DNC") databases and telemarketing rules, the CAN-SPAM Act, etc. At Block, all the banking/financial services and consumer privacy regulations also came with a thick chunk of IRS tax code for tax preparation compliance rules as well. And all of this coincided with the very first Payment Card Industry Data Security Standard (PCI-DSS), and credit card merchants, including Block, trying to figure out where this huge "pseudo-regulation" fit in the context of what they "must do" vs. "might need to do" to comply.

Immediately following that foundational experience, Glenn served in compliance roles where privacy was a significant component until 2008 when he established Cover Compliance and began to work on projects and in full-time corporate roles where both "privacy" and "compliance" became central to his work.

While still maintaining full-time corporate employment, Glenn's financial services background allowed him to transition into healthcare privacy in 2009 as he became the privacy officer for a trio of large union benefits plans (including a pension fund and a HIPAA-regulated health plan) with Boilermakers National Funds. That experience became important in attaining a role at Fiserv as the only privacy-focused non-attorney to serve in the company’s risk management area assisting with incident response and employee data exposure investigations world-wide (relying on his English-Spanish bilingual skills as well as his professional background). This experience addressed incidents related to employment, financial, and healthcare-related personal information.

In August this year, he wrapped up two years working with the country’s leading labor and employment law firm, Littler Mendelson PC, as the only internal privacy and security consultant with a privacy background. In that role, Glenn consulted with operations areas and different practice groups to provide privacy program advice for initiatives in areas such as “big data” analytics and international operations. Though he has done various smaller consulting projects off and on since 2008, he finally gave in to the call to go "all-in" on working through Cover Compliance this year.

Glenn's Work Approach & Credentials

Glenn has often served as a sort of translator between different stakeholder groups, including helping technical and non-technical teams communicate with each other, helping attorneys understand regulations, and helping attorneys and other operations staff understand each other. Even literal translation between English and Spanish speakers in the context of professional work in financial services (such as with a money services business focused on Latin American money transfers) and in human resources investigations and compliance audit programs.

Glenn is not an attorney. But he has worked with a lot of attorneys during his career, both in-house and outside counsel. And he earned his first IAPP (International Association of Privacy Professionals) certification in 2008, at a time when the overwhelming majority of privacy pros and especially of CIPPs were attorneys. Very often, even now, in the privacy world, non-attorneys face challenges trying to advocate for somewhat abstract privacy principles with technical areas that are focused on more concrete security issues. To more explicitly bring his technology and privacy background together, three years ago Glenn earned his CISSP. Having this certification to supplement his IAPP certifications has helped validate for more technically oriented peers that Glenn really does understand their work and concerns—though he remains first and foremost a "privacy geek" by profession and a "compliance geek" by nature.

But holding one of the more challenging cybersecurity certifications often helps Cover Compliance better communicate with clients who more readily understand the concrete world of "security controls" than they do the more abstract concepts of proactive privacy compliance, such as Privacy-by-Design, within technical environments.

Last year, Glenn was honored to become one of the first 200 privacy professionals out of more than 25,000 IAPP members worldwide to earn the IAPP's Fellow of Information Privacy (FIP) designation in the IAPP's inaugural class of privacy fellows.


Connect with Glenn on LinkedIn





When we ask for advice, we are usually looking for an accomplice.
Marquis de la Grange (1639-1692)
This pretty much sums up my experience working in compliance in corporate America beginning in the pre-Y2K days and running right through the heart of today's IoTdom.

It also tells you something about what we do NOT do at Cover Compliance.

The implication of that statement is that someone seeking advice already has an agenda AND that the advice seeker may already know that their agenda is bad.

We understand your compliance obligations and the challenges your business faces in this area. We also tend to understand the rationale for why most regulatory demands exist. We have an agenda and it's based on that understanding. You don't
What We Do
Regulatory compliance advisory services for smaller and not-for-profit entities that lack resources to purchase and manage complex enterprise systems and staff.
Stacks Image p2_n32
Cover Compliance
WHERE WE ARE
Overland Park, KS in the Kansas City area

  • 1.816.226.6759