Malita Barkataki, CIPP/US, CIPM

Advisory Services Senior Manager
Ernst & Young

Malita Barkataki is a senior manager with Ernst & Young’s Advisory Services Practice focused on the assessment of privacy and data protection requirements as well as process, technology and security risks for many of the firm’s leading global and domestic clients.  Barkataki has developed her skills through involvement in a wide range of technology audit and privacy risk assessment engagements throughout her eight years at the firm.   

She has served many of Ernst & Young’s largest global clients in a variety of industries, with a focus on healthcare, and HIPPA requirements.

For a Fortune 500 manufacturing organization, she conducted an assessment of the company’s alternatives to comply with U.S. Safe Harbor privacy principles and its own policies for privacy and client confidentiality. For a Fortune 100 healthcare services organization, she assessed the company’s use of protected health information and their compliance with HIPAA requirements, and performed a global privacy and data protection review covering multiple sites in Europe and Asia. For a Fortune 500 cosmetics organization, she performed a global privacy and data protection review covering multiple sites in Europe and Asia. She coordinated with client personnel in those locations and others to compile an inventory of processes, systems, and third parties that process personal information, and to assess their control and compliance environments. For a Fortune 100 pharmaceuticals company, she assessed the collection, use, sharing, disclosure, retention and destruction of personal information based upon the AICPA Generally Accepted Privacy Principles. For a Fortune 500 pharmaceuticals company, she assessed the regulatory and privacy implications of a new disease management product offering based upon the AICPA Generally Accepted Privacy Principles and on HIPAA and other UK and Canadian privacy regulations. For a Fortune 500 gaming and entertainment group, she supported the privacy review for its handling of personal information practices over various business functions. For a Fortune 100 healthcare services organization, she assessed the company’s use of protected health information and their compliance with HIPAA requirements. For a Fortune 500 media and entertainment organization, she developed the internal risks and controls framework for their SAP implementation. For a Fortune 500 media and entertainment organization, she assessed the internal segregation of duties environment for a new SAP implementation.

Barkataki is a Certified Information Systems Auditor (CISA) and Certified Information Privacy Professional (CIPP), and is a member of the Education Advisory Board for the International Association of Privacy Professionals.