Maria Phillips


Maria provides risk management services to a variety of entities. While focused on healthcare organizations, business and professional services firms, and technology organizations, she has worked with a multitude of industries. Based out of the Chicago office, Maria has over 10 years of aggregate experience. Prior to joining RSM, Maria practiced corporate healthcare law in both transactional and litigation environments. Within RSM, she has expanded her industry expertise across all lines of business within the consulting practice with concentrations in privacy and enterprise risk management.

In her current role, Maria delivers advice and consultation regarding complex risk matters, assists engagement teams in internal audit matters, and is responsible for ensuring that clients comply with professional and regulatory standards. Maria has knowledge as it relates to contract and compliance matters both at the state and federal level. She focuses in privacy and security: which includes but is not limited to governance, contract compliance and risk, regulatory compliance, policies and procedures work, cybersecurity, business continuity/disaster recovery, and controls. She works with clients on HIPAA/HITECH, GDPR, CCPA, DFARS and other regulations/standards as they relate to entities and 3rd parties. Maria is also a member of the firm’s blockchain practice, assisting clients in the privacy and security concerns surrounding smart contracts, cryptocurrency, and cryptofund arenas.

My Sessions

Shark Bite: Phishing, Privacy, IOT

Columbus AB

Learn how to reduce cybersecurity risks to your law firm systems and maintain data privacy. Avoid phishing lures and other attacks on devices used in your practice. We will also discuss how internet connected devices expose client data and how you can protect it. Sponsored by:

Core Concepts

Of PEN Tests and Policies: Firm Security Audits

Columbus IJ

Hacker audits penetration testing and employee phishing simulations can provide crucial insights into the state of your technology and the awareness of your law firm. The results should lead to an action plan, peace of mind, and a possible reduction in cyber insurance premiums.