Tom Garrubba, CIPT


Santa Fe Group

Senior Director

Tom Garrubba, Senior Director/CISO at Shared Assessments, is an internationally recognized subject matter expert, lecturer, author, and blogger on third party risk, and is the head instructor for the Certified Third Party Risk Professional (CTPRP) certification program. He actively blogged for the Huffington Post’s Business section on risk and on various industry websites including Government Health IT, ISACA and numerous eGRC websites. Previously, Tom was the Senior Privacy Manager at a Fortune 10 healthcare company where he established policies and procedures governing their vendor assessment program, overseeing all assessments for existing and potential third party service providers who were exposed to personally identifiable information (PII), protected health information (PHI), credit card/card holder (PCI), and proprietary data. Tom has nearly 20 years experience in IT security and privacy controls, as well as audit and compliance in both private industry and public consulting. You can also connect with Tom via LinkedIn.


Contributions by Tom Garrubba

  • Third-Party Privacy Risk—Beyond Your Organization's Bounds for GDPR
    Speaker at Privacy. Security. Risk. 2018
  • Third-Party Privacy Risk—Beyond Your Organisation's Bounds for GDPR
    Speaker at IAPP Europe Data Protection Intensive 2018
  • Your Customers Are Knocking: Are You Ready for Their Risk Assessment?
    Speaker at IAPP Canada Privacy Symposium 2016
  • Speaker at IAPP Academy 2012
  • Speaker at Privacy Academy 2013