Privacy, AI governance, and security counsel for healthcare, legal, and education organizations.

Jeremy Harris, AI governance attorney and founder of JHarris Advisory LLC

Jeremy Harris

Jeremy Harris — JD, CISSP, CIPP/US, HCISPP. Twelve years in-house privacy and security counsel; retired Air Force Lieutenant Colonel. I think like a lawyer and deliver like an operator — the workflows, playbooks, and decision frameworks your team can run, not a report that restates the problem.

12+ yrs in-house counsel · 20 yrs military legal · JD + 3 certifications · Lt Col, USAF (Ret.)

Start where you are

I need a quick risk readout

Take a free readiness assessment and get a prioritized action list.

I want the templates and tools

Buy a toolkit with policies, checklists, workflows, and implementation materials.

I need help implementing

Work with JHarris Advisory to adapt, operationalize, and present the program.

Browse by sector

JHarris Advisory shield logo representing rapid incident response and data privacy protection for organizations.
Abstract node diagram illustrating AI governance, data mapping, and algorithmic compliance frameworks.

Incident Response

Breach triage, response playbooks, notification timelines, and tabletop readiness

Education

K-12 and higher-ed AI, student data, GLBA, FERPA

AI Governance

AI intake, risk tiering, approvals, vendor review

Healthcare

HIPAA privacy, security, vendor and incident readiness

Padlock security icon representing secure networks and data privacy controls for corporate compliance.

Privacy

CCPA/CPRA, GDPR, data-use and sharing controls

Icon of a balance scale with two trays, representing justice or weighing.

Legal & Courts

AI use, citation verification, redaction records access

FEATURED GUIDE

HIPAA Security Rule NPRM: What's Proposed, What It Means, and What to Do Now

The complete readiness guide — proposed changes, 30/60/90-day plan, evidence checklist, and free assessment. Updated June 2026.
Read the Guide →

Read the complete hipaa readiness guide

Featured toolkits

AI Governance Starter Toolkit
$499.00

Most organizations deploying AI tools have no structured way to evaluate them. This bundle starts there. It's the intake, triage, and approval workflow built inside a large health system — the part that catches problematic use cases before they ship. Built for teams that want governance without bureaucracy: fast intake, clear risk assignment, documented accountability.

Who it's for: Organizations rolling out AI tools across teams without a formal review process. Best for companies asking "which AI decisions need oversight" and "who owns this if it fails.”

What's Included:

- Draft AI Use Policy

- AI Use Case Intake Form

- Risk Tiering Rubric

- Governance Playbook

- Required Artifacts Checklist

Want JHarris Advisory to implement these tools for your organization? Start with a scoping conversation @ https://jharrisadvisory.com/contact

HIPAA Compliance Starter Toolkit
$699.00

Healthcare organizations live with HIPAA exposure every day. This toolkit gives you a working framework to catch compliance gaps before regulators do — the same triage model and checklists used inside a $14B health system. Built for compliance teams and general counsel who need to move past "we have a BAA" to "we've actually reviewed it."

Who it's for: Healthcare organizations with regulated data, shared patient information, or vendors handling PHI. Best for teams with compliance infrastructure in place but gaps in incident readiness and BAA review rigor.

What's Included:

- BAA Review Checklist

- HIPAA Incident Decision Support Worksheet

- OCR Audit Readiness Assessment

- PHI Data Handling Addendum

Want JHarris Advisory to implement these tools for your organization? Start with a scoping conversation @ https://jharrisadvisory.com/contact

Higher-Ed GLBA + AI Compliance Kit
$899.00

Financial-aid data is GLBA "customer information," and any AI tool that touches it is in scope for the Safeguards Rule — with breach-notification deadlines to Federal Student Aid and the FTC. This kit gives you the written program with an AI overlay, the vendor controls, the breach runbook, and the institutional policy. Built by a former government attorney who ran security and privacy programs at scale.

Who it's for: CISO/CIO, General Counsel/compliance, and the financial-aid and research offices at universities and community colleges.

What's Included:

  • GLBA Safeguards Program + Breach Runbook (FSA/FTC timelines)

  • Institutional AI & Data Governance Policy

  • Risk Tiering + Required Controls

  • AI/EdTech Vendor Vetting (service-provider safeguards)

  • FERPA & CA Public-Records Handling; Incident & Breach Response

  • IRB / Research-Data AI Governance (universities)

Educational templates, not legal advice. Confirm current FTC/FSA requirements with your counsel and security office.

Want JHarris Advisory to implement these for your organization? Start with a scoping conversation @ jharrisadvisory.com/contact

Not sure where to start?

Take the free assessment that matches your organization