Tom Vincent is a shareholder at GableGotwals and is a Certified Regulatory Compliance Manager and Certified Information Privacy Professional/United States. He brings extensive experience in regulatory compliance to his practice, having served as Chief Compliance Officer for different financial institutions, as well as Anti-Money Laundering Compliance Officer, responsible for ensuring compliance with a myriad of requirements, including customer protection, privacy, information security, corporate governance, and reporting information to the Financial Crimes Enforcement Network (FinCEN).
Tom assists his clients with issues involving data security and privacy, including the establishment of privacy and cybersecurity programs, negotiation of appropriate protections for client information, breach identification, and required reporting. He applies his corporate compliance experience to guide clients through the myriad of state, federal and international laws, regulations, and requirements to ensure compliance and protect them from potential lawsuits and regulatory action.
In addition, Tom regularly presents on privacy and security issues to a variety of audiences, including attorneys, healthcare practices, financial and human resource professionals, and professional services firms. He is currently an Adjunct Instructor of Cyber Security at The University of Tulsa and is a member of the Information Systems Security Association.
Currently, Tom serves as a member of the Board of Directors of Tulsa Zoo Management, Inc. Tom also serves as Co-Chair of the Firm’s Diversity, Equity, and Inclusion Committee and is a member of the Banking Working Group of the Law Firm Antiracism Alliance, which focuses on examining the practices and habits of banking and financial institutions with an eye towards determining how best to dismantle those elements that have the effect of perpetuating racial inequity. He is a member of the Tulsa Regional Chamber’s Diversity, Equity and Inclusion Advisory Committee, serves on the Board of Trustees of Riverview Country Day School, and chairs the Steering Committee of the RCDS Diversity, Equity, Inclusion and Justice Alliance. Because of his efforts to champion the cause of diversity, Tom was awarded the Ada Lois Sipuel Fisher Diversity Award by the Oklahoma Bar Association in 2023.
Experience:
- Developed and implemented privacy and security compliance programs, including website disclosures, policies, training, and risk assessment processes, to meet HIPAA, FERPA, GLBA, GDPR, FTC, and other state, federal, and international legal and regulatory requirements.
- Developed and implemented vendor risk management programs to address the privacy and security of client and company information.
- Engaged security firms for various clients to perform penetration testing and other security assessments.
- Served as insurance-approved breach counsel for privacy and security incidents to determine reporting responsibilities across multiple states, territories, and countries, including the development of required customer communications.
- Reviewed client insurance policies for appropriateness of coverage and provided responses to insurance carriers regarding the sufficiency of client breach responses.
- Served as Chief Compliance Officer, Bank Secrecy Act and Anti-Money Laundering Compliance Officer, and HIPAA Compliance Officer for different financial institutions.
- Serving as Chair of Corporate Transparency Act Task Force responsible for developing associated compliance processes and documentation.
Selected Presentations:
- “The Ethics of Inclusion: Developing the Words, Actions, and Achievements to Change Yourself and Your Practice” (Lawline), June 8, 2023
- “Proactively Managing Vendor Relationships: Setting Expectations, Avoiding Surprises, and Getting Your Stuff Back” (Lawline), February 22, 2023
- “What Now? Post-Breach Cybersecurity Issues: Addressing the Obvious and the Hidden, Not-Initially-Visible, and Otherwise Neglected Causes and Consequences of a Data Breach” (SouthWest Benefits Association), November 8, 2022
- “Beyond Attorney-Client Privilege: Reconciling Traditional Attorney Issues and an In-House Environment” (Association of Corporate Counsel), September 16, 2022
- “IT/IT Security, and Legal; Building Mutually Beneficial Relationships” (ISSA), November 8, 2021
- “Cool to be Kind: The Expectation of Positivity and the Need to Belong” (DisruptHR Tulsa), October 20, 2021
- “Cybersecurity! Why All the Cool Kids Are Doing It” (with Trent Shores, Oklahoma Association of Municipal Attorneys), September 9, 2021
- “Avoiding Unintentional Exclusivity: Why the Language We Use Matters” (National Conference of Bar Foundations), July 31, 2021
- “We’ve Been Hacked! What Do We Do Now?” (ISSA CyberSecurity Roundtable), January 26, 2021
- “Embrace Your Blur: Using Your Authentic Self to Create Your Career Brand Narrative” (Black Wall Street Chamber of Commerce), November 12, 2020
- “Courageous Conversations: Beyond the Hashtags” (Mosaic & Luxa Enterprises), August 25, 2020
- “Life Preservers and Safety Nets: Returning to Work and Staying Afloat in COVID-19’s Wake” (Tulsa Area Human Resources Association’s Learning Lab), May 28, 2020
- “Oh, What a Tangled Web(site) We Weave” (GableGotwals and Stinnett & Associates Cyber Webinar), May 13, 2020
- “It’s not what you do, it’s why you do it: Ownership, Obligation, and Information Security” (Workforce Forensics Podcast), April 30, 2020
- “Unexpected Legal Ethics Work-at-Home Webinar” (Avansic Work at Home Webinars), April 15, 2020
- “Courageous Conversations Year End Celebration: 50 Shades of Courage” (LUXA 2nd Annual Year End Celebration), December 18, 2019
- “Best Practices of Employee On-Boarding/Off-Boarding” (Tulsa Area Human Resources Association Employment Law & Practices Seminar), November 7, 2019
- “To Secure and Protect: Fulfilling the Expectations of Clients (and Others) in Commercial Real Estate and Fiduciary Transactions” (Tulsa Title and Probate Lawyers Association), June 13, 2019
Selected Publications:
- “A Need for New Armor: Tribal Entities Under Cyberattack” (with Emma Kincade and Trent Shores), GableGotwals Cybersecurity and Data Privacy Alert, October 21, 2021
- “Chapter 14: Energy Cybersecurity Law – A Survey” (with Susan Lindberg and Trent Shores), Energy Law and Transactions (Matthew Bender), October 2021
- “This Is Your Lucky Day” (Gavel to Gavel, The Journal Record), January 29, 2020
- “Breaches and Attorney-Client Privilege” (Gavel to Gavel, The Journal Record), September 18, 2019