Dave Fairburn is a Director at SunHawk Consulting. He is a seasoned cyber professional with more than 30 years of experience designing and implementing programmatic security solutions. He is an expert in security requirements including CMMC, FedRAMP, FISMA, NIST 800-53 R4 and 800-37 R1, NIST 800-171, HIPAA, GDPR, SOC 1, SOC2, and SOC 3.
In 2010, Dave served as the Project Manager for the Federal Risk and Authorization Management Program for the General Services Administration and the Federal CIO, where he developed the Security Program for the Federal Risk Authorization and Management Program (FedRAMP). Dave is now nationally known as the architect and author of FedRAMP, resulting in the first-ever government-wide implementation of FISMA. He also designed the Continuous Monitoring Program for FedRAMP, which has been leveraged, in part, by the Department of Energy.
Dave is routinely asked to provide Subject Matter Expertise to multiple federal and commercial entities in the fields of Cloud Computing, IT Security, Information Assurance, and Program Management. He is a strong advocate for continuous monitoring and establishing a risk management framework that can be utilized to manage risk in a “real world” environment. Dave received his Master’s Degree in Cyber Security from the University of Maryland.
"SunHawk was an outstanding partner in the provision of interim leadership in compliance and internal audit for our organization. They provided seamless coverage and advancement of our compliance and internal audit functions. As CEO, I had no concerns or worries during our engagement. They were true partners for us!"
Alfred E. Pilong
President and CEO
"James and the SunHawk team have been an invaluable resource for our Compliance Office - they are a reliable, well experienced, trusted and knowledgeable team of professionals who at a moment’s notice will take your calls or respond to your emails.
Their advice helped us navigate the ever evolving, highly regulated healthcare industry! Whether it’s discussing report methodology or determining appropriate repayment, SunHawk provides the reassurance and confidence that you are doing the right thing!
We are honored to have partnered with SunHawk and will continue to do so in the future!"
Vice President/Chief Ethics, Compliance and Privacy Officer
Community Health System
"SunHawk’s professionals are leaders in the compliance and risk industries. Over the years I have worked with a number of their professionals on a series of projects/issues and learned SunHawk’s professionals are problem/solution-oriented and great coalition builders.
SunHawk Professionals get the job done and are a pleasure to work with. Commitment, Experience, Professionalism, and Integrity; that's what SunHawk Professionals brings to the table."
Vice President/Chief Ethics, Compliance and Privacy Officer
Phoenix Children's Hospital
"Jim Rough is among the most conscientious professionals I have encountered. When he says he is going to do something -- he does it. Jim has a broad range of experience gained over decades in leading organizations.
Now as the founder of his own firm, Jim will be enabled to provide the same high-quality service to his clients in a setting that allows greater customization to his clients' financial circumstances."
Frank M. Placenti
Chair, US Corporate Governance & Securities Regulation
Practice, Squire Patton Boggs
"SunHawk Consulting's HIPAA Check Program provided us with an invaluable third-party review of our HIPAA policies and practices. The tracking tool SunHawk includes with the Program has become an integral part of our continued monitoring for HIPAA compliance.
Jan Elezian's extensive hands-on compliance experience was evident during site visits and staff interviews as she translated difficult subject matter into practical use scenarios and provided quality feedback. Thank you SunHawk team!"
Vice President, Compliance
Chicanos Por La Causa, Inc.
"SunHawk provides an array of dynamic professionals, each with significant subject matter expertise and a problem-solver approach. Beyond their knowledge and conscientious work ethic, however, is a team of caring individuals who strive to furnish individualized, tailored assistance with a personal touch.
Jim Rough's dedication to the success of SunHawk clients is evidenced by his strategic and prospective thinking complemented by his ability to truly anticipate the needs of a company in the midst of the complicated compliance climate. I highly recommend SunHawk for companies of any size seeking actionable solutions and measurable results."
Vice President and Chief Compliance Officer
Paragon 28, Inc.
“Sunhawk Consulting has proven to be a trusted partner with the ability to deliver results. We have consistently been impressed with their expertise, professionalism, and commitment to customer service. Sunhawk Consulting has supported our enterprise-wide risk assessment, risk management activities, and the configuration of our Governance, Risk and Compliance software tool.
Sunhawk Consulting’s leadership and consultative services have helped us to successfully navigate through the complexities of SOC, HIPAA, NIST and FedRAMP audits this year. The knowledgeable team of Sunhawk professionals has been and continues to be an invaluable resource for us, ensuring we are positioned for success in all our audits and assessment activities.”
Chief Technology Officer (CTO)
Get In Touch
2550 E Rose Garden Ln.
Phoenix, AZ 85050
Sign up for Our Newsletter
Your information is private and will NEVER be shared outside of SunHawk Consulting.
SunHawk Consulting specializes in professional consulting services and has a team of highly skilled subject matter experts with substantial backgrounds in:
* Healthcare Compliance: Statistical Sampling, Medical Coding Audits, Healthcare Compliance Programs, Evaluation of Compliance Programs and Risk Assessments, HIPAA Compliance Risk Assessments & Training, Corporate Integrity Agreement (CIA) Board Advisor, Independent Review Organization (IRO) Services, Interim Healthcare Compliance Support, Physical Security Assessment, Design and Implementation of Sunshine Act Compliance Programs, Enterprise Risk Management Optimization, Governance, Risk and Compliance (GRC) System Support, Electronic Health Record (EHR) System Implementation, Outsourced Audit Function Support, Medical Risk Adjustment Compliance (Medicare, Medicaid, Commercial), Policy, Procedure, Internal Control Development and Evaluation, FedRAMP Compliance;
* Corporate Investigations: Fraud Investigations and Forensic Accounting, Anti-money Laundering (AML), Bank Secrecy Act (BSA), Know Your Customer (KYC), Foreign Corrupt Practices Act, Third-party Due Diligence;
* Corporate Compliance: Evaluation and Design of Corporate Compliance Programs, Interim Compliance Support, Compliance Risk Assessments, Physical Security Assessment, Enterprise Risk Management, Private Equity Governance, GRC System Support, Audit Function Support, Fraud Risk Assessments, Investigations Program Assessment and Enhancements, Qui Tam Investigations, Hot Line Support;
* Litigation Disputes: Complex Litigation and Disputes, Mergers and Acquisitions: Regulatory Due Diligence, Expert Witness, Statistical Analysis, Healthcare Payment Disputes, Litigation Support, Physical Security Assessment, Neutral Party Data Analysis.