At Achieved Compliance, we understand the critical role data plays in the success of your company. We believe good data governance is essential to your ability to make the most of that data – to create, to innovate, and to serve your customers. 

We are also keenly aware that compliance with new data protection regimes is challenging, especially for mid-market companies that do not have specialized expertise in-house. Typically, companies of this size have time-constrained staffs which mean fewer resources are available to work on data protection compliance.

Achieved Compliance can help! Our mission is to help you establish good data governance and arrive at privacy outcomes that meet regulatory requirements, provide consumers with effective protections, and stay competitive in the marketplace. To achieve this, we provide flexible and easy-to-use software solutions that are designed for non-privacy professionals. Whether you are looking for help with data discovery or need a virtual Data Protection Officer – combined with our tools and client counseling services, we can help you remain competitive while meeting the challenges of responsible data practices.

Achieved Compliance is headquartered just outside of Washington DC, in Alexandria, Virginia. Achieved Compliance Advocacy Ltd’s. offices are strategically located in the UK and Amsterdam. Our staff has a combined 60 years of experience in data protection, and we are ready to help you establish good data governance.


Melise Blakeslee, ESQ.,CIPP/E, Founder & CEO,

Melise has over 20 years’ experience in commercializing and protecting data. She has advised numerous companies in technology and IP law as the founder of Sequel Technology Law, a Washington DC based law firm established in 2009. Previously, Melise served as the head of the Internet and IT-transactions group for the international law firm, McDermott Will & Emery. Her practice routinely involves counseling global companies, particularly in the financial and IT sectors, about data protection and compliance.

After years of counseling clients about data protection and commercialization Melise understood that small and mid-tier businesses required a compliance solution tailored to their unique needs. In Achieved Compliance, Melise seeks to empower companies with an in-house approach to compliance that is easy and cost-effective, and offers the high-quality advice, resources and guidance she provides to her clients.

Melise is a noted authority and speaker on protection of personal data and cybercrime. Oxford University Press published her first book on cybercrime, investigation and litigation in 2015.  Her second book on enforcing intellectual property and data rights, was published in April 2017 by Lexis Nexis.

Paula Bruening, Senior Director, Global Privacy Policy

Paula brings 25 years of privacy and data protection policy development and representation expertise to her role at Achieved Compliance. Prior to coming to Achieved Compliance, Paula worked at Intel Corporation, where she was Director of Global Privacy Policy. There she developed and coordinated data protection policy across the company, focusing particularly on the European Union.

Prior to her tenure at Intel, she served as Vice President for Global Policy at the Centre for Information Policy Leadership at Hunton & Williams LLP, a pathfinding privacy and information policy think tank located in Washington, D.C. addressing cross-border data flows, emerging technologies, and cyber security issues. She was counsel for the Center for Democracy & Technology; Senior Attorney Advisor for the National Telecommunications and Information Administration of the Department of Commerce; and Senior Analyst for the U.S. Congress Office of Technology Assessment. Paula has extensive experience working on information policy issues in developing countries and with international organizations such as the Organization for Economic Cooperation and Development and APEC. She is a graduate of John Carroll University and received her law degree from Case Western Reserve University.

Shawn Curtis, Chief Technology Officer

Shawn brings a wealth of practical technology and management experience to Achieved Compliance. He has over 20 years of experience in programming and management with companies such as; Wal-Mart, Inc., Dial Corp., WeightWatchers.com, Nike and many others. At Achieved Compliance, Shawn uses his knowledge of web development, cyber security, and data privacy to lead our company’s technology department in developing secure, leading edge software and services for our users. In addition to his vast knowledge of business technologies, Shawn also has a Juris Doctorate from The George Washington University Law School and has practiced in technology law for many years.

Jeff Berkman, General Counsel

Jeff has 25 years of experience in business law. He has deep experience in new business and corporate structuring, partnership/joint venture relationships, corporate transactions, business purchases, and private equity/venture capital deals. He currently serves as a member of the Board of Directors of a NASDAQ traded company, and is a director of several private companies.

Marilyn Lamar, Consultant

Marilyn Lamar is an attorney, author, and speaker with more than 20 years of experience in corporate and information technology law including data privacy and security issues, data use agreements for multi-party databases, software development, and cloud computing services. Marilyn helps Achieved Compliance clients navigate the intersection between the GDPR and US laws governing the protection of health-related data.

Marilyn is the current President of the American Health Lawyers Association.

After a clerkship with the Seventh Circuit Court, Marilyn began her private practice career at McDermott Will & Emery LLP where she rose to the position of capital partner. During her tenure, she chaired the Health Law Information Technology practice group and co-chaired its HIPAA practice group. She also represented pharmaceutical, logistics, banking, and other clients in mergers, acquisitions, joint ventures, reorganizations, software licensing, and regulatory matters.

Marilyn received a B.S. in Psychology from the University of Illinois at Urbana-Champaign and a J.D. degree from the University of Chicago Law School.

Michael Sutton, Consultant

Michael Sutton brings over 15 years of international experience in creating business strategies and identifying and managing the integration of complex acquisitions and joint ventures to Achieved Compliance. He has led multiple project management teams implementing ERP systems and delivering the GDPR program for a US multinational over the years.

As the lead for the GDPR program development and roll out across the European business, Michael was involved with the following:

  • developing policies ensuring compliance with the GDPR including, but not limited to
    • Data Subject Access Requests (DSAR’s),
    • Erasure Requests, (Right to be Forgotten) and
    • Data Breach Management.
  • Embedding processes across the businesses including
    • Data Protection Impact Assessments (DPIA)
    • Vendor Due Diligence
    • Review and sign-off of Data Processing Agreements (DPA’s)
    • Record of Processing Activity (ROPA)
Lanre Oluwatona, PMP, FIP, Consultant

Lanre Oluwatona is a data protection consultant, trainer, and data protection officer with over 25 years’ experience in IT compliance, change and project management and holds the following qualifications:

  • Fellow – International Association of Privacy Professionals.
    • Certified Information Privacy Professional (CIPP/E).
    • Certified Information Privacy Manager (CIPM).
    • Certified Information Privacy Technologist (CIPT).
  • European Certified Data Protection Officer (ECDPO).
  • Project Management Professional (PMP).
  • Risk Management – Management of Risks – Foundation (MOR).
  • Green Belt – Lean Six Sigma Business Process Improvement.

Lanre is currently the Data Protection Officer (DPO) for two National Hospitals in Dublin, Republic of Ireland and advises the Board of Research Ethics of both hospitals on data protection issues. He is familiar with data protection and privacy laws from multiple jurisdictions including the US (CCPA) Nigeria, Kenya, and South Africa.

He previously worked at Hewlett Packard, Dell, the Irish Cancer Society, and the Irish Computer Society where he was responsible for the management and successful delivery of several medium to large-scale compliance and IT projects. During his time at the Irish Computer Society, Lanre designed and developed the European Certified Data Protection Officer training program, one of the leading data protection certification programs in Europe.

Erik Elliott, J.D. CIPP/US, CIPP/E, Data Privacy Analyst & Project Coordinator

Erik is a data privacy professional with broad experience in information privacy and protection. He has conducted privacy assessment, gap analysis, and risk remediation for clients in a wide variety of sizes, industries, and privacy maturity throughout the US, EU, and Asia-Pacific region.

Prior to joining Achieved Compliance, Erik was a Global Privacy Manager with TrustArc, where he certified organizations in a variety of privacy frameworks, including Privacy Shield/international data transfer, GDPR, APEC CBPR and PRP, and EDAA, among others. Erik currently serves as a Young Privacy Professional with the Central Florida IAPP KnowledgeNet Chapter.

As a legal intern with Dana-Farber Cancer Institute, Boston Children’s Hospital, and the Massachusetts Office of the Attorney General, Erik worked on a variety of privacy, healthcare, and research matters, including projects involving the HIPAA Privacy and Security Rules, pharmaceutical research, and data breach notification. Erik received a B.A. in Philosophy from Smith College and a J.D. from Northeastern University School of Law.