The ABA and state bars are moving from guidance to enforcement. Your governance framework needs to exist before that conversation happens — not after.
Your organization adopted AI tools before governance did. You know the exposure exists. I run a structured nine-domain assessment of your current AI footprint, identify the gaps, and build the policy, audit trail, and accountability structure that closes them — inside your existing M365 environment.
You will be the person who has to defend your organization's AI decisions to a board, a regulator, or a judge. I build governance frameworks in the language and structure that holds up under that scrutiny — and I deliver findings you can act on, not a white paper you file away.
HIPAA, state privacy laws, and payer compliance make generic governance frameworks a liability. I build frameworks that account for the specific constraints of a healthcare legal environment — because almost no one else does.
You do not have a legal ops function. You are the legal ops function. I build governance structures simple enough to implement alone, specific enough to be defensible, and priced to fit a practice that cannot absorb enterprise consulting fees.
All engagements are built on NIST AI RMF and ISO 42001 principles. ABA and state bar guidance is incorporated as applicable to your jurisdiction.
The starting point for every governance engagement. I run the Aegis Protocol — a structured nine-domain assessment covering organizational readiness, AI inventory, policy documentation, attorney oversight, data governance, vendor management, risk management, training, and regulatory compliance. Every finding is documented with a risk rating and a specific recommendation. You receive a written findings report and a prioritized remediation roadmap.
Full governance framework build. Based on assessment findings or a scoping conversation, I design and deliver a complete governance system your team can implement, defend, and maintain. This includes the policy documents, the operational workflows, the audit trail structure, and the accountability documentation — built to your organization's size, practice areas, and existing technology environment.
For organizations that already have a governance document but need it stress-tested against current regulatory requirements. I review your existing policy against the Aegis Protocol framework, identify what holds and what doesn't, and deliver a gap report with specific remediation recommendations. The right engagement if you drafted something internally — or had AI draft it — and want a practitioner to validate it before it gets tested.
Retainer-based advisory for organizations that need ongoing support as the regulatory landscape evolves. The ABA, state bars, and courts are actively issuing new AI guidance. What your governance framework says today may not be sufficient in six months. I monitor regulatory developments, flag changes that affect your governance posture, and work with you to update policy and practice before you are behind.
If you are not sure which engagement fits your situation, start there. Reach out with a brief description of where you are and I will give you an honest assessment of what you need and what it would cost.
Whether you need an assessment, a full framework, or an ongoing advisory relationship — let's talk about what's possible.
Start a Conversation