888-997-3635

Mike Semel

Founder, President, Complianceologist

Mike Semel is recognized as a thought leader in the IT, compliance and business continuity industries. He is the President and Complianceologist at Semel Consulting, focused on regulatory compliance and Business Continuity planning. Mike is a CMMC Certified Assessor (CCA), CMMC Certified Professional (CCP), CMMC Registered Practitioner (RP), Certified Security Compliance Specialist, Disaster Recovery Institute Certified Business Continuity Professional & Certified Cyber Resilience Professional, Certified HIPAA Security Professional, and Certified Health IT Specialist.

He has owned or managed MSP companies for over 30 years; served as Chief Information Officer (CIO) for a hospital and a K-12 school district; and managed operations at an online backup company. Mike is the only expert who consulted with CompTIA/GTIA on the original Security Trustmark (2008), the Security Trustmark Plus (2014), and the Cybersecurity Trustmark (2023)He is the best-selling author of How to Avoid HIPAA Headaches.

Recognized Areas of Expertise

CMMC and NIST 800-171 Compliance (certified), NIST CSF, HIPAA Compliance (certified) & Joint Commission compliance; IT Management; Disaster and Business Continuity Planning (certified); assessments for compliance and business continuity; IT Assessments for School Districts; Executive Level consulting; CIO for hire; network design; IT policies and procedures; project management; ROI evaluation; training; Able to create compliance documentation, , executive level reports marketing materials, effective proposals; IT cost control & budgeting; IT investment justification; able to effectively communicate technology with non-technical executives.

Professional Credentials & Accomplishments

CMMC Certifications

• CMMC Certified Assessor (CCA), 2024

• CMMC Certified Professional (CCP), 2023

• CMMC Registered Practitioner (RP), 2021

Business Continuity & Cyber Resilience

• Certified Business Continuity Professional (CBCP), Disaster Recovery Institute International (since 2006)

• Certified Cyber Resilience Professional (CCRP), 2022

• Led plans for a $4B credit union, a $1B health plan, and over 200 small businesses

• Clients used our plans to survive Superstorm Sandy, the Joplin Tornado, and other major disruptions

• Member, DRI International Professional Practices Select Committee, 2021

Security & Compliance Leadership

• Only person to consult on all three CompTIA/GTIA Cybersecurity Trustmarks:

- Original CompTIA Security Trustmark (2008)

- CompTIA Security Trustmark Plus (2014)

- GTIA Cybersecurity Trustmark (2022)

• Certified HIPAA Professional (since 2006, HIPAA Academy)

• Certified Security Compliance Specialist, 2012

• Led HIPAA Security Rule assessments for hospitals, practices, government agencies, and school districts in multiple states

• Authored the Certified HIPAA Security Professional (CHSP) Training Course (4MedPro; CEU-qualified)

Leadership & Operational Excellence

• Outsourced CIO, White Pine County School District (2007–2012); secured over $1M in E-rate funding

• Outsourced CIO, Schuyler Hospital (2004–2006); eliminated downtime, increased IT flexibility, and cut operating costs by 32%

• Apple Education Sales Consultant (1990–1991); oversaw $10M in education sales across NY and PA

• Elected Chair, CompTIA IT Security Community, 2011

• Co-chair, CompTIA Ambassadors

Industry Recognition & Thought Leadership

• Member, FBI InfraGard (2003–present)

• Best-Selling Author: How to Avoid HIPAA Headaches (2017)

• Co-author: CompTIA Security Trustmark Quick Reference Guide (2009)

• Featured in Business Solutions Magazine, Hewlett-Packard Success Story, and D-Link Case Study

• Wrote 4,000-word cover story for Computing Channels Magazine

• Speaker at national conferences with audiences of up to 800 people

• 30+ years managing teams of 7 to 30 engineers and technicians

• Advisor to Compaq, Ingram Micro, Xerox, and other leading tech firms

• Chaired software development teams and served on executive advisory panels for multi-billion-dollar companies

Executive Experience

Semel Consulting August 2012 – Present

President / Chief Compliance Officer

Job Responsibilities: Provide startup financing. Develop and implement business and cybersecurity strategies. Hire and manage contracted workforce. Deliver consulting services. Sales and marketing. Manage client relationships. Deliver compliance services for HIPAA, CMMC, NIST, PCI DSS, GLBA, FTC Safeguards Rule, State Laws, Contracts, and Cyber Insurance. Create Business Continuity Plans across industries. Provide content for compliance software. Create compliance training courses. Conference speaking. Write for publications and websites.

Business Continuity Technologies – June 2010 – August 2012

VP / Owner / Security Officer

Job Responsibilities: Develop and implement business and cybersecurity strategies. Hire and manage workforce. Manage technical and consulting services. Sales and marketing. Manage client relationships. Deliver compliance services for HIPAA, NIST, PCI DSS, GLBA, State Laws, Contracts, and Cyber Insurance. Create Business Continuity Plans across industries.

White Pine County School District, Ely, NV – July 2007 – August 2012

Chief Information Officer

(Outsourced through Business Continuity Technologies and Connecting Point of Las Vegas)

Job Responsibilities: Develop and implement cybersecurity strategies. Select cybersecurity tools. Create and implement processes. Manage hybrid workforce of employees and contractors. Manage technical services and budgeting. Create cybersecurity policies. Oversee user training. Advise leadership and board. Managed compliance with FERPA, CIPA, E-Rate, State Laws, and grant requirements.

XiloCore (Online Backup Provider) – January – June 2010

Chief Operating Officer

Job Responsibilities: Manage technical team. Oversee helpdesk. Manage data restoration team. Train users. Manage client relationships. Managed compliance with HIPAA, FERPA, CIPA, E-Rate, State Laws, and grant requirements. Create Business Continuity Plans across industries.

Connecting Point of Las Vegas – May 2006 – June 2010

VP / Owner

Job Responsibilities: Develop and implement business and cybersecurity strategies. Hire and manage workforce. Manage technical and consulting services. Sales and marketing. Manage client relationships. Deliver compliance services for HIPAA, NIST, PCI DSS, GLBA, State Laws, Contracts, and Cyber Insurance. Create Business Continuity Plans across industries.

Schuyler Hospital / Seneca View Skilled Nursing Facility – June 2004 – May 2006

Chief Information Officer

(Outsourced through Chemung Computer and Databranch)

Job Responsibilities: Develop and implement cybersecurity strategies. Select cybersecurity tools. Create and implement processes. Manage hybrid workforce of employees and contractors. Manage technical services and budgeting. Create cybersecurity policies. Oversee user training. Advise leadership and board. Managed compliance with HIPAA, State Laws, and accreditation requirements.

Databranch, Elmira Heights, NY – June 2004 – May 2006

Regional Manager

Job Responsibilities: Develop and implement cybersecurity strategies. Hire and manage local workforce. Manage technical and consulting services. Sales and marketing. Manage client relationships. Deliver compliance services for HIPAA, NIST, PCI DSS, GLBA, State Laws, Contracts, and Cyber Insurance. Create Business Continuity Plans across industries.

Chemung Computer, Elmira Heights, NY - January 1980 – June 2004

Owner

Job Responsibilities: Provide startup financing. Develop and implement business and cybersecurity strategies. Hire and manage workforce. Manage technical and consulting services. Sales and marketing. Manage client relationships. Deliver compliance services for HIPAA, NIST, PCI DSS, GLBA, State Laws, and Contracts.

2011 “Channelnomics Influencer” Award Winner

CLIENT AUDIT TESTIMONIAL

“Great news! Attached is the letter we received from the OCR saying they are closing our HIPAA case without further action. Mike, thank you so much for your assistance with the response. I can’t tell you how much we appreciate your input that greatly influenced this outcome.”

— Rebecca Stodolak

We are compliance and business continuity certainty experts—trusted to bring clarity, strategy, and peace of mind.

At Semel Consulting, we uncover the blind spots that leave businesses vulnerable to investigations, fines, lawsuits, and uncovered claims. From your state laws to your insurance policy exclusions, we dig deeper so nothing gets missed.

State data breach laws
Contractual cybersecurity requirements
Credit card security
Cyber insurance requirements
Accurate & thorough Security Risk Assessments

Compliance with federal and state laws
Cyber insurance policy reviews
Contract reviews
Business continuity planning
Policy templates, training, and checklists

“When it comes to compliance there is nobody else in the industry who knows more and is a better resource than Mike Semel. You can count on him.”

Michael Mittel, President, RapidFire Tools

We Help Businesses

Comply With Everything: Federal & State Regulations, Contracts, & Cyber Insurance
Confidentially Identify Hidden Risks
Secure Your Data
Protect The People You Serve