Gregory J. Pellicano
Vice President Audit, Compliance and Privacy
gpell@upenn.edu | 215-898-7958

Greg Pellicano joined Penn in October 2015 as Associate Vice President and Head of Internal Audit, Institutional Compliance and Privacy for the University and Penn Medicine. His teams are responsible for covering a wide range of academic, healthcare and management activities spanning diverse operations throughout the University and Penn Medicine, including operational, financial, information technology, compliance and privacy activities.

Greg has over 30 years experience in various senior risk management roles at fortune 500 companies. Most recently Greg worked at Shire Pharmaceuticals for the past 10 years in two different roles as Chief Audit Executive and Deputy Chief Compliance Officer.


Frank Tresnan
Associate Vice President, Audit
tresnan@upenn.edu | 215-898-1932

As the Associate Vice President of Internal Audit, Frank provides leadership to the 14 dedicated professionals comprising the Operational and Information Technology Audit function. He is responsible for planning and overseeing the delivery of the function’s services to the University and Penn Medicine. These services include risk-based operational, financial, compliance, and information technology audits as well as various advisory and consulting engagements and investigations.

Frank is a Certified Internal Auditor with expertise in the design and evaluation of internal controls, sponsored projects administration and compliance, accounting, business process design, business administration, and audit/project management. He has served the Penn community in positions of increasing responsibility within OACP since 1997, starting as an internal auditor servicing the Health System and subsequently University Internal Auditor, University Audit Manager, Director of Operational Audits, Executive Director and, since January 2024, as Associate Vice President of Internal Audit.


Scott Schafer
Associate Vice President, University Chief Privacy Officer and Institutional Compliance Officer
sschafer@upenn.edu | 215-898-1934

Mr. Schafer serves as the University Privacy Officer and focuses on activities related to the development, implementation, maintenance of, and adherence to Penn’s privacy program. Mr. Schafer is responsible for raising awareness about privacy risks and how to mitigate those risks, advising on privacy issues affecting members of the Penn community, overseeing the University-wide Security and Privacy Impact Assessment program, and ensuring compliance with federal and state privacy laws as well as Penn’s privacy-related policies and procedures.

Mr. Schafer received his B.A. from Wesleyan University, graduating Phi Beta Kappa and with highest honors. He received his J.D. from Harvard Law School, graduating cum laude. He also holds the Certified Information Privacy Professional (CIPP) certification.


Lauren Steinfeld
Associate Vice President, Penn Medicine Chief Privacy Officer and Senior Advisor on Privacy
laurenst@upenn.edu | 215-573-3348

Lauren Steinfeld serves as the Penn Medicine Chief Privacy Officer and Senior Advisor on Privacy. In that position, Ms. Steinfeld works on privacy issues involving medical information, student records, electronic data, Social Security numbers, and other personal information. Recently, Ms. Steinfeld has worked extensively on developing policies, procedures and tools to mitigate risks in the information technology area. Ms. Steinfeld has also taught a Privacy Law course at Penn Law.

In the compliance area, Ms. Steinfeld focuses on coordinating and improving communications at all levels regarding the many compliance activities that take place at Penn, as well as developing and sharing compliance tools, resources, and best practices, and promoting Penn’s confidential reporting line.

Ms. Steinfeld received her B.A. from the University of Pennsylvania, graduating Phi Beta Kappa and magna cum laude. She received her J.D. in 1992 from New York University School of Law. She also holds the Certified Information Privacy Professional (CIPP) certification.