Advised clients regarding compliance with HIPAA, 42 CFR Part 2 (Substance Abuse Confidentiality Regulations), the California Consumer Privacy Act and other federal and state privacy, security and breach notification laws
Advised businesses on consumer data collection and privacy disclosures, including EU GDPR compliance
Assisted clients in responding to ransomware and other data security incidents, including identification of legal obligations and management of data breach response processes and communications
Advised clients regarding a wide variety of other potential breach incidents, including lost files, misdirected e-mails, physical facility security incidents and other issues
Counseled health care and other clients regarding privacy, security, and cyber risks and questions, including analysis of data flows, in creation and negotiation of contracts with their clients, vetting and negotiation of arrangements with their vendors, and in merger and acquisition-related due diligence.
Created, evaluated and/or revised of compliance programs and policies on behalf of clients