GDPR & CCPA are Fueling High Demand for On-Point RegTech Solutions

Sulina Gabale is a Managing Associate and founding member of the Cyber, Privacy & Data Innovation practice, named Band 1 in U.S. Privacy & Data Security in 2019. As innovation pushes the limits of technology, those ideas challenge the boundaries of what is considered “personally identifiable information.” Sulina answers the question – how can we create tomorrow’s technology with yesterday’s privacy and consumer protection laws? She works closely with innovators at all levels of a business – executives, engineers, marketing and product, HR and customer service teams – to gain a true understanding of their goals and the data they’re collecting, using and sharing. She routinely guides companies of all sizes through the existing patchwork of laws, self-regulatory standards and industry practice impacting data privacy and security. She advises clients subject to regulatory investigations and litigation involving a spectrum of federal and state laws, including Section 5 of the Federal Trade Commission Act (FTC Act), the California Consumer Privacy Act (CCPA) and proposed state privacy legislation, Children’s Online Privacy Protection Act (COPPA), biometric privacy laws such as the Illinois Biometric Information Privacy Act (BIPA), the Fair Credit Reporting Act (FCRA), Gramm-Leach-Bliley Act (GLBA), the Family Educational Rights and Privacy Act (FERPA) and related state student data privacy laws, the U.S.-E.U. Privacy Shield Program, the California Online Privacy Protection Act (CalOPPA) and others.

With experience in both data privacy and consumer protection, Sulina utilizes a comprehensive approach to counsel clients on a myriad of issues affecting consumers and businesses. She routinely guides companies of all sizes through the existing patchwork of laws, self-regulatory standards, and industry practice impacting data privacy and security. Sulina advises companies of all sizes on the development and deployment of cutting-edge technologies and services, including ad-tech, AI and machine learning, biometric tools, social media, robotics and IoT devices, marketing and promotions and more.

Dana Post, JD, CIPP/E is a Senior Legal Editor, Privacy & Data Security, for Thomson Reuters, where she is responsible for developing content on global data protection and data security laws for its Practical Law and Data Privacy Advisor products.

Dana joined Practical Law from Freshfields Bruckhaus Deringer LLP, where she served as special counsel advising clients on global data privacy issues arising in cross-border data transfers, data breach preparedness and responses, and data breach litigation strategy. She was previously an associate at Kramer Levin Naftalis & Frankel LLP and Sidley Austin LLP.

As an Attorney and Certified Information Privacy Professional (CIPP/US, CIPP/Europe, CIPP/Asia), Anju has 15+ years helping large multinationals manage their privacy, information governance, and technology risks. Anju has extensive experience designing and establishing global privacy management programs, including developing and updating privacy policies and procedures, developing processes for the completion of personal information inventories, privacy impact assessments, incident management and breach response, monitoring, tracking and driving regulatory change and ensuring ongoing training, monitoring, auditing, reporting and evaluation of the privacy management program.

She currently leads the Americas team at BNY Mellon in the Global Privacy Office and is focused on privacy strategy and policy development, governance, centralized operational support, regulatory change and business transformation, and risk and compliance activities to ensure compliance with all applicable privacy and data protection laws while enabling business and technology innovation and valuable insights for clients and customers.

Courtney Stout is the Chief Privacy Officer for S&P Global, and is well-known for her work in the areas of privacy and cybersecurity. She is a problem solver who gives practical advice on scoping and managing risk arising from global data protection regulations. At S&P Global, Courtney works with global data protection regulations and has expertise in laws throughout the Americas, Europe, and Asia. She is a strong leader who draws on the power of positive energy to balance privacy and cyber risk with business needs and growth opportunities.

Before joining S&P Global, Courtney acted as Counsel and Co-lead of the Blockchain team for Davis Wright Tremaine LLP in Washington, D.C. There, Courtney’s practice focused on the intersection between privacy, technology and financial services. She counseled clients regarding best practices to reduce the risk associated with technology transactions in both traditional commercial contracts and a variety of strategic m-commerce and e-commerce agreements.

Courtney was an attorney at Bryan Cave LLP in Washington, DC and Hunton & Williams in Atlanta where she concentrated her practice in the areas of payment, privacy, outsourcing, technology and commercial practice.

Courtney received the IAPP certifications for Certified Information Privacy Professional / Europe (CIPP/E) and Certified Information Privacy Manager (CIPM).

Courtney holds a Juris Doctorate from the Vanderbilt University School of Law, and a bachelor’s degree from the University of Georgia.

Tess Blair and her team offer full-cycle electronic discovery and information governance services to organizations across the globe. Tess is the founder and leader of Morgan Lewis’s eData practice, which seeks to combine great lawyering with technology and process to deliver real efficiency and value to clients. The team includes both lawyers and technologists who support a state-of-the-art data center and technology portfolio to deliver comprehensive counseling and technical services under one roof.

As the leader of the eData team, Tess works with lawyers and clients to develop and implement strategies to successfully manage complex litigation. A recognized thought leader in electronic discovery, she has developed industry-leading best practices that are designed to provide clients with sensible, defensible options for the discovery process. A Six Sigma Green Belt, Tess invests heavily in training the entire eData team in Legal Project Management and Legal Lean Sigma.

As a Morgan Lewis partner, Tess counsels and defends clients primarily in the areas of product liability, mass torts, and complex commercial litigation. A considerable portion of her practice involves the defense of clients in national serial litigation and class actions.

Tess lectures regularly on civil procedure and eDiscovery, and writes frequently on eDiscovery and information governance for legal publications. She is ranked by Chambers USA and Chambers Global in their listings of leading business attorneys. Bringing entrepreneurial experience to her clients, Tess started and operated a small business before entering law. She also holds a master of professional studies in law firm management.

Kenneth N. Rashbaum advises multinational corporations, financial services organizations and life sciences organizations in the areas of privacy, cybersecurity, e-discovery for litigation and regulatory proceedings and information management. He counsels these entities on information governance and its compliance with federal, state, and non-U.S. laws and the interface of e-commerce and legal and regulatory liabilities in areas such as cybersecurity and breach response. Ken has vast experience in preparation of provisions in contracts, service level agreements and license agreements relating to compliance with data protection and privacy laws in the U.S. and other countries. He also leads information security and data breach response assessments, investigations and remediation initiatives; prepares policies for social media legal and regulatory compliance; and represents technology and life sciences organizations in federal and state investigations and audits, and in litigation.

Ken is a Distinguished Neutral on the Cyber Panel of the International Institute for Conflict Prevention and Resolution (“CPR”). In this capacity, he serves as a mediator in breach of contract disputes that arise from data breaches, claims of trade secret theft and disputes over cyber risk insurance coverage. Ken also serves as special e-discovery counsel for complex litigation and in matters in which electronic evidence from beyond the U.S. is required. He has been recognized internationally as a thought leader in electronic discovery and disclosure, and has served as national e-discovery counsel for multinational pharmaceutical corporations and global e-discovery counsel in products liability and IP litigation. Ken was appointed to the faculty of the Federal Judicial Center for its September, 2010 session and the Georgetown Advanced E-Discovery Institute (November 2009 and December 2012 sessions) to lead sessions on international e-discovery issues and challenges.

In his capacity as a nationally known expert on data privacy, Ken counsels healthcare organizations on compliance with federal, state and judicial standards governing protected health information. He has served as HIPAA and privacy counsel to major hospital systems, health plans, physicians’ groups, cloud computing providers and health information application developers; advised academic hospital systems on protocols for implementation of electronic health records; and provided counsel on risk management issues in access, uses and disclosures of electronic patient information.

Ken is an Adjunct Professor of Law at Fordham University School of Law and had been a member of the Adjunct Faculty at the Maurice A. Deane School of Law at Hofstra University from 2013 – 2015.

Prior to joining Barton, Ken was a senior litigation partner in the New York office of Sedgwick LLP (formerly Sedgwick, Detert, Moran & Arnold) where he was the Co-Chair of the E-Discovery, Compliance and Data Management Practice Group.