Elizabeth leads the firm’s Privacy & Data Security Practice Group, which has more than 25 years combined experience in the practice area. Her practice addresses all aspects of privacy and data security law, including compliance initiatives to address major legal requirements such as the California Consumer Privacy Act (CCPA), HIPAA, Gramm-Leach-Bliley Act, the FCRA, the Telephone Consumer Protection Act, CAN-SPAM, data security breach notification, the General Data Protection Regulation (GDPR), Privacy Shield and other international data transfer mechanisms, COPPA, VPPA, and others. Elizabeth has assisted clients with a wide variety of implementation projects including cloud computing, health information exchanges, patient portals, bring-your-own-device, mobile applications, location tracking, online behavioral advertising, direct marketing, and complex customer insights initiatives. She also helps clients with government agency inquiries pertaining to privacy and data security, such as HIPAA compliance reviews conducted by the U.S. Department of Health and Human Services.
Elizabeth regularly leads privileged assessments and investigations, such as forensic examinations, vulnerability and compromise assessments, and data security evaluations. Her team has addressed more than 500 data security breaches.