People

Search Language

italiano / Italian | Use language selector above (below, on mobile) to search additional languages
  1. A
  2. B
  3. C
  4. D
  5. E
  6. F
  7. G
  8. H
  9. I
  10. J
  11. K
  12. L
  13. M
  14. N
  15. O
  16. P
  17. Q
  18. R
  19. S
  20. T
  21. U
  22. V
  23. W
  24. X
  25. Y
  26. Z
  • Search
  • Selected filters
  • x(Cyber, Privacy)

57 items matching filters

740

Practice:

  • Technology & Innovation Sector
  • Proprietà intellettuale
  • Cyber, Privacy & Data Innovation
  • China

Mimiao Hu Of Counsel

Pechino

Her work has included trademark and copyright protection strategies, intellectual property litigation, unfair competition, intellectual property due diligence, cybersquatting and related technology issues. Mimiao has also advised clients on export regulation of military and dual-use items and customs regulation in China. In addition, Mimiao works extensively on cybersecurity & data privacy issues for both Chinese and international clients.

Prior to joining Orrick, Mimiao was a senior associate in the Beijing and Shanghai offices of a major PRC law firm.

432045

Practice:

  • Financial & Fintech Advisory
  • Strategic Advisory and Government Enforcement
  • Fintech

Hayden Irwin Associate

Santa Monica

Prior to joining Orrick, Hayden was an associate at Buckley LLP.

454522

Practice:

  • FDA & Healthcare Regulatory
  • Life Sciences & HealthTech
  • Strategic Advisory and Government Enforcement
  • Technology Companies Group
  • Technology & Innovation

Melania Jankowski Managing Associate

Boston

Her experience includes advising on corporate practice of medicine and scope of practice issues, state licensure requirements for physicians and non-physician practitioners, controlled substance prescribing considerations, and health care privacy concerns. Melania also assists with regulatory due diligence for stakeholders interested in investments in digital health and health care technology ventures.

Practice:

  • Technology & Innovation Sector
  • Life Sciences & HealthTech
  • Cyber, Privacy & Data Innovation
  • Strategic Advisory and Government Enforcement

Thora Johnson Partner

Washington, D.C.

Thora works with medical device, pharmaceutical, biotech and digital health companies, helping them navigate the increasingly complex patchwork of state and federal health privacy laws. One client described her to the Legal 500 as a “very practical” advisor providing “exceptional guidance” on health information privacy and HIPAA compliance matters.

Her breadth and depth of experience enable Thora to assist clients in harnessing the power of artificial intelligence and executing data-sharing arrangements, all while protecting health data. As a result, Thora spends much of her time counseling pioneering startups and high-growth companies on responsible innovation in healthcare and life sciences.

Thora brings extensive experience counseling clients, including Fortune 500 companies and brick and mortar providers, on the Health Insurance Portability and Accountability Act (HIPAA) and other state and federal health privacy and regulatory compliance regimes including:

  • Office of the National Coordinator for Health Information Technology’s interoperability and information blocking regulations
  • Centers for Medicare & Medicaid Service’s (CMS’s) interoperability and patient access regulations
  • Part 2 confidentiality requirements applicable to substance abuse records
  • State health information privacy laws
  • State consumer privacy laws with special controls for health data
  • Medicare/Medicaid compliance
  • Mental Health Parity and Addiction Equity Act (MHPAEA)
  • Genetic Information Nondiscrimination Act (GINA)
  • Affordable Care Act (ACA) compliance
  • Regulatory requirements of the Employer Retirement Income Security Act (ERISA), the Internal Revenue Code, HIPAA, and the ACA as they apply to employer health and wellness plans

Thora routinely helps companies and large employers prepare for and respond to privacy and security incidents involving health information. She also defends clients in government investigations initiated by the OCR, OIG, DOJ, FTC and State AGs, among others.

453686

Practice:

  • FDA & Healthcare Regulatory
  • Life Sciences & HealthTech
  • Strategic Advisory and Government Enforcement
  • Technology Companies Group
  • Technology & Innovation

Amy M. Joseph Partner

Boston

Amy works with digital health companies, health systems and other public and private companies—from new entrants to seasoned organizations—to address regulatory compliance and transactional needs. She also advises investors and collaborates with clients to understand their business goals and tailor practical solutions to help them achieve those objectives. Amy is well-versed in the corporate governance, data privacy, and security and scope-of-practice considerations facing the healthcare industry as it incorporates artificial intelligence (AI) and machine-learning (ML) solutions into clinical workflows. Her practice includes structuring and scaling national telehealth practices across a range of clinical disciplines, including complex collaborative arrangements involving labs, medical device manufacturers, remote patient monitoring solutions and pharmacies.

Amy spends much of her time working with clients on vetting and developing strategic affiliations, joint venture transactions and other novel business arrangements, including developing value-based enterprises and otherwise identifying means to achieve further alignment among stakeholders. She advises on reimbursement issues with respect to federal healthcare programs, private payors and self-pay business models. She also helps develop compliance programs and advises on related protocols and best practices.

In particular, Amy advises on physician self-referral, anti-kickback and other fraud and abuse law matters as well as on patient privacy matters, including HIPAA, 42 CFR Part 2 and corresponding state-level compliance. Amy also assists with internal investigations and assessing and responding to the results, including developing corrective action recommendations and self-disclosures.

A sought-after speaker and prolific writer on some of the most complex and critical issues in healthcare law, Amy shares her insights in publications and presentations across the country. She co-authored chapters in numerous publications, including the telemedicine chapter of the American Bar Association’s Physician Law: Evolving Trends & Hot Topics and a chapter addressing telehealth in the MCLE Massachusetts Health and Hospital Law Manual.

Chambers USA notes that Amy has “deep expertise in matters that impact healthcare providers and healthcare transactions,” “is a terrific resource on a range of regulatory issues” and “an expert in the Stark Law.”

Amy graduated first in her class at UCLA Law and was elected to the Order of the Coif. Prior to law school, Amy served in the U.S. Air Force.

Practice:

  • Technology & Innovation Sector

Sundeep Kapur Partner

Washington, D.C.

Sundeep is also a leading advisor in the rapidly evolving advertising ecosystem and possesses an in-depth technical and legal understanding of adtech across all channels (e.g., connected TV, linear TV, over-the-top media, desktop, mobile web, mobile app). He participates in adtech working groups and is a key contributor to the development of industry-wide privacy compliance solutions. He advises on compliance with self-regulatory regimes developed by the Network Advertising Initiative (NAI), the Interactive Advertising Bureau (IAB), and the Digital Advertising Alliance (DAA). The IAB named him Outstanding Contributor to Legal Affairs in 2024 for his significant impact on the adtech ecosystem through his work on such industry-wide initiatives.

Sundeep is accredited by the International Association of Privacy Professionals (IAPP) as a Certified Information Privacy Professional in the United States (CIPP/US). He is also a member of Law360's 2025 Cybersecurity & Privacy Editorial Advisory Board.

431285

Practice:

  • Fintech
  • Financial & Fintech Advisory
  • Strategic Advisory and Government Enforcement
  • Finance
  • Risoluzione contenziosi e vertenze complesse
  • Indagini interne
  • Difesa class action

Amanda Lawrence Partner

Washington, D.C.

She is a trusted adviser to and first call in high-stakes litigation and enforcement matters, including government investigations, regulatory examinations, class action and complex litigation, and internal investigations. Her matters include investigations, examinations, and enforcement actions before the CFPB, FTC, federal and state bank regulators and state attorneys general, including defending a leading bank in one of the CFPB’s first enforcement actions—a joint investigation and enforcement action with the FDIC.

Amanda also represents clients in bet the company litigation, including financial institutions and lenders in residential mortgage-backed securities (RMBS) matters, consumer class actions and other complex civil litigation matters.

Amanda is well versed in all aspects of her clients’ business and is known for providing thoughtful and practical advice. She leverages her experience with litigation and enforcement agencies to stay ahead of regulatory trends impacting the finance and fintech industries. Key among these is data monetization and regulators’ heightened focus on how data is collected, used, stored and transferred. Amanda’s practice started in the cyber and privacy spheres, and today she helps clients manage compliance with the Gramm-Leach-Bliley Act (GLBA) and Regulation P, the Safeguards Rule, the Fair Credit Reporting Act (FCRA), the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Amanda formerly served as a member of Orrick's Management Committee. Prior to joining Orrick, Amanda was a partner at Buckley LLP, where she was a member of the partner board. She also has an active pro bono practice.
431304

Practice:

  • Financial & Fintech Advisory
  • Strategic Advisory and Government Enforcement
  • Cyber, Privacy & Data Innovation
  • Fintech
  • Government Investigations and Enforcement Actions

Sasha Leonhardt Partner

Washington, D.C.

Sasha also has substantial experience advising clients on the Servicemembers Civil Relief Act (SCRA), Military Lending Act (MLA), Consumer Financial Protection Act (CFPA), Truth in Lending Act (TILA), Real Estate Settlement Procedures Act (RESPA), Equal Credit Opportunity Act (ECOA), Fair Housing Act (FHA), and Fair Debt Collection Practices Act (FDCPA). He advises companies, non-profits and industry associations with consumer privacy issues arising from the Gramm-Leach-Bliley Act (GLBA) and Regulation P, the Fair Credit Reporting Act (FCRA) and its Affiliate Marketing Rule and state and federal laws that address data privacy and information security.

In addition to representing clients, Sasha has published numerous articles on various aspects of consumer financial services law and practice, including data privacy, class action litigation, white collar litigation, whistleblower lawsuits and recent trends in regulation and enforcement. He also maintains an active pro bono practice and serves as a member of the Legal Counsel for the Elderly’s Young Lawyers Alliance. A frequent speaker on a variety of legal topics, Sasha has taught at Duke University School of Law and American University Washington College of Law, and was previously a Professorial Lecturer in Law at the George Washington University Law School.

Prior to joining Orrick, Sasha was a partner at Buckley LLP. He also previously served as Deputy Press Secretary to Maryland Governor Martin O’Malley. He is accredited as a Privacy Law Specialist, a Fellow of Information Privacy, a Certified Information Privacy Manager (CIPM/US), and a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals.

431361

Practice:

  • Financial & Fintech Advisory
  • Strategic Advisory and Government Enforcement
  • Fintech

Elizabeth McGinn Partner

Washington, D.C.; New York

In conjunction with this work, she develops policies and procedures, records retention schedules and training materials. A significant part of her practice involves addressing data security breaches, working proactively with clients to prevent such breaches from occurring, and advising clients in responding to regulatory inquiries, investigations and enforcement actions related to privacy, information security and cybersecurity issues. She also assists numerous professional sports teams comply with data privacy concerns, consumer financing laws and payment system issues.

Beth also represents financial institutions, corporations and individuals in a wide range of matters. She advises clients in investigations, examinations and litigation initiated by the Consumer Financial Protection Bureau (CFPB), the New York Department of Financial Services (NYDFS), the Department of Justice (DOJ), the Federal Trade Commission (FTC), state attorneys general and bank regulatory agencies. She has represented financial institutions in class action litigation concerning federal and state fair lending laws, mortgage fraud, unfair and deceptive trade practices statutes, consumer fraud statutes and consumer privacy laws. She has extensive experience counseling clients in response to federal and state subpoenas and handling all aspects of e-discovery.

Over the course of her career, Beth has represented clients in matters involving simultaneous criminal, civil administrative and congressional proceedings. She has defended clients in matters relating to money laundering compliance issues and investigations and litigation by the U.S. Attorney’s Office for the Southern District of New York (SDNY), the Manhattan District Attorney’s Office, the Department of Treasury, the Securities and Exchange Commission (SEC), and various congressional committees, including the U.S. Committee on Homeland Security and Government Affairs Permanent Subcommittee on Investigations, the U.S. House Financial Services Committee and the U.S. House Committee on Oversight and Government Reform.

Beth has published and spoken on a variety of topics, including privacy, cybersecurity, electronic discovery, vendor management and consumer financial services litigation. She authored the chapter on “Oversight of Compliance and Control Responsibilities” for Navigating the Digital Age – The Definitive Cybersecurity Guide for Directors and Officers. She has been recognized for her work in Cyber Law (Data Protection and Privacy) by Legal 500 since 2013, which describes her as “outstanding on privacy and e-discovery issues,” “able to advise both on the regulatory and litigation sides of problems,” an attorney who "exceeds expectations on response and turnaround times,” “has strong industry knowledge in data security and privacy, and is able to walk the fine line between operational efficiency and regulatory compliance' when developing IT policies.” It also described her as “top notch, incredibly responsive, thoughtful, and provides advice that is both practical and efficient.”

Prior to joining Orrick, Beth was a partner at Buckley LLP where she was Co-chair of the firm’s Privacy, Cyber Risk & Data Security practice and E-discovery Committee. Previously she was an associate at Skadden, Arps, Slate, Meagher & Flom. She clerked for Federal Magistrate Judge P. Trevor Sharp of the United States District Court for the Middle District of North Carolina after law school. Beth is a Certified Information Privacy Professional (CIPP/US).

740

Practice:

  • Technology & Innovation Sector
  • eDiscovery e gestione dei dati
  • Cyber, Privacy & Data Innovation
  • Indagini globali
  • FCPA & Anti–Corruption
  • Risoluzione contenziosi e vertenze complesse
  • Difesa class action

Jeffrey McKenna Senior Attorney, eDiscovery and Privacy

San Francisco

Recent representative engagements include advising a large multinational client on compliance with data privacy laws in eight countries throughout the EU and Asia during multi-district litigation, assisting a large foreign corporation balance its disclosure obligations resulting from a federal consent decree with its obligations under the GDPR and various EU Member State employee privacy laws, assisting several multinationals efficiently navigate the complexities raised by the GDPR and CCPA, and successfully advocating in state court proceedings against burdensome discovery-on-discovery sought from his client while simultaneously prevailing on his own client’s request for such discovery from the opposing party. His litigation experience includes all aspects of civil litigation in state and federal courts, including all phases of discovery, post-trial motions and appeals.

Jeffrey has spoken extensively on the issues of privacy, cybersecurity, and discovery. Publications include articles in the New York Law Journal, LegalTech News, the National Law Journal and co-authoring The Sedona Conference Principles on Privacy and Information Security for Lawyers, Law Firms, and Other Legal Service Providers.  Jeffrey is also an active participant in various initiatives by Lawyers for Civil Justice, including efforts currently underway to enhance protections for cybersecurity and personal information during legal proceedings, particularly during the discovery process.

Prior to joining Orrick, Jeffrey was a senior associate at Skadden, Arps, Slate, Meagher & Flom, LLP. His practice focused on complex commercial disputes, class action defense, and related eDiscovery and data privacy issues.

423077

Practice:

  • Cyber, Privacy & Data Innovation

Vertis McMillan Associate

New York

Vertis counsels clients on the implementation of global privacy programs and privacy-related contracts. He advises on United States (U.S.) state privacy laws and the impact of international laws from a U.S. perspective, including the General Data Protection Regulation (GDPR) and the EU Artificial Intelligence Act.

Vertis also helps clients design and operationalize AI governance programs. He advises clients on the responsible use of AI by employees, the risks presented by AI tools, the sourcing and use of AI training data, and the development of consumer-facing AI systems.

During law school, Vertis served as an extern with the New Jersey Division of Law’s Section of Data Privacy & Cybersecurity and interned with the United Nations Office of Strategic Planning. He also participated in his law school’s Intellectual Property Law Journal.

Prior to law school, Vertis worked as a Data Research Analyst at Bloomberg LP.