Skip to main content

Nixon Peabody LLP

  • People
  • Capabilities
  • Insights
  • About
Trending Topics
    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    Practices

    View All

    • Affordable Housing
    • Community Development Finance
    • Corporate & Finance
    • Cybersecurity & Privacy
    • Entertainment & Media
    • Environmental
    • Franchising & Distribution
    • Government Investigations & White Collar Defense
    • Healthcare
    • Intellectual Property
    • International Services
    • Labor, Employment, and Benefits
    • Litigation
    • Private Wealth & Advisory
    • Project Finance
    • Public Finance
    • Real Estate
    • Regulatory & Government Relations
    Industries

    View All

    • Aviation
    • Cannabis
    • Consumer
    • Energy
    • Financial Services
    • Healthcare
    • Higher Education
    • Infrastructure
    • Manufacturing
    • Nonprofit Organizations
    • Real Estate
    • Sports & Stadiums
    • Technology
    Value-Added Services

    View All

    • Alternative Fee Arrangements

      Developing innovative pricing structures and alternative fee agreement models that deliver additional value for our clients.

    • Continuing Education

      Advancing professional knowledge and offering credits for attorneys, staff and other professionals.

    • Crisis Advisory

      Helping clients respond correctly when a crisis occurs.

    • DEI Strategic Services

      Providing our clients with legal, strategic, and practical advice to make transformational changes in their organizations.

    • eDiscovery

      Leveraging law and technology to deliver sound solutions.

    • Environmental, Social, and Governance (ESG)

      We help clients create positive return on investments in people, products, and the planet.

    • Global Services

      Delivering seamless service through partnerships across the globe.

    • Innovation

      Leveraging leading-edge technology to guide change and create seamless, collaborative experiences for clients and attorneys.

    • IPED

      Industry-leading conferences focused on affordable housing, tax credits, and more.

    • Legal Project Management

      Providing actionable information to support strategic decision-making.

    • Legally Green

      Teaming with clients to advance sustainable projects, mitigate the effects of climate change, and protect our planet.

    • Nixon Peabody Trust Company

      Offering a range of investment management and fiduciary services.

    • NP Capital Connector

      Bringing together companies and investors for tomorrow’s new deals.

    • NP Second Opinion

      Offering fresh insights on cases that are delayed, over budget, or off-target from the desired resolution.

    • NP Trial

      Courtroom-ready lawyers who can resolve disputes early on clients’ terms or prevail at trial before a judge or jury.

    • Social Impact

      Creating positive impact in our communities through increasing equity, access, and opportunity.

    • Women in Dealmaking

      We provide strategic counsel on complex corporate transactions and unite dynamic women in the dealmaking arena.

    1. Home
    2. Capabilities
    3. Practices
    4. Cybersecurity & Privacy

      Practices

    Cybersecurity & Privacy

    The cybersecurity and data privacy landscape is shifting quickly, challenging organizations to comply with new, complex regulatory requirements. Our team of data privacy attorneys can protect your operations and information.

    /Overview

    Leaders in the US and abroad require system-wide data privacy and cybersecurity plans that address the mandates of an intricate web of international, federal, and state law. We develop system-wide data privacy and cybersecurity plans that address the mandates of the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the NY SHIELD Act, among others. Our team helps protect your operations and information while guided by your strategic goals and technology infrastructure.

    More than ever, organizations face mounting threats to their data security. If a breach occurs, we deploy a cross-functional response team, which includes Certified Information Privacy Professionals (CIPP/US). We regularly assist clients affected by cyber incidents, direct large-scale breach responses, and resolve disputes arising from breaches, consumer privacy suits, and enforcement actions.

    Stay one step ahead by partnering with NP.

    /Representative experience

    • Affiliated healthcare provider network: Advised the group after their collective network was victimized by a ransomware attack, working closely with forensic investigators to assess the scope of network penetration and counselling on reporting requirements and remediation
    • Digital healthcare solutions platform: Guided a cloud-based healthcare software solutions company through ransomware attack response
    • Hospital: Defending a hospital in a data breach class action in connection with Protected Health Information (PHI) and Personally Identifiable Information (PII)
    • International auto manufacturer: Advising a German multinational corporate manufacturer of luxury vehicles and motorcycles on cross-border transfers of information related to connected driving technology
    • Multinational consumer products provider: Providing data privacy compliance counsel to an American multinational consumer products company
    • US professional basketball team: Assisting an NBA basketball team on matters including negotiation of an SaaS agreement relating to SMS marketing and advice on best practices under the TCPA for conducting an SMS marketing campaign

    A Little Privacy, Please!®

    Slide the carousel bar for all episodes of A Little Privacy, Please! where hosts Jason Kravitz and Jenny Holmes explore the privacy topics business leaders need to prepare against and respond to the latest cyberthreats.

    • We delve into privacy and the First Amendment with Professor Mary Anne Franks, who shares insights from her book Fearless Speech.

      Privacy and the First Amendment

      We delve into privacy and the First Amendment with Professor Mary Anne Franks, who shares insights from her book Fearless Speech.

    • Guests Tony Martino and Rolin “Bud” Peets share best practices for investigating, mitigating, and remediating cybersecurity and data breach incidents on “A Little Privacy, Please!”

      Cybersecurity and Data Breach Response

      Guests Tony Martino and Rolin “Bud” Peets share best practices for investigating, mitigating, and remediating cybersecurity and data breach incidents on “A Little Privacy, Please!” podcast.

    • A Little Privacy, Please! as Kalindhi Bhatia, a tech and media lawyer from Mumbai, discusses developments in India's privacy laws

      India's Evolving Privacy Landscape

      Watch a new episode of A Little Privacy, Please! as Kalindhi Bhatia, a tech and media lawyer from Mumbai, discusses developments in India's privacy laws, including new regulations and compliance requirements.

    • Strengthening Municipal Cybersecurity

      Strengthening Municipal Cybersecurity

      Matthew Gerstenfeld of Munichain discusses municipal cybersecurity challenges and solutions on the latest episode of A Little Privacy, Please!®

    • Professor Hartzog on Web Scraping, AI, and Privacy

      Professor Hartzog on Web Scraping, AI, and Privacy

      We discuss web scraping, AI, and privacy with Professor Woodrow Hartzog from Boston University School of Law.

    • Improving Cybersecurity for Small and Medium-Sized Businesses

      Improving Cybersecurity for Small and Medium-Sized Businesses

      Discover cost-effective cybersecurity tips and post-cyberattack strategies for small businesses in this insightful discussion with Focus Technology’s CTO Larry Veino.

    • Cybersecurity risk and public finance credit ratings with Michael Taylor

      Cybersecurity risk and public finance credit ratings

      Guests Michael Taylor and Rudy Salo share insights on how the public finance market incorporates cybersecurity risk into the due diligence and credit rating process.

    • California Invasion of Privacy Act (CIPA) | A Little Privacy, Please! | Nixon Peabody LLP

      What’s driving the increase in CIPA class action litigation?

      Stacy Boven explains the California Invasion of Privacy Act, the recent flood of CIPA-related class action litigation in California, and what companies with public facing websites need to know to protect themselves.

    • Data protection laws in Canada

      Data protection laws in Canada

      Learn about the evolution of the Canadian data privacy landscape, from PIPEDA to CPPA, with guest Jade Buchanan, a technology and privacy attorney based in Vancouver.

    • Cybersecurity in the EU beyond the GDPR - Stefano Mele shares insight on EU cybersecurity regulations beyond GDPR, including Italian cybersecurity laws.

      Cybersecurity in the EU beyond the GDPR

      Stefano Mele shares insight on EU cybersecurity regulations beyond GDPR, including Italian cybersecurity laws.

    • Intimate privacy in the digital age

      Intimate privacy in the digital age

      Professor Danielle Citron’s book, The Fight for Privacy, explores intimate privacy and the challenges of protecting personal information in the digital age.

    • Data privacy consultant Data privacy consultant Verónica Siten Salgado provides an overview of Mexico's Data Protection Law and key considerations for businesses advertising in Mexico.

      Data Protection Laws in Mexico

      Data privacy consultant Data privacy consultant Verónica Siten Salgado provides an overview of Mexico's Data Protection Law and key considerations for businesses advertising in Mexico.

    • How do EU companies respond to ransomware attacks?

      How do EU companies respond to ransomware attacks?

      Guest Louise Mehl of Implement Consulting Group joins A Little Privacy, Please!® hosts Jason Kravitz and Jenny Holmes to discuss the contrasting responses of EU and U.S. companies to ransomware attacks.

    • Cyber War Games with Sarah Gossler

      Cyber War Games with Sarah Gossler

      If cyber war games sound like your idea of fun, then this is the conversation for you! We're speaking with Sarah Gossler, the global head of Cyber Threat Simulation and the Engineering chief of staff at BNY Mellon. Sarah manages BNY Mellon's Office of the CIO and is responsible for cyber-attack-simulation training.

    • The Next Generation of Privacy Lawyer - Kromann Reumert partner Christel Teglers shares her advice for aspiring data privacy lawyers

      The Next Generation of Privacy Lawyer

      Is a new generation of data privacy and technology lawyer emerging? Kromann Reumert partner Christel Teglers shares her advice for aspiring data privacy lawyers.

    • HR’s role in cybersecurity with Kassandra McGlone

      HR’s role in cybersecurity

      Kassandra McGlone shares how a strong human resources team can help companies to avoid, navigate, and recover from cyberattacks.

    • TCPA 101 with Troy Lieberman, Attentive

      TCPA 101 with Troy Lieberman, Attentive

      NP alumnus and Attentive VP of Legal Troy Lieberman offers practical advice for businesses navigating the Telephone Consumer Protection Act.

    • LGPD: Brazil’s data protection law

      LGPD: Brazil’s data protection law

      Learn about Brazil’s data protection law, LGPD, and how it compares to GDPR from guest speaker Renata Ciampi.

    • Generative AI copyright and privacy issues

      Generative AI copyright and privacy issues

      Guest Jakub Pietrasik discusses generative AI and its privacy and copyright issues from the perspective of an attorney practicing in Poland.

    • Cyber Insurance Insights

      Cyber insurance insights

      Stay up-to-date on the latest cyber insurance developments as Jason Kravitz and Jenny Holmes interview Neel Desai, vice president, Cyber practice at Lockton.

    • UK privacy law update with Jas Kaur

      UK privacy law update with Jas Kaur

      Jas Kaur is a senior manager and senior legal officer at Autodesk in the UK. She joins us on A Little Privacy, Please! to discuss UK privacy law and what it means for CCTV, facial recognition, and more.

    • What companies should know about the New York SHIELD Act

      What companies should know about the New York SHIELD Act

      Chris Mason breaks down the unique requirements of the New York SHIELD Act and what it means for businesses in New York and beyond.

    • Cyber risk in the municipal bond market

      Cyber risk in the municipal bond market

      Rudy Salo explains how cyberattacks affect borrowing rates in the municipal market.

    • Are online tracking technologies like pixels HIPAA compliant?

      Are online tracking technologies like pixels HIPAA compliant?

      Valerie Montague discusses online tracking technologies in the healthcare space, which can have serious HIPAA implications.

    • Building an effective privacy team with Vanessa McKay, Tripadvisor

      Building an effective privacy team with Vanessa McKay, Tripadvisor

      Tripadvisor Corporate Counsel Vanessa McKay shares best practices for building a global privacy and data protection team.

    • Why did Italy ban ChatGPT?

      Why did Italy ban ChatGPT?

      Leslie Hartford provides insights on the wave of generative AI tools hitting the market and discusses the privacy issues raised by ChatGPT along with the pitfalls businesses must watch for.

    • What is web scraping?

      What is web scraping?

      Jason Kunze gives us an overview of the web scraping landscape with a look at recent rulings and whether they help to clarify some of the legal questions surrounding web scraping activities.

    • A Little Privacy Please

      A Little Privacy Please!

      In their introductory episode, Jason and Jenny share what led their practice into the world of privacy law. They also highlight topics they plan to explore throughout the series.


    /Related Services

    • Biometric Information Privacy Act (BIPA)
    • Health Information - Privacy, Security & Data Sharing
    • TCPA & Consumer Privacy
    Valerie Montague / Healthcare Lawyer / Nixon Peabody LLP
    Hospitals, physician practices, and other entities that use pixel-tracking technologies should analyze whether they are impermissibly disclosing patient protected health information.

    Valerie Breslin MontaguePartner

    Our Team

    See Full Team
    • Jason C. Kravitz

      Partner / Leader, Cybersecurity & Privacy
      • Boston
      • Office:+1 617.345.1318
      • jkravitz@nixonpeabody.com
      Jason C. Kravitz
    • Jenny L. Holmes

      Partner / Deputy Leader, Cybersecurity & Privacy
      • Rochester
      • Office:+1 585.263.1494
      • jholmes@nixonpeabody.com
      Jenny L. Holmes
    • Leslie Hartford

      Counsel
      • Boston
      • Office:+1 617.345.1369
      • lhartford@nixonpeabody.com
      Leslie Hartford
    • Valerie Breslin Montague

      Partner
      • Chicago
      • Office:+1 312.977.4485
      • vbmontague@nixonpeabody.com
      Valerie  Breslin Montague
    • Christopher M. Mason

      Partner / Deputy Leader, Class Actions & Aggregate Litigation / Leader, Arbitration Team
      • New York City
      • Office:+1 212.940.3017
      • cmason@nixonpeabody.com
      Christopher M. Mason
    • Jéna M. Grady

      Partner
      • New York City
      • Office:+1 212.940.3114
      • jgrady@nixonpeabody.com
      Jéna M. Grady
    See Full Team

    Insights And Happenings

    View All
    • Video

      Professor Mary Anne Franks on Privacy and the First Amendment

      Cybersecurity & Privacy
      April 21, 2025
    • Alert

      FCC partially delays new TCPA consent revocation rules

      April 11, 2025
    • Video

      Cybersecurity and Data Breach Response

      Cybersecurity & Privacy
      April 1, 2025
    View All

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    • Cookie Preferences
    • Privacy Policy
    • Terms of Use
    • Accessibility Statement
    • Statement of Client Rights
    • Purchase Order Terms & Conditions
    • Nixon Peabody International LLC
    • PAL
    © 2025 Nixon Peabody. All rights reserved