Ed Finn assists clients with ensuring compliance with a wide variety of data privacy rules, statutes, and regulations, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA) and its amendments, and state consumer and data protection statutes.
Mr. Finn counsels his clients as they respond to data compromise events, assisting clients with conducting forensic investigations and navigating the myriad regulations governing entities’ responses to these events. After a compromise or potential compromise, Mr. Finn ensures his clients meet their varied legal obligations, and has assisted with his clients’ defense against individual, business to business representative and putative class action suits. Additionally, Mr. Finn has helped guide clients through regulatory investigations from the Office for Civil Rights (OCR), the Federal Trade Commission (FTC), and various state Attorneys General.
Mr. Finn also assists his clients with preventative data security issues. Mr. Finn counsels clients on proper risk assessment protocols, helps them develop compliance policies and procedures and incident response plans, and advises clients on contract formation and business transactions to improve the organization’s position with regard to data that is shared with third-parties.
Mr. Finn has significant experience assisting clients across a wide-range of industries, including health care, retail, technology, and education.