E Finn

Edward J. Finn

426 W. Lancaster Avenue, Suite 200
Devon, PA 19333

Office: (267) 930-4776


William & Mary Law School
Juris Doctor, 2011

The Pennsylvania State University
Bachelor of Arts, Political Science, 2008


  • Pennsylvania
  • U.S. District Court for the Eastern District of Pennsylvania
  • New Jersey

Practice Areas

Ed Finn assists clients with ensuring compliance with a wide variety of data privacy rules, statutes and regulations, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA) and its amendments and state consumer and data protection statutes.

Mr. Finn counsels his clients as they respond to data compromise events, assisting clients with conducting forensic investigations and navigating the myriad regulations governing entities’ responses to these events. After a compromise or potential compromise, Mr. Finn ensures his clients meet their varied legal obligations, and has assisted with his clients’ defense against individual, business to business representative and putative class action suits. Additionally, Mr. Finn has helped guide clients through regulatory investigations from the Office for Civil Rights (OCR), the Federal Trade Commission (FTC) and various state Attorneys General.

Mr. Finn also assists his clients with preventative data security issues. Mr. Finn counsels clients on proper risk assessment protocols, helps them develop compliance policies and procedures and incident response plans and advises clients on contract formation and business transactions to improve the organization’s position with regard to data that is shared with third-parties.

Mr. Finn has significant experience assisting clients across a wide-range of industries, including healthcare, retail, technology and education.


  • “America’s Cybersecurity and the War in Ukraine,” Tech360, Exton, PA, November 3, 2022
  • “Cyber Attacks and Incident Response: Trends and Takeaways,” American Global, Virtual, May 11, 2022
  • “Developments in Ransomware and Other Cybersecurity Threats and Issues,” 2021 RCM&D Consortium Services Program, Virtual, September 30, 2021
  • “Interactive Business Interruption Scenario,” NetDiligence Cyber Risk Summit 2021, Philadelphia, PA, July 13, 2021
  • “Data Privacy Administrative Law Refresher,” Wayne, PA, June 20, 2018
  • “Responding to Cyber Attacks – Using Structured Data Sources in Data Breach Investigations,” ABA Criminal Justice Section, New York, NY, August 10, 2017
  • “Cybercrime – What You Need To Know,” Cybersecurity Panel, Miami, FL, March 1, 2017
  • “Engaging Both Old and New Methods to Resolve Cyber Breach Claims,” 2017 Annual CLM Conference, Dallas, TX, February 23, 2017
  • “Bond School: Anatomy of a Cyber Claim,” Virtual, September 16, 2016
  • “Professional Liability – Lawyers: Global Perspectives on Data Collection, Transfer, Use and Disclosure,” 2016 Annual CLM Conference, Boston, MA, July 14, 2016
  • “Cyber Response Forum – We Have a Breach, Now What?,” Charlotte, NC, June 1, 2016
  • “Cyber Response Forum – We Have a Breach, Now What?,” Blue Bell, PA, April 27, 2016