Brittany advises clients in identifying, evaluating and managing complex global privacy and information security risks and compliance issues.
Brittany Bacon is a partner in the firm’s top-ranked Global Privacy and Cybersecurity practice. She has national recognition for her work in the areas of privacy and data security. Chambers USA 2018 quotes clients who call her “very diligent, intelligent and hard-working” and “very client-focused, attentive and responsive.” Chamber USA 2018 also quotes a client who calls her “one of the very best individuals I have worked with on privacy-related matters.” Legal 500 refers to Brittany as “a rising star in the cybersecurity world,” listing her as a “Next Generation Lawyer” for cyber law. In 2018, Brittany was also named a New York Law Journal “Rising Star” and a Law360 “Rising Star” in privacy and cybersecurity.
Brittany assists clients in identifying, evaluating and managing a panoply of global privacy and information security risks and compliance issues. A significant aspect of her practice is advising large, multi-national companies on catastrophic cybersecurity incidents. This includes advising clients on data breach notification responsibilities, counseling them on responding to multi-jurisdictional regulatory investigations, and providing strategic advice in the breach context for managing inquiries from Boards of Directors, consumers, media and potential acquiring companies in a deal setting. Brittany helps companies design and build privacy and data security governance programs, and develop written policies, procedures and standards. She advises clients on conducting proactive breach preparedness activities, including developing workable incident response plans and legal breach notification procedures, running executive-level tabletops with data breach hypotheticals, and engaging third-party experts (such as forensic investigation firms, credit monitoring services, PR firms and call centers) in advance of an incident.
In relation to her privacy compliance practice, Brittany has extensive experience in advising clients on state, federal and international privacy laws. She routinely conducts privacy impact assessments and advises companies on managing risk in connection with extensive and innovative data collection and use. She works with start-ups whose technology is often years ahead of the laws designed to regulate it. She also regularly negotiates privacy and data security provisions of complex commercial and technology-related contracts and helps companies design robust vendor management programs.
Advised over 50 companies (including health care companies, retailers, consumer goods companies, and financial institutions) on data breach and cybersecurity incident response, including preparation of required notifications pursuant to state breach notification laws, the HITECH Act and Interagency Guidance, call center training and development of media strategies.
Advised major multi-national company with a data security incident extending to 78 countries, managed the U.S. legal escalation call center and responded to multiple international data protection authorities.
Advises clients on FTC, SEC and state Attorney General (including Multistate Task Force) investigations and enforcement actions for alleged data security and privacy violations.
Provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness.
Assisted Fortune 100 company in responding to congressional inquiries relating to a cybersecurity incident.
Prepares comprehensive data security policies, standards and procedures in connection with corporate information security programs.
Assists clients with complying with privacy and information security requirements, including under GLB, HIPAA and state information security laws.
Advises clients on managing FTC Consent Orders and CIDs in connection with data security incidents.
Advised major global bank on massive cyber intrusion.
Advised multinational clients on Safe Harbor certification and annual recertification.
By collecting this information, we learn how to best tailor this site to our visitors. To learn more, view our