Jenna’s practice focuses on privacy and cybersecurity law.
Jenna is a member of the firm’s global privacy and cybersecurity practice. She routinely assists clients with issues related to privacy and data protection, data breaches and cybersecurity incidents, and matters involving the use, sharing and protection of sensitive information. Jenna regularly assists clients with identifying and managing privacy and data security risks, and counsels clients on compliance with all federal, state and international privacy and data security laws, with a particular focus on the California Consumer Privacy Act (CCPA), Children's Online Privacy Protection Act (COPPA) and the EU General Data Protection Regulation (GDPR). Jenna has assisted a number of clients with implementing enterprise-wide privacy compliance programs, and also has experience assisting clients with privacy-related issues in the ad tech space, including programmatic advertising, customer matching, and data licensing initiatives.
Active in pro bono work, she serves on the Junior Advisory Board of Her Justice, an organization providing pro bono matrimonial and custody-related legal services to low-income women in New York.
- Regularly advises clients (including in the fields of technology, media, health care, finance, educational, retail) in all aspects of cybersecurity incident response, including investigation, preparation of required notifications pursuant to state data breach notification laws, call center training, development of media strategies, and regulatory response.
- Regularly advises clients on compliance with global data breach notification laws and regulations.
- Assists companies with proactive cyber incident readiness, including analyzing cybersecurity risks, addressing policy issues and drafting incident response plans.
- Extensive experience advising on children’s privacy issues.
- Advises clients on privacy-related regulatory compliance with CCPA, COPPA, Gramm-Leach Bliley Act and HIPAA.
- Advises clients on cross-Atlantic data transfers and European data protection regulations, specifically post-Schrems II decision and General Data Protection Regulation (GDPR) compliance.
- Advises clients on compliance with FTC data privacy guidance, especially with regard to mobile devices.
- Advises clients on building privacy-by-design principles into the user experience of websites, apps and online services.
- Drafts and negotiates privacy and data security provisions for commercial contracts
- Conducts privacy and data security-related due diligence on acquisitions.
- Conducts and evaluates privacy impact assessments.
- Crafts information governance and information security policies and programs.