Recognized as a Board Certified Specialist in Privacy and Information Security Law by the State of North Carolina, Erin is an experienced thought leader in privacy, data security, and the integration of technology into business practices. Erin is co-chair of Bradley’s Cybersecurity and Privacy Practice Group and leads the firm’s Fintech team.
Erin is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. She regularly advises clients on CCPA, GLBA, HIPAA, COPPA, CAN-SPAM, FCRA, security breach notification laws, and other U.S. state and federal privacy and data security requirements, and global data protection laws. In addition to providing proactive privacy and information security compliance and legal advice, Erin manages privacy-related enforcement actions and litigation. Her practice includes representing companies in reactive incident response situations, including insider cybersecurity threats, electronic and physical theft of trade secrets, and investigation, analysis, and notification efforts with respect to security incidents and breaches.
Erin also counsels clients on a variety of e-commerce, electronic marketing, digital contracts and security issues, including compliance advice relating to the development of new digital products and services; drafting and reviewing privacy-related policies and procedures and consumer-facing privacy notices; performing gap analysis and risk assessments related to the handling of sensitive data; oversight and review of third-party agreements and privacy compliance programs; and ensuring that existing products, services and marketing activities comply with privacy-related regulations. Erin advises clients on the implementation of digital services and products, operationalization of e-contract transactions under ESIGN and UETA, review of policies and procedures, gap analysis and risk assessments related to the handling of sensitive data, third-party agreements, vendor oversight and compliance programs. She has experience advising technology and e-advertising clients regarding compliance with state and federal laws, including the use and disclosure of consumer information and data privacy practices, under regulations such as TCPA, UDAAP/UDAP and associated FTC rules. In addition, her practice also includes handling disputes, litigation and enforcement actions related to data privacy violations.
Articles in the National Law Review database by Erin Jane Illman