Jennifer L. Rathburn is a partner with Foley & Lardner LLP. Jennifer focuses her practice on counseling clients on data protection programs, data incident management, breach response and recovery, monetization of data, and other privacy and security issues. She is one of the founders of the Midwest Cyber Security Alliance and has a deep understanding of the complex risk, operational, and legal issues companies must address to maintain the confidentiality of, access to, and integrity of their data.
As a member of the firm’s Technology Transactions & Outsourcing and Privacy, Security & Information Management Practices, Jennifer routinely helps clients prepare for and respond to data security incidents, from preparing incident response plans and advising on cybersecurity programs, to handling the breach notification response process.
Her depth of experience in this area and her collaboration with IT, risk, forensic, dark web, communication/PR, and other data experts provides a multi-disciplinary, practical approach to client issues.
Additionally, Jennifer guides clients in all aspects of preparing for and maintaining compliance with U.S. and global privacy and data security laws including the California Consumer Privacy Act of 2018 (CCPA), and the EU’s General Data Protection Regulation (GDPR).
Such efforts include conducting readiness assessments; performing data mapping and inventory; reviewing and revising privacy, data security, and incident response policies and plans; updating customer- and employee-facing privacy and consent notices as well as third-party vendor templates and agreements; evaluating the appointment of a Data Protection Officer; and educating and training board members, staff, and other key stakeholders.
- Counsels clients on handling privacy and security investigations and assists clients through the security breach notification process
- Advises on big data, data monetization, the Internet of Things, and de-identification/anonymization
- Drafts and reviews privacy and security policies and procedures, including enterprise-wide and department-specific policies and procedures and privacy notices
- Conducts privacy and security risk assessments
- Reviews vendor management practices, including preparation of vendor due diligence checklists and review of contractual liability issues
- Creates and counsels clients on security incident response plans
- Advises clients in the areas of federal privacy and security laws, including HIPAA, FERPA, GINA, and the Confidentiality of Alcohol and Drug Abuse Treatment Records (42 CFR Part 2), as well as state law governing the confidentiality of medical records
- Advises clients on obtaining incentives for certifying, adopting, and implementing electronic health records and meeting meaningful use requirements
- Works with strategic partners in forensics and investigation, IT technical and physical security compliance and management, cybersecurity, data classification, data analytics, public relations, and crisis management
Jennifer obtained her law degree from St. Louis University School of Law (J.D., magna cum laude, 2000), where she also earned a Health Law Certificate and was a member of the St. Louis University Law Journal and the Health Law Society. She earned a bachelor’s degree in psychology from the University of Kentucky (B.A., magna cum laude, 1996) and graduated Phi Beta Kappa.
She also earned a Kellogg School of Management Certification from Northwestern University (2016), and a certification from Harvard Law School’s Leadership Development Program (2017).
Admissions and Professional Memberships :
Jennifer is licensed to practice in Wisconsin and Illinois. She is a founder of the Midwest Cyber Security Alliance. Jennifer is also a member of the American Bar Association, American Health Lawyers Association, American Health Information Management Association, and the International Association of Privacy Professionals.
Rate : $$$$