San Francisco + 1.415.875.5764

Sara Lynch's practice focuses on data privacy, cybersecurity, risk management, and internal investigations. She works with clients across industry sectors, counseling them on a range of issues and obligations under state, federal, and international consumer privacy statutes and regulations, including the California Consumer Privacy Act (CCPA), the Children's Online Privacy Protection Act (COPPA), the Health Insurance Portability and Accountability Act (HIPAA), and the General Data Protection Regulation (GDPR). Sara further assists clients in their compliance with voluntary data protection standards and certifications, such as the Service Organization Controls (SOC), the National Institute of Standards and Technology (NIST) Frameworks, and the Federal Risk and Authorization Management Program (FedRAMP). Sara also advises buyers and sellers in corporate transactions involving cybersecurity, data privacy, and intellectual property matters.

Sara has experience in all aspects of breach response, including forensic investigations, analyses of applicable regulations, notification of individuals and regulators, and remediation. She has assisted multinational clients in the health care, enterprise software, automotive, and other industries respond to and recover from malware attacks.

Sara maintains an active pro bono practice, in which she develops privacy policies, terms of use, cookie notices, and licensing agreements for nonprofit organizations' websites, applications, and programs. She also assists with the Firm's human trafficking initiative and advises health care providers on the legal requirements for reporting and education when treating victims of human trafficking.


  • Qubiqle (d/b/a Plate IQ) raises $160 million from FTV CapitalJones Day advised Qubiqle (d/b/a Plate IQ) in the sale of a majority equity stake to FTV Capital for $160 million.
  • Board committee of U.S. public company conducts internal review of related-party transactionsJones Day represented the special committee of a U.S. public company in connection with its internal investigation of related-party transactions in the U.S. and China involving company founders and senior executives.
  • Speaking Engagements