SaraLynch

Sara Lynch's practice focuses on data privacy, cybersecurity, risk management, and internal investigations. She works with clients across industry sectors, counseling them on a range of issues and obligations under state, federal, and international consumer privacy statutes and regulations, including the California Consumer Privacy Act (CCPA), the Children's Online Privacy Protection Act (COPPA), the Health Insurance Portability and Accountability Act (HIPAA), and the General Data Protection Regulation (GDPR). Sara further assists clients in their compliance with voluntary data protection standards and certifications, such as the Service Organization Controls (SOC), the National Institute of Standards and Technology (NIST) Frameworks, and the Federal Risk and Authorization Management Program (FedRAMP). Sara also advises buyers and sellers in corporate transactions involving cybersecurity, data privacy, and intellectual property matters.

Sara has experience in all aspects of breach response, including forensic investigations, analyses of applicable regulations, notification of individuals and regulators, and remediation. She has assisted multinational clients in the health care, enterprise software, automotive, and other industries respond to and recover from malware attacks.

Sara maintains an active pro bono practice, in which she develops privacy policies, terms of use, cookie notices, and licensing agreements for nonprofit organizations' websites, applications, and programs. She also assists with the Firm's human trafficking initiative and advises health care providers on the legal requirements for reporting and education when treating victims of human trafficking.