Kathryn M. Rattigan advises clients on data privacy and security, cybersecurity, and compliance with related state and federal laws. She assists clients in assessing risks related to technology and software contracts, as well as with compliance-related issues with outsourcing and vendor management. She represents clients across all industries, such as manufacturing, insurance, health care, education, energy, and construction. Kathryn is a member of our Business Litigation group and Data Privacy + Cybersecurity team and is co-chair of the firm’s Women’s Committee.
Data Privacy and Cybersecurity Compliance
Kathryn helps clients comply with all state and federal regulations related to data privacy and cybersecurity. She counsels clients facing government investigations over alleged non-compliance. She advises clients on the development of privacy and security plans, and how to best handle high-risk data to avoid breaches and cyber intrusions. Kathryn helps clients review, revise, and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA), Telephone Consumer Protection Act (TCPA), the Children's Online Privacy Protection Act (COPPA), Family Educational Rights and Privacy Act (FERPA), and other federal and state laws and regulations. She assists businesses and organizations with measures to protect the security and confidentiality of personal and sensitive information. She provides guidance regarding privacy and data protection in connection with mobile devices, data storage technologies, mobile applications, and location-based services. Kathryn assists with the development of website and mobile app privacy policies and terms and conditions of use. She also advises clients on social media policies and practices, and 'Bring Your Own Device' in the workplace. She is a member of the firm's Financial Services Cyber-Compliance Team.
Unmanned Aerial Systems and FAA Compliance
Kathryn is a member of the firm’s Drone Compliance Team. As such, she advises clients on all legal issues surrounding the use of commercial drones, including navigation of Federal Aviation Administration regulations, commercial registration requirements, and Part 107 waivers. She reviews and prepares employee and subcontractor agreements for the piloting and use of drones. She advises commercial businesses on insurance options for adequate coverage for drone use. Kathryn is well versed on various local and state laws, regulations, and ordinances which apply to a business’ drone use. She assists clients with privacy and cybersecurity policies, procedures and programs to mirror the National Telecommunications and Information Administration’s voluntary best practices, as well as other industry standards. Kathryn also handles drone-related litigation, such as claims involving manufacturing defects, personal injury, or property damage. She has given numerous presentations about implementing UAS into company infrastructure and privacy and cybersecurity issues related to drone use.
HIPAA Compliance
Kathryn counsels clients on HIPAA compliance, including assisting with employee training and providing guidance on the implementation of required and recommended Privacy Rule and Security Rule policies and procedures.
