Amy C. Pimentel focuses her practice on privacy and data security and general health law. Her clients operate in a variety of industries, including health care, consumer products, retail, food and beverage, technology, banking and other financial services.
As part of her privacy and data security practice, Amy routinely guides clients in developing privacy and data security programs, privacy impact assessments and self-audits for their US and multinational operations. She has worked with clients to help ensure that their internal and external policies and procedures are compliant with a myriad of US federal laws (such as the Fair Credit Reporting Act, Children’s Online Privacy Protection Act, Gramm-Leach-Bliley Act, Telephone Consumer Protection Act, Family Education Rights and Privacy Act, and the Health Insurance Portability and Accountability Act (HIPAA)), US state privacy information security and breach notification laws, and self-regulatory frameworks that address payment card processing and online advertising. When clients fall victim to a security breach, Amy helps them navigate their legal obligations, manage customer and vendor relationships, mitigate and, if necessary, remediate the harm. In addition, Amy identifies and evaluates privacy and security risks in mergers, acquisitions and other corporate transactions.
Many of Amy’s clients do business internationally. For such clients, Amy manages a team of talented foreign counsel to deliver and synthesize advice that informs on compliance issues and aids the operation of their businesses across multiple international jurisdictions.
Amy focuses her health industry practice on transactional and regulatory matters affecting hospitals, health systems and other health care clients. She counsels clients seeking compliance with federal and state health care laws and has drafted employment, service, and affiliation agreements between various players in the health care industry. Amy has experience with federal and state filings in the context of change-of-ownership transactions and licensing, as well as acting as an interim privacy officer of a large regional hospital system.
Amy has been published in the Buffalo Law Review and the Benefits Law Journal. While in law school, Amy worked at the US Department of Justice in the Office of International Affairs and interned in the Appeals Chamber of the International Criminal Tribunal for the Former Yugoslavia in The Hague, The Netherlands.