Fran Forte focuses her practice on privacy and data security matters, advising clients on domestic and international privacy and cybersecurity laws and regulations, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Fran counsels clients in many industries, including cybersecurity product providers, retailers, payment processors, and financial institutions. Fran continuously monitors and advises clients on how privacy and data security laws, regulations and consumer expectations may impact their business practices. Fran has significant experience designing and helping clients implement GDPR and CCPA compliance programs, including advising on AdTech, data mapping, data subject request processes, internal and external-facing privacy and security policies and cross-border data transfer mechanisms. Fran also drafts and negotiates data processing agreements and privacy and data security provisions in service provider agreements. Fran frequently conducts privacy and cybersecurity-related diligence for corporate transactions for companies across a wide range of industries. Fran is a Certified Information Privacy Professional/United States (CIPP/US) through the International Association of Privacy Professionals (IAPP).
During law school, Fran was the senior managing editor of the Mercer Law Review, a member of the Mercer Advocacy Council and a member of the Mugal National Tax Moot Court competition team. Fran also served as an intern to the Hon. W. Homer Drake Jr. for the US Bankruptcy Court for the Northern District of Georgia.
Advised an agribusiness and food ingredient company on GDPR and CCPA compliance work, negotiated outsourcing agreement, and provided general privacy and cybersecurity counseling*
Advised multinational automobile manufacturer on compliance with privacy and cybersecurity regulations, including the CCPA and GDPR*
Advised a leading alcohol beverage company on CCPA & GDPR compliance, setting up data transfer mechanisms (including negotiating GDPR data controller and data processor compliant contract terms), drafting policies and procedures and providing day-to-day privacy counsel*
Advised a multinational semiconductor company on certification of compliance with the EU-US and Swiss-U.S. Privacy Shield, data mapping, review and evaluation of internal and external policies and procedures and vendor contract amendments to comply with Privacy Shield requirements*
Represented a large wholesale bakery in a CCPA compliance project*
Developed and implemented GDPR and CCPA compliance programs for numerous US and international organizations, advising on, GDPR and CCPA applicability analysis, data mapping, data transfer mechanisms, privacy notices, consent mechanisms, data subject and consumer rights, data security assessments, breach response programs, selection of Data Protection Officers and EU Representatives and employee training*
Developed a global records retention policy and schedule for a leading alcohol beverage company that complied with global records retention requirements*
Developed cross border data transfer strategies for EU personal data*
Performed key diligence and transactional support for acquisition of customer experience management company*
Performed key diligence and transactional support for acquisition of a provider of workforce educational curricula and training courses*
Performed key diligence and transactional support for sale of artificial intelligence and cybersecurity leader*
Performed key diligence and transactional support and drafted red flag memorandum for acquisition of worldwide consumer health business*
Performed key diligence and transactional support for investment in leading provider of cloud and on-premise corporate performance management solutions*
Performed key diligence and transactional support for acquisition of a privately held biopharmaceutical company*
Represented financial institution in connection with financing of large electronic security company’s acquisition of a leading provider of security alarms and monitoring services for commercial and residential customers*
Provided key diligence and transactional support to leading international provider of eDiscovery in connection with its acquisition by a private equity firm*
Performed key diligence and transactional support for acquisition of a market leader for customer identity and access management*
Performed key diligence and transactional support for acquisition of a developer of marketing optimization software*
Advised HIPAA Covered Entity in its investigation and analysis of a possible disclosure of health information to the Internal Revenue Service*
Do not send any information or documents that you want to have treated as secret or confidential. Providing information to McDermott via email links on this website or other introductory email communications will not create an attorney-client relationship; will not preclude McDermott from representing any other person or firm in any matter; and will not obligate McDermott to keep confidential the information you provide. McDermott cannot enter into an attorney-client relationship with you until McDermott has determined that doing so will not create a conflict of interest and until you and McDermott have entered into a written agreement or engagement letter that sets forth the terms of our relationship.