Laura handles complex data security incidents, including large data breaches in the healthcare, internet, social media and hospitality sectors, among others. She directs forensic investigations, advises on notifications to US and international regulators, and leads sensitive interactions with law enforcement and national security agencies related to cyber incidents.

Laura also advises on US and international privacy and cybersecurity compliance, including obligations imposed by the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). She also advises clients on the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Electronic Communications Privacy Act (ECPA), the Children’s Online Privacy Protection Act (COPPA), and the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), as well as other breach notification and data security laws. She has helped hundreds of clients build and enhance comprehensive privacy programs, while anticipating emerging and quickly evolving privacy and security obligations.

Laura also represents clients in connection with legal and regulatory issues presented by emerging technologies, including blockchain, cryptocurrencies and digital identity solutions.

Previously, Laura served as general counsel, chief privacy and security officer at a healthcare data analytics company, and as chief privacy counsel at a major health insurer, where she helped lead the company’s response to one of the largest ever reported data breaches. Earlier, Laura served as vice president and chief litigation counsel at America Online, Inc. (AOL), where she played a critical role in the development of internet law, particularly in litigating the scope of the ISP immunity provisions of Section 230 of the Communications Decency Act, the development of privacy policies and protections for AOL users, and the legal battle against junk email. In addition, Laura led AOL’s response to a number of high-profile government investigations, including some of the first FTC investigations into data privacy matters. Laura also played a leading role in gaining US international regulatory approval of AOL’s merger with Time Warner in 2000, then the largest corporate merger in history. Laura later held a business role as chief of staff to AOL’s vice chairman.

Show Less

• Advised social media company on GDPR and national security implications of large scale transfers of personal data offshore
• Represented internet and technology industry clients on matters involving Section 230 of the Communications Decency Act, the Electronic Communications Privacy Act (ECPA), Stored Communications Act (SCA), Cloud Act and other content- and national security-related privacy matters*
• Represented a leading internet service provider in complex and sensitive interactions with federal and international law enforcement agencies related to major state-sponsored cyber incident*
• Led major health insurer’s response to a massive cyberattack in which the attackers accessed personal information of nearly 80 million individuals*
• Advised blockchain industry clients on GDPR and CCPA compliance, particularly related to the interaction between the immutability of distributed ledger technology, GDPR’s right of erasure and CCPA’s right of deletion, as well as the development of digital identity solutions*
• Advised a digital currency platform services provider in responding to a multimillion-dollar cyber theft of bitcoin from a digital currency exchange. Issues included incident response; crisis communications; interactions with compromised exchange; client cybersecurity practices and personnel; and pre-litigation counseling and preparation*
• Developed federal policy strategy for blockchain-enabled global payments company on federal and state legislative, regulatory and policy issues relating to cryptocurrencies*
• Represented a major cloud service provider in connection with a data security incident involving customer data left exposed in a publicly-permissioned bucket accessible on the internet*
• Negotiated complex, multi-party relationship for development and marketing of artificial intelligence solutions in the healthcare industry*
• As a member of a panel of academic, technology and privacy/cybersecurity leaders, advised technology and government sectors on use of blockchain technologies to secure and streamline elections*

*Matter handled prior to joining McDermott.

Show Less