MWE Logo
  1. HOME
  2. PEOPLE

Overview

Amy C. Pimentel advises clients on U.S. and international data protection, privacy and cybersecurity. Her clients are diverse – from multinational Fortune 500 companies to start-ups – and operate in a variety of industries, including health care, technology, consumer products, retail, media, and financial services.

Show More

Results

  • Developed and implemented GDPR and CCPA compliance programs for numerous US and international organizations, advising on, as applicable, GDPR and CCPA applicability analysis, data mapping, data transfer mechanisms, privacy notices, consent mechanisms, data subject and consumer rights, data security assessments, breach response programs, selection of Data Protection Officers and EU Representatives, and employee training
  • Managed the development of a global data privacy assessment of a multibillion-dollar food service company to evaluate the process through which it collects, stores, protects, shares and manages information in more than 100 countries
  • Developed a data privacy risk assessment that leverages in-depth analyses of the data collection consent laws in Europe, Asia, the Americas, the Middle East and Africa to help a multinational tech firm better strategize its global privacy and data protection approaches

Show More

Recognitions

  • Best Lawyers: Ones to Watch2021, Healthcare Law
  • IFLR Rising Stars Americas Awards 2020: Privacy and Data Protection
  • The Legal 500,Rising Star 2020

Show More

Community

  • Boston Bar Association
  • National Asian Pacific American Bar Association, Data Security and Privacy Committee Co-Chair
  • International Association of Privacy Professionals
  • Filipino American Lawyers Association of Massachusetts, founding member

Credentials

Education
Northeastern University School of Law, JD, 2014
Duke University, BA, 2007

Admissions
Massachusetts

Languages
English
Spanish

Amy C. Pimentel

Partner | Boston

Boston: +1 617 535 3948

Boston: +1 617 535 3800

Amy C. Pimentel

Insights & Events / Media

Video / March 9, 2021

Video: What Should Businesses Be Doing Now to Prepare for CPRA?

Video / March 3, 2021

Video: Do businesses need to scrap their current CCPA compliance programs and ...

Video / February 24, 2021

Video: How do businesses comply under CPRA?

On the Subject / February 23, 2021

Virginia Consumer Data Protection Act: A Growing Wave of Comprehensive State Privacy ...

Video / February 17, 2021

Video: What are the new rights under CPRA?

Resource Centers / 2021

Global Privacy & Cybersecurity Resource Center

Webinar / Speaking Engagements / December 3, 2020

BBA’s Virtual Privacy & Cybersecurity Conference: European Union Regulatory Changes: Post-Schrems II ...

Video / November 2020

Video: What is CPRA?

Virtual Event / McDermott Event / November 5, 2020

Policy Outlook: How The 2020 Election Outcomes Will Impact Your Business

On the Subject / November 4, 2020

California Voters Approve the California Privacy Rights Act

On the Subject / October 20, 2020

New Proposed CCPA Regulations Add Clarity to Process for Opting Out of ...

On the Subject / May 26, 2020

Key Issues We're Tracking as CCPA Enforcement Nears

On the Subject / May 20, 2020

New California Privacy Ballot Initiative Would Expand the CCPA

United States / McDermott Event / February 2020

CCPA Compliance: An Interactive Workshop | February

On the Subject / January 8, 2020

A Sale, or Not a Sale? The Digital Advertising Debate

On the Subject / January 8, 2020

Little by Little, Attorney General Becerra Sheds Light on the CCPA in 2020

United States / McDermott Event / January 2020

CCPA Compliance: An Interactive Workshop | January

United States / McDermott Event / December 2019

Countdown to CCPA: An Interactive Compliance Workshop | December

United States / McDermott Event / November 2019

Countdown to CCPA: An Interactive Compliance Workshop | November

United States / McDermott Event / October 2019

Countdown to CCPA: An Interactive Compliance Workshop | October

On the Subject / September 20, 2019

CCPA Update: Changes, Clarifications, but no Major Overhaul Heading to Governor's Desk

San Francisco, CA / McDermott Event / September 10, 2019

2019 Privacy & Cybersecurity Risk Management Series | Insights on Cybersecurity and Data Privacy for ...

Wolters Kluwer / August 2019

Implementing the EU-U.S. Privacy Shield

New York, NY / McDermott Event / June 18, 2019

2019 Privacy & Cybersecurity Risk Management Series | Insights on Cybersecurity and Data Privacy

On the Subject / May 9, 2019

OCR Corrects Past Misinterpretation of HIPAA Annual Penalty Limits, Signaling Potential Relief ...

Washington, DC / Speaking Engagements / April 5, 2019

International Privacy + Security Forum

Boston, Massachusetts / Speaking Engagements / March 19, 2019

IAPP KnowledgeNet

Boston, Massachusetts / Speaking Engagements / February 19, 2019

Online Privacy and Internet Law

Webcast / McDermott Event / December 5, 2018

Global Privacy & Cybersecurity Webcast Series | Year in Review

Massachusetts Lawyers Weekly / October 26, 2018

GDPR 6 Months After Implementation: Where Are We Now?

On the Subject / June 29, 2018

California Enacts a Groundbreaking New Privacy Law

Boston, Massachusetts / Speaking Engagements / June 20, 2018

GDPR: Where are we now?

On the Subject / May 2, 2018

The Continuing Disconnect between the Health Care Industry and OCR on HIPAA’...

International News / April 2018

Tracking the Emerging Global Regulation of Cybersecurity & Privacy in Autonomous Vehicles

AHLA (American Health Lawyers Association) / March 2018

The Law of Digital Health

Washington, District of Columbia / Speaking Engagements / February 6, 2018

ACC Foundation Cybersecurity Summit

On the Subject / February 5, 2018

Does GDPR Regulate My Research Studies in the United States?

Boston, Massachusetts / Speaking Engagements / January 29, 2018

IAPP KnowledgeNet

Special Report / January 22, 2018

A Short Primer on Autonomous and Connected Vehicle Regulation

Ontario, Canada / Speaking Engagements / October 11, 2017

Privacy Across Borders Information Technology and Intellectual Property Law & Privacy and ...

On the Subject / October 10, 2017

Irish Court Casts Serious Doubt on EU Model Clauses

Chicago, Illinois / Speaking Engagements / September 27, 2017

Reassess, Reinforce, Resolve: Cybersecurity Best Practices in Health Care

On the Subject / September 25, 2017

The Department of Transportation Helps Clear the Road for Autonomous Vehicles

Publications / August 2017

Privacy Shield Implementation and How-To Kit from McDermott Will & Emery

Webcast / McDermott Event / May 24, 2017

Global Privacy & Cybersecurity Webcast Series | Data Breach — Challenges in Responding to Large ...

On the Subject / May 15, 2017

The First 24 Hours: How to Prepare and Respond to a Major Cybersecurity ...

Boston, Massachusetts / Speaking Engagements / March 23, 2017

Privacy Shield – A “How-to” Guide on Navigating its Process, Risks and Opportunities

Bloomberg BNA Health IT Law and Industry Report / January 2, 2017

Concerns Grow that Telephone Consumer Protection Act May Frustrate Patient Engagement Goals

On the Subject / November 11, 2015

HHS Office of Inspector General Calls for Increased Oversight and Enforcement of ...

On the Subject / May 4, 2015

Where Are We Now? The NIST Cybersecurity Framework One Year Later

On the Subject / February 20, 2015

Employers with Group Health Plans: Have You Notified State Regulators of the ...

Special Report / February 12, 2015

The White House Calls for Action Where Congress Has Failed to Deliver

Law360 / December 19, 2014

Tracking State Data Protection Enforcement In 2014

Special Report / December 10, 2014

Privacy and Data Protection: 2014 Year in Review

Buffalo Law Review, Vol. 62, 933 / August 2014

Taking Climate Change by Storm: Theorizing Global and Local Policy-Making in Response ...

1

2

3

4

5

6

7

8

9

10

... 10