Kate Hanniford focuses her practice on cybersecurity and privacy compliance and enforcement. Kate has provided advice on a range of cybersecurity topics, including compliance with various cybersecurity standards, managing cyber risk at all levels of the enterprise, cybersecurity governance, and responding appropriately to security incidents. She also actively monitors cybersecurity-related legislative and regulatory developments at the state and federal levels to provide advice on potential impacts. Kate advises clients on privacy and security issues along the data life cycle including implementing enterprise-wide privacy and security policies, compliance strategies, privacy and security issues in complex transactions, and privacy regulatory enforcement.
Kate also assists securities-industry clients with compliance with SEC and FINRA rules and standards, including SEC (OCIE) examination preparation and enforcement matters as well as Reg SCI and cybersecurity preparedness. She is well-versed in the scale and complexity of incident response in highly regulated industries, having handled incident response for public issuer, broker-dealer, and investment adviser data security and privacy incidents as well as some of the largest health care breaches in recent years. The Best Lawyers in America® regularly recognizes Kate on its “Ones to Watch” list in the areas of Technology Law and Privacy and Data Security Law. She has also been named to Cybersecurity Docket’s 2024 “Incident Response 50.” Kate is a Certified Information Privacy Professional.