Karin E. Ross focuses her practice on data privacy, cybersecurity, and technology transactions. Karin has counseled a diverse array of companies from startups to Fortune 500 companies in both local and global markets. She works closely with clients on data privacy and security compliance programs and advises on existing and emerging privacy and data protection legislation, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Gramm Leach Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA). Her experience spans a range of industries including consumer goods, medical technology, financial services, e-commerce, and restaurants.
Karin also has substantial experience in drafting and negotiating commercial and technology agreements, including data licensing agreements, cloud and software-as-a-service agreements, software license agreements, professional services agreements, and website terms and conditions.
Karin formerly served as in-house corporate counsel at a Fortune 500 health care company where she supported regulatory compliance efforts related to health care and clinical research activities. She draws upon her in-house experience to provide clients practical advice and creative solutions for meeting their compliance obligations while advancing business objectives.
- Developing data privacy and security programs and policies
- Providing advice concerning new privacy laws and regulations including the California Consumer Privacy Act (CCPA) and the European General Data Protection Regulation (GDPR)
- Compliance with COPPA, HIPAA, TCPA, CAN-SPAM
- Negotiating privacy and technology-related contracts and license agreements
- Cross-border data transfers and data processing agreements
- Vendor and service agreements, business associate agreements, and clinical trial agreements