About Trisha Sircar
The value of data as an asset has increased substantially in today's global digital economy. In the high-stakes environment of global intellectual property and technology services, businesses, consumers and individuals need protection. With more than a decade of experience in helping to protect a wide range of businesses — including one of the world's largest insurance companies — Privacy, Data and Cybersecurity partner Trisha Sircar provides practical guidance and creative solutions regarding global privacy and data security risks and compliance issues.
Operating at the intersection of technology and law
Trisha provides clients with practical advice to help manage and mitigate the risks associated with the collection, use and disclosure of personal data and confidential information. This involves strategizing with clients to develop and maintain a global privacy program and assisting them in managing their day-to-day privacy compliance needs. Trisha reviews, drafts and negotiates global privacy, data security and records management provisions in third-party contracts and cross-border data transfer agreements. She conducts extensive privacy impact assessments to evaluate technology, analytics and innovation projects, and helps implement such projects in compliance with applicable privacy, data security and records management requirements.
She also advises on the practical application of complex state, federal and international privacy and information security legislation, regulation and case law developments, and coordinates with government affairs teams and local compliance officers to advocate a client's position and interests within US and international working groups and trade associations, on proposed legislation, regulation and industry frameworks.
Trisha provides strategic advice on information security and privacy-related incident response, including global notification obligations, crisis management, and internal and external communications. In addition, she develops proactive incident response solutions through the creation of robust incident response programs and tabletops, tailoring appropriate notification solutions and ensuring the correct personnel and vendors are in place. She counsels clients on handling regulatory investigations and lawsuits arising from a privacy and cyber incident and any resulting theft, loss or unauthorized use of confidential or personal information, as well as any alleged violations of applicable data privacy laws.
Trisha helps clients develop employee privacy, cybersecurity and records management training playbooks and awareness campaigns in connection with corporate compliance programs. She prepares comprehensive privacy, cybersecurity, information handling and records management guidelines, policies, standards and procedures in compliance with the applicable US and international data protection laws, including but not limited to, the Federal Trade Commission (FTC) Act, the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA) and the New York Department of Financial Services Cybersecurity Regulation (23 NYCRR 500).
- Privacy risk incident analysis and data breach preparedness and response
- Privacy and cybersecurity program implementation in compliance with global regulation
- Intellectual property, technology, media and privacy laws
- Vendor management, contracts and cross-border data transfer agreements
- Privacy policies, procedures and standards implementation
- Information handling policies, procedures and standards implementation
- Records Management policies, procedures and guidelines implementation
- Employee privacy training and handbooks
- European Union and international privacy laws
March 31, 2020
January 8, 2020
March 27, 2020
March 18, 2020
Presentations and Events
February 4–5, 2020