Amber serves as the Deputy Chair of Bond, Schoeneck & King’s Data Privacy and Cybersecurity practice and maintains a Certified Information Privacy Professional/European credential (CIPP/E) through the ANSI-accredited International Association of Privacy Professionals. Amber represents a wide range of clients across all industries, including retail, hospitality, manufacturing, development, higher education, technology, health care and media. She currently serves as part-time corporate counsel at Paychex, Inc. where she advises on privacy and cybersecurity matters.
Privacy Compliance
Amber serves as the Deputy Chair of Bond, Schoeneck & King’s Data Privacy and Cybersecurity practice and maintains a Certified Information Privacy Professional/European credential (CIPP/E) through the ANSI-accredited International Association of Privacy Professionals. Amber represents a wide range of clients across all industries, including retail, hospitality, manufacturing, development, higher education, technology, health care and media. She currently serves as part-time corporate counsel at Paychex, Inc. where she advises on privacy and cybersecurity matters.
Privacy Compliance
Amber advises clients on cybersecurity and data privacy compliance issues, including state, federal and international cybersecurity and data privacy laws. Her practices involves counseling clients on managing and mitigating risks associated with the collection, use and disclosure of personal data. Amber assists clients with the development of comprehensive privacy programs and policies, retention and records management, risk assessments and response to data subject requests and complaints. Her broad experience with various data privacy regimes including the California Consumer Privacy Act (CCPA), the European Union’s General Data Protection Regulation (GDPR), China’s Personal Information Protection Law (PIPL), the Illinois Biometric Information Privacy Act (BIPA), the Children’s Online Privacy Protection Act (COPPA), the Federal Trade Commission (FTC) and the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) provides clients with robust knowledge of industry laws and regulations.
Transactions and Technology
Amber’s practice often focuses on the intersection of data privacy, technology and transactions. She assists clients with complex contract review and negotiation, including strategic risk mitigation for cybersecurity and data privacy liabilities and drafting data protection and data transfer agreements. Amber advises clients on merger and acquisition strategy for data privacy and cybersecurity issues including due diligence and structure review. In addition, she advises clients on product and technology development and implementation with a specific focus on compliance with data protection safeguards and standards.
Data Breach Response
Amber counsels clients on multi-jurisdiction data breach response including reporting obligations for various state, federal and international cybersecurity laws. She assists clients in developing proactive data protection programs and information security policies. Amber works closely with cybersecurity forensic teams to assist in the investigation and remediation portions of a cybersecurity event.
Amber’s practice focuses on:
- Data audit and risk assessment
- Privacy compliance review and program implementation
- MSA, SaaS, Cloud Service, Technology agreements drafting and negotiation
- Privacy notices, policies and terms of use agreements
- Data protection and security addenda drafting
- M&A privacy and cybersecurity diligence review
- Cybersecurity insurance review
- Vendor security assessment
- Remediation strategy and implementation
- Data subject request and response policies and procedure
- Records management procedures, policies and guidelines implementation
- Employee privacy training and handbook review
Read Full Profile >
