Tracy is co-chair of the firm's cybersecurity and data privacy practice, deputy chair of the health care and long term care practice, and a member of the higher education practice. In seeking solutions to her client's business, legal and strategic goals, Tracy draws upon her experience as outside counsel, former general counsel and policy maker.
Tracy has an extensive practice in regulatory and corporate compliance, cybersecurity, and data privacy. She assists clients proactively to develop effective compliance, cybersecurity and privacy programs and address identified vulnerabilities.
Tracy is co-chair of the firm's cybersecurity and data privacy practice, deputy chair of the health care and long term care practice, and a member of the higher education practice. In seeking solutions to her client's business, legal and strategic goals, Tracy draws upon her experience as outside counsel, former general counsel and policy maker.
Tracy has an extensive practice in regulatory and corporate compliance, cybersecurity, and data privacy. She assists clients proactively to develop effective compliance, cybersecurity and privacy programs and address identified vulnerabilities.
As part of her broad regulatory practice, Tracy routinely advises clients about cybersecurity and data privacy, including:
- Federal and state cybersecurity laws, regulations, and breach notification laws;
- GDPR implementation and compliance;
- Response to data breaches, including investigations, notice, and remediation;
- Cybersecurity and privacy policies, gap analysis, policy development, implementation and oversight, cybersecurity insurance and breach preparedness;
- Board governance structures, training, and internal reporting to meet fiduciary standards;
- Cybersecurity and data privacy counsel to businesses in and outside of New York State;
- Compliance by health systems, hospitals, and other providers with federal and state laws and regulations as they exchange data for population health management and care coordination;
- Compliance by institutions of higher education with GDPR, GLBA, FERPA and HIPAA;
- Business associate and other third party agreements; and
- Workforce training.
Read Full Profile >