Practice Areas
Data Privacy, Cybersecurity, Artificial Intelligence, HIPAA, Education, Health Law, Litigation, Exempt Organizations, Government Enforcement, Internal Investigations, Corporate Compliance, Business Litigation and Dispute Resolution, Financial Services Cyber-Compliance, Information Governance and Records Management
Career
Nationally ranked in Chambers USA in Privacy & Data Security since 2012 and globally since 2021, Linn Freedman is a leader in the field of privacy and cybersecurity law. Her clients have said that Linn “is a great lawyer, focused on understanding the client and the business” and “is very responsive, pragmatic and very good to work with," “travels to the end and back for her clients,” and has "extraordinary integrity and a great mind for creativity, while still adhering to regulatory compliance."
Linn is chair of our firm’s Data Privacy + Cybersecurity practice and co-chair of the Artificial Intelligence team. She focuses on compliance with state and federal data privacy and security laws and regulations, emergency data breach response, mitigation and complex litigation. She counsels clients on state and federal investigations and enforcement actions. She has a particular focus on health information technology and has assisted clients with navigating laws governing the access, use and disclosure of protected health information and substance use disorder information and HIPAA compliance.
Data Privacy + Cybersecurity Compliance
As a Certified Information Privacy Professional, Linn helps clients comply with all state and federal data privacy and security laws and regulations, and counsels them on investigations and enforcement actions.
Linn advises companies and organizations on best practices for the collection, maintenance, and sharing of high-risk data, to help avoid breaches and cyber intrusions. She assists with data mapping and development of privacy and security plans. She helps clients comply with constantly evolving, industry-specific privacy and data protection regulatory requirements in a rapidly changing area of law.
Linn also assists clients with data security regulatory requirements, including implementing Written Information Security Plans (WISPs). She provides guidance regarding privacy and data protection implications associated with the deployment of communication and data storage technologies, mobile applications, location-based services, and risks associated with the use of artificial intelligence. She works with clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, social media policies, practices and procedures, assessing risk with tracking and pixel technology, and AI governance programs.
Security Incident + Data Breach Preparedness + Emergency Response
Linn assists clients with data breach preparedness, including assisting with vendor choice and pre-negotiating contracts for forensic, notification, and call center services. She also assists with the development and training of data breach response teams. If there is a security incident or data breach, Linn assists with all related investigation, negotiation, response, notification, remediation, coordination, and litigation. She has extensive experience with responding to security incidents, including ransomware attacks and business email compromise incidents. She is well-versed in helping clients with post-breach investigations by state and federal authorities. She also provides live, hands on security incident tabletop exercises for clients.
Privacy + Class Action Litigation + Enforcement
If a data breach or privacy issue results in litigation or an enforcement action, Linn works with clients to resolve the matter through the court system or before federal or state regulatory agencies. She also represents various companies in privacy litigation matters around unauthorized access, use or disclosure of personally identifiable and health information and in retrieving the unauthorized transfer of data from companies by employees. She represents companies responding to website pixel litigation. Linn is a former Assistant Attorney General for the State of Rhode Island and works with the AGs of multiple states around compliance and enforcement actions involving data breaches and data security.
HIPAA Compliance
Linn has extensive experience helping clients with HIPAA compliance. She regularly assists with HIPAA compliance programs and employee awareness training, cybersecurity in relation to websites and online portals, and data use and sharing agreements for health information exchanges.
She has deep experience helping clients defend enforcement actions by the Office for Civil Rights of the Department of Health and Human Services.