Privacy & Cybersecurity

Elliot Golding provides business-oriented privacy and cybersecurity advice to global companies spanning virtually every sector of the economy, with a particular focus in the technology, healthcare, life sciences, retail, e-commerce, automotive and financial sectors. His practical approach gives clients actionable advice to help balance legal risk with business needs. He routinely counsels clients on the latest cutting-edge issues, such as online advertising and tracking technologies, digital health tools, data monetization strategies, and artificial intelligence. He provides both day-to-day product counseling and helps companies develop global compliance programs that harmonize the California Consumer Privacy Act (and equivalent state privacy laws in Virginia, Colorado and other states); GDPR and other international laws; specific rules in the highly regulated health and financial sectors (HIPAA/HITECH, ONC Information Blocking Rule, 42 CFR Part 2, the Common Rule, GLBA and state equivalents); marketing rules (TCPA, CANSPAM and industry self-regulatory standards); security standards (such as PCI-DSS, NIST and ISO); and many others. Elliot has also managed hundreds of breaches and ransomware attacks, guiding clients through all aspects of investigation, notification, remediation and engagement with regulators.

Elliot is IAPP certified (CIPP/US) and has been recognized in a number of industry rankings and awards, including by Chambers USA, Legal 500 US, Bloomberg Law, Global Data Review and the National Law Journal. Elliot also co-chairs the American Bar Association’s SciTech Privacy, Security and Emerging Technology Division; E-Privacy Committee; and Biotechnology, Healthcare Technology, and Medical Device Committee.