Clients benefit from Elizabeth’s extensive experience with a variety of regulatory, cybersecurity compliance, and technology-specific privacy matters. A former chief privacy officer in Texas state government, she brings a unique and informed perspective to her practice.
Elizabeth focuses on issues including breach responses, privacy risk assessments, and enterprise-wide cybersecurity compliance frameworks across industries such as retail, health care, financial services, energy and retail electric providers, education, and state and local governments.
During her tenure with Texas state government, Elizabeth worked with executive leadership and other stakeholders to develop the state’s first official privacy division. In her role as chief privacy officer, Elizabeth provided practical compliance counsel on cybersecurity and privacy requirements, served on the breach response team, and created and implemented policies, procedures, and employee privacy and security awareness training.
Outside of her law practice, Elizabeth teaches cybersecurity and privacy law topics for the University of Texas School of Information’s Master’s Program in Identity Management and Security. She is a thought leader on privacy and cybersecurity matters facing businesses, and frequently speaks and is published on emerging trends in these areas.
- Develops EU and Global Data Compliance Program based on the GDPR, the Privacy Shield and privacy laws and regulations in regions throughout the world.
- Advises and counsels e-commerce and global store front retailers, financial institutions and other companies on cybersecurity risks, incidents and policy issues, including proactive cybersecurity readiness, developing and conducting full-scale tabletop exercises for C-suite executives and Boards of Directors.
- Advises major health care providers and health plans on all aspects of HIPAA security breaches, including OCR and state enforcement.
- Conducts all phases of online and offline privacy assessments and information security policy audits.
- Develops global corporate records management programs, including policies, records retention schedules and training modules.
- Evaluates practices associated with data analytics, "big data," and the Internet of Things.
- Offers specialized counseling for fiduciaries, including Board Members, Board Committees and Named/Managing Fiduciaries of ERISA Plans and other asset plan managers, concerning their fiduciary obligations to provide adequate cybersecurity controls and best practices for information assets belonging to shareholders and plan participants.
- Evaluates cyber liability insurance needs and negotiation of provisions in cyber liability insurance policies.
- Merger and Acquisition support to assess privacy and security practices of target corporation, portfolio company, or start-up.
- Supports breach litigation and regulatory activities to remediate vulnerabilities in privacy and information security governance programs and/or information security standards.
- Drafts and negotiates appropriate privacy and cybersecurity clauses in complex technology and other transactions.
Honors & Recognitions
- Outstanding Young Lawyer of San Antonio, 1992
- Advisory Member, Global Cybersecurity Institute – UC Berkeley, 2018-Present
- Member, Cybersecurity Task Force, Greater Houston Partnership, 2017-Present
- Co-Chair, IP and Technology Law Affinity Group, National Association of Women Lawyers, 2016-present
- Member, Austin Bar Association
- Co-Chair, Legislative Committee, 2015-2016
- Co-Chair, Leadership Academy, Class of 2015
- Co-Chair, Membership Committee, 2013-2015
- Member, Leadership Academy, Class of 2013
- Council Member, Computer & Technology Law Section of the State Bar of Texas, 2014-present
- Board Member, St. Mary's University School of Law Foundation, 2011-present
- Former Board Member and President, Alumni Association, St. Mary’s School of Law, 1993-2002