Holly Benton Photo

Holly B. Benton*

Senior Counsel

*Not admitted in North Carolina

Overview

Holly practices data use, privacy, and cybersecurity law and provides strategic advice to clients on information lifecycle management and the ever-evolving state, federal, and global information privacy landscape. Holly assists clients with identifying their unique profiles of privacy and data protection risks, implementing and managing risk-based privacy programs to address those risks, and facilitating compliance with applicable privacy and data protection laws. Her combination of in-house and private practice experience gives her valuable insight that she uses to drive solution-focused initiatives for clients.

She regularly conducts due diligence for mergers and acquisitions, advises on contractual matters involving cross-border data flows, and counsels companies and non-profit organizations on compliance with CCPA, CPRA, GDPR, HIPAA, FISMA, FERPA, CAN-SPAM, state breach notification laws, and emerging state, federal, and global regulations, including developing and advising on related policies and procedures and advising on related contracts and agreements. Holly also advises clients with regard to technology licenses and agreements, research and clinical trial agreements, and subcontractor and vendor contracts.

Additionally, she counsels businesses on data mapping, records of processing, DPIAs, drafts and advises on privacy policies and terms of use, and advises on associated training and operational compliance activities including drafting and negotiating CCPA service provider agreements, GDRP data processing addendums, HIPAA BAAs, and FERPA consents and vendor contracts, as well as advising on and developing comprehensive HIPAA compliance policies for employer sponsored group health plans.

In-House Experience

Prior to joining Michael Best, Holly practiced with a major Raleigh business law firm. She previously held multiple information privacy roles, including Privacy Officer, during her tenure with Duke University and the University of North Carolina. Instrumental in developing collaborative approaches to addressing compliance requirements, Holly led privacy risk initiatives to identify and assess institutional information asset risk management gaps to inform safeguarding efforts and support institutional data governance, and she played a key role in facilitating compliance with federal, state and global privacy regulations and developing and advising on related policies and procedures and training. Earlier in her career, Holly served as in-house counsel for international telecommunications company T-Mobile and practiced litigation at a global law firm and a major regional law firm in the Pacific Northwest.

Holly understands firsthand the complexities and challenges organizations face both in identifying their unique privacy and data protection risk profile and in addressing their related compliance obligations; she partners with clients to navigate these challenges and manage to the continually evolving privacy and data protection compliance landscape.

Experience

  • Advised a contract research organization on privacy and data protection matters in a definitive agreement to acquire a specialized contract research organization for the biotechnology industry.
  • Advised a global contract research organization and drug development services company on privacy and data protection matters in a definitive agreement to acquire a provider of decentralized and traditional clinical trial-related services.
  • Advised a global contract research organization and drug development services company on privacy and data protection matters in a definitive agreement to acquire a provider of mobile-connected self-service platform solutions for decentralized clinical trials.
  • Advised a consumer product company on updated obligations under the CCPA and developed a program strategy to address compliance with E.U. and U.S. privacy laws.
  • Advised a major financial services company’s employer sponsored group health plan on privacy compliance and developed comprehensive policies and procedures to address obligations under HIPAA.
  • Provided guidance to a national property management company on the evolving privacy landscape and advised on corresponding compliance obligations and risk mitigation strategies.

Honors & Recognitions

  • Rising Star, Washington Journal of Law & Politics, 2002 & 2003

Professional Activities

  • Member, International Association of Privacy Professionals
  • Member, North Carolina Bar Association, Privacy & Cybersecurity Section
  • Certified in Health Care Privacy Compliance (CHPC®), Health Care Compliance Association.
  • Certified Information Privacy Professional/United States (CIPP/US), International Association of Privacy Professionals.

Education

Admission

Education

Admission

back to top