Kristen N. Bertch

She/Her

Associate

T 202.973.4249 Washington, D.C.
M 814.730.8447
    •  
Download vCard Download bio Print this page

Kristen Bertch, CIPP/US, leverages her technical experience and knowledge of the data security and privacy legal landscape to help clients across a spectrum of industries on cybersecurity and privacy issues and related regulatory compliance matters. Kristen advises clients on complex and cutting edge technologies used for the collection, processing, and storage of data.

Her practice also includes providing advice on complying with data security standards such as ISO 27001 and SOC 2 Type 2, and data protection laws relevant to U.S. organizations, such as the HIPAA Security Rule. She further assists clients with data breach response, developing appropriate external policies and procedures, and performing risk assessments.

Practice Highlights

Security standard compliance and data breach response

Assessed clients' current policies and procedures against relevant security standard requirements. Worked with clients to address and recover from a range of data incidents including ransomware attacks, business email compromise incidents and inadvertent disclosures of personal information.

Regulatory compliance

Advised clients on compliance with privacy regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California Consumer Protection Act (CCPA), General Data Protection Regulation (GDPR), Children's Online Privacy Protection Act (COPPA), and Family Educational Rights and Privacy Act (FERPA).

Privacy and data security provisions

Drafted appropriate privacy and data security provisions in contracts with third parties by working with clients to better understand their business, data handling practice, privacy and data security needs, and how third parties will access and handle any client data.

Admitted to Practice

  • Maryland, 2016
  • District of Columbia, 2017

Education

  • J.D., University of Maryland School of Law, 2016
    • University of Maryland Law Journal of Race, Religion, Gender, and Class
    • Research Assistant
  • B.A., Criminal Justice, University of Pittsburgh, 2012, magna cum laude

Memberships & Affiliations

    • CIPP/US, International Association of Privacy Professionals

Background

    • Associate, Whiteford, Taylor, & Preston LLP, Baltimore, 2019-2021
    • Attorney, Eversheds Sutherland (US) LLP, Washington, D.C., 2016-2019
    • Contract Attorney, FHLBanks Office of Finance, Reston, Va., 2016
    • Legal Intern, Division of Privacy and Identity Protection, Bureau of Consumer Protection, Federal Trade Commission, Washington, D.C., 2015
    • Legal Intern, Future of Privacy Forum, Washington, D.C., 2015
Your search returned no results. Please try another search or remove search criteria.