Kristen Bertch, CIPP/US, leverages her technical experience and knowledge of the data security and privacy legal landscape to help clients across a spectrum of industries on cybersecurity and privacy issues and related regulatory compliance matters. Drawing on her software development experience, Kristen advises clients on cutting edge technologies, such as those built on blockchain and other distributed ledgers, as well as complex technologies used for the collection and processing of data for advanced analytics and machine learning.
Her practice also includes providing advice in connection with the applicability and requirements of federal, state, and foreign data protection laws relevant to U.S. organizations. She further assists clients with data breach response, software licenses and software development agreements, developing appropriate external policies and procedures, IP due diligence, performing risk assessments, and developing information security.
Data breach response
Worked with clients to address and recover from a range of data incidents including ransomware attacks, business email compromise incidents and inadvertent disclosures of personal information.
Advised clients on compliance with privacy regulations such as the California Consumer Protection Act (CCPA), General Data Protection Regulation (GDPR), Children's Online Privacy Protection Act (COPPA), and Family Educational Rights and Privacy Act (FERPA).
Privacy and data security provisions
Drafted appropriate privacy and data security provisions in contracts with third parties by working with clients to better understand their business, data handling practice, privacy and data security needs, and how third parties will access and handle any client data.
Admitted to Practice
District of Columbia, 2017
J.D., University of Maryland School of Law, 2016
- University of Maryland Law Journal of Race, Religion, Gender, and Class
- Research Assistant
B.A., Criminal Justice, University of Pittsburgh, 2012, magna cum laude
Memberships & Affiliations
- CIPP/US, International Association of Privacy Professionals
- Associate, Whiteford, Taylor, & Preston LLP, Baltimore, 2019-2021
- Attorney, Eversheds Sutherland (US) LLP, Washington, D.C., 2016-2019
- Contract Attorney, FHLBanks Office of Finance, Reston, Va., 2016
- Legal Intern, Division of Privacy and Identity Protection, Bureau of Consumer Protection, Federal Trade Commission, Washington, D.C., 2015
- Legal Intern, Future of Privacy Forum, Washington, D.C., 2015