Skip to content
DWT logo
People Expertise Insights
About Locations Careers
Search
People
Expertise
Insights
About
Locations
Careers
Search
Desktop Image: Bertch, Kristen
Mobile Image: Bertch, Kristen

Kristen N. Bertch

She/Her

Associate

T 202.973.4249 Washington, D.C.
M 814.730.8447
  •  

Download vCard Download bio Print this page
Share

Kristen Bertch, CIPP/US, leverages her technical experience and knowledge of the data security and privacy legal landscape to help clients across a spectrum of industries on cybersecurity and privacy issues and related regulatory compliance matters. Kristen advises clients on complex and cutting-edge technologies used for the collection, processing, and storage of data.

As part of the Privacy and Security team, Kristen advises clients on matters related to responding to data security incidents, compliance with security standards, HIPAA Security Rule compliance, drafting security policies, and assessing data security compliance obligations.

She advises clients on security standards including FedRAMP, StateRAMP, HITRUST, and ISO 27001. Her practice includes discussing clients' current systems and security posture and drafting policies and procedures to provide appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity and security of information.

Kristen also assists clients with data-security incidents, including incidents spanning multiple states and involving multiple types of data such as personal information, protected health information, and customer proprietary network information.

Kristen works with clients to assess their business and suggest next steps to improve their security posture, including compliance with HIPAA, the GLBA Safeguards Rule, state law security requirements such as Massachusetts' WISP requirement, and data retention and destruction policies.

Practice Highlights

Security standard compliance and data breach response

Assessed clients' current policies and procedures against relevant security standard requirements. Worked with clients to address and recover from a range of data incidents including ransomware attacks, business email compromise incidents and inadvertent disclosures of personal information.

Regulatory compliance

Advised clients on compliance with privacy regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California Consumer Protection Act (CCPA), General Data Protection Regulation (GDPR), Children's Online Privacy Protection Act (COPPA), and Family Educational Rights and Privacy Act (FERPA).

Privacy and data security provisions

Drafted appropriate privacy and data security provisions in contracts with third parties by working with clients to better understand their business, data handling practice, privacy and data security needs, and how third parties will access and handle any client data.

Admitted to Practice

  • Maryland, 2016
  • District of Columbia, 2017

Education

  • J.D., University of Maryland School of Law, 2016
    • University of Maryland Law Journal of Race, Religion, Gender, and Class
    • Research Assistant
  • B.A., Criminal Justice, University of Pittsburgh, 2012, magna cum laude

Memberships & Affiliations

    • CIPP/US, International Association of Privacy Professionals

Professional Recognition

    • Selected to a list of "Ones to Watch" in Privacy and Data Security Law (Washington, D.C.), Best Lawyers, 2023

Background

    • Associate, Whiteford, Taylor, & Preston LLP, Baltimore, 2019-2021
    • Attorney, Eversheds Sutherland (US) LLP, Washington, D.C., 2016-2019
    • Contract Attorney, FHLBanks Office of Finance, Reston, Va., 2016
    • Legal Intern, Division of Privacy and Identity Protection, Bureau of Consumer Protection, Federal Trade Commission, Washington, D.C., 2015
    • Legal Intern, Future of Privacy Forum, Washington, D.C., 2015
Clear Filter
Searching...
Your search returned no results. Please try another search or remove search criteria.
DWT logo
©1996-2022 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Prior results do not guarantee a similar outcome.
NAVIGATE
Home People Expertise Insights
About Locations Careers Events Blogs
STAY CONNECTED

Subscribe to stay informed.

Subscribe
Employees
DWT Collaborate
EEO
Affiliations
Legal notices
Privacy policy
©1996-2022 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Prior results do not guarantee a similar outcome.
Close
Close

CAUTION - Before you proceed, please note: By clicking “accept” you agree that our review of the information contained in your e-mail and any attachments will not create an attorney-client relationship, and will not prevent any lawyer in our firm from representing a party in any matter where that information is relevant, even if you submitted the information in good faith to retain us.