Ryan Burns, CIPP/US, is a data privacy and security attorney who advises cloud service providers and technology companies on navigating international, federal, and state cybersecurity and data privacy frameworks. His practice focuses on cybersecurity incident response, including breach assessment and notification obligations under the Federal Risk and Authorization Management Program (FedRAMP), the Health Insurance Portability and Accountability Act (HIPAA) and its implementing regulations, the European Union's NIS2 Directive, and other cybersecurity frameworks and regimes.
Ryan also counsels clients on broader information security and incident response matters, including the development of written incident response plans and policies. Additionally, he advises on contractual notification and security requirements in commercial and government-facing agreements.
Prior to transitioning to privacy and security law, Ryan's practice focused on corporate mergers and acquisitions.
Admitted to Practice
-
New York
-
District of Columbia
Education
-
J.D., Georgetown University Law Center, 2022
- Legal Fellow, Decentralized Future Council, 2022
-
B.S., Sport and Entertainment Management, University of South Carolina Columbia, 2019
- Minor: Political Science
Memberships & Affiliations
-
- Certification, Information Privacy Professional/United States, 2024
Background
-
- Associate, Willkie Farr & Gallagher LLP, Washington, D.C., 2022-2025
- Project Manager and Law Intern, Global Privacy Office, Leidos Inc., Reston, Va., 2021
- Judicial Extern, Hon. Robert N. McDonald, Supreme Court of Maryland, Annapolis, Md., 2020
- Law Clerk, Silverman Thompson Slutkin & White, Baltimore, 2020