Lauren N. Watson

Bio
Lauren is a member of the firm’s Privacy & Data Security practice group. She dedicates her practice to assisting clients with matters including data security incident response, data breach notification, preparation of privacy policies and notices, negotiation of data protection agreements, and compliance with all aspects of privacy and data security laws and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), Telephone Consumer Protection Act (TCPA), and Truth in Caller ID Act, as well as other state and federal laws regulating the collection, storage, use, sharing, and protection of personal information. Lauren also has experience with biometric privacy laws, including the Illinois Biometric Information Privacy Act (BIPA) and the Texas Capture or Use of Biometric Identifier Act (CUBI), as well as comprehensive privacy laws such as the EU’s General Data Protection Regulation (GDPR), California Consumer Privacy Act of 2018 (CCPA), California Privacy Rights Act (CPRA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), Connecticut Data Privacy Act (CTDPA), and Utah Consumer Privacy Act (UCPA).
Lauren received both her J.D. and B.A. in Political Science and History, with distinction, from the University of North Carolina at Chapel Hill. During law school, Lauren served as a Senior Staff Editor with the North Carolina Journal of International Law and earned American Jurisprudence Awards in both Cybersecurity Law and International Law Foundations. Prior to joining the firm, Lauren spent several years practicing civil litigation at a firm in Oklahoma City.
Lauren is admitted to practice in North Carolina, Oklahoma, and Washington, D.C.
- International Association of Privacy Professionals
- Assisted Fortune 500 pharmacy chain with respect to data breach obligations stemming from an incident involving customers in all 50 states and overseas.
- Drafted HIPAA Security and Privacy Policies for healthcare consulting firm.
- Advised global technology company regarding compliance with data localization laws.
- Drafted and negotiated data protection agreements for clients in a variety of industries incorporating the European Commission’s revised Standard Contractual Clauses as well as the UK International Data Transfer Addendum to the EU Commission Standard Contractual Clauses.
- Advised client considering expansion in the health and wellness industry regarding the formation of an organized health care arrangement.
- Participated in HIPAA security assessments and risk analyses for covered entities and business associates.
Recent posts from our privacy and data security blog, Practical Privacy.
- Déjà Vu All Over Again: The CPPA Releases Draft Regulations on Cybersecurity Audits and Risk Assessments (Part 2 of 2)
- Déjà Vu All Over Again: The CPPA Releases Draft Regulations on Cybersecurity Audits and Risk Assessments (Part 1 of 2)
- Privacy at the Crossroads of America: Indiana Becomes the Seventh State to Pass a Comprehensive Privacy Law
- One-Two Punch: Lessons from the Irish DPC’s WhatsApp Decision
- No COPPA Outs: The FTC Casts its Eye on Educational Technology Tools
- “The New Trojan War: Defensive Cybersecurity and the Need for Offensive Measures,” paper presented at the 8th Annual Strategic Studies Symposium, National Defense University College, Ft. Bragg, NC (May 2018).