919.882.7123
sfernandes@wyrick.com
Bio
Sean is a member of the firm’s Privacy & Data Security practice group. He counsels clients on legal requirements regarding privacy, data security, and data protection applicable to their businesses. He has experience with a variety of federal, state, and foreign privacy and data security laws and regulations, including biometric privacy laws such as the Illinois Biometric Information Privacy Act (BIPA), the California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act (CPRA), CAN-SPAM, the Colorado Privacy Act (CPA), the EU ePrivacy Directive and General Data Protection Regulation (GDPR), the Fair Credit Reporting Act (FCRA), the Federal Educational Rights and Privacy Act (FERPA), the Gramm-Leach-Bliley Act (GLBA), HIPAA, state data breach notification laws, the Stored Communications Act, the Video Privacy Protection Act (VPPA), the Virginia Consumer Data Protection Act (CDPA), and the Wiretap Act. Sean has significant experience guiding clients through responses to security incidents and data breaches, including responses to regulatory investigations into data breaches, drafting privacy policies and notices, creating and advising on the administration of privacy and security compliance programs, drafting and negotiating privacy and security contracts, and advising on privacy and data security issues in M&A transactions. Sean holds a CIPP/US certification from the International Association of Privacy Professionals (IAPP).
Sean received his J.D. from the University of Chicago Law School, where he was a Victor McQuistion scholar. Sean received his B.A. in Anthropology, with honors and distinction, from the University of North Carolina at Chapel Hill. Before joining the firm, Sean practiced in the privacy & data security and commercial litigation groups at a regional North Carolina firm.
Sean frequently writes on privacy, data security, and data protection matters. Visit our privacy law blog to read his take on current data privacy-related events.
- Listed among North Carolina Super Lawyers – Rising Star (2020-2022)
- Chapter Chair, IAPP Raleigh-Durham KnowledgeNet
- Member, Dix Park Community Committee
- Mentor, Leadership Council on Legal Diversity
- Member, North Carolina State Bar
- Member, North Carolina State Bar Association Privacy & Data Security Committee
- Member, Wake County Bar Association
- Advised national pharmacy client on responding Office for Civil Rights (OCR) investigations into HIPAA compliance.
- Drafted information security and HIPAA policies and procedures for healthcare startup.
- Advised multiple portfolio companies of private equity firm on California Consumer Privacy Act compliance.
- Negotiated privacy and security purchase agreement provisions in acquisition of an international consumer research platform.
- Advised national financial institution on multistate data breach response and subsequent regulatory inquiries.
- Negotiated data protection addenda and business associate agreements for global companies.
- Advised educational institution on compliance with General Data Protection Regulation and ePrivacy Directive.
- Drafted privacy policy for local technology startup.
- Certified Information Privacy Professional, U.S. (CIPP/US), International Association of Privacy Professionals (IAPP), 2017-Present
Recent posts from our privacy and data security blog, Practical Privacy.
- Special (Category) Edition: CJEU Adopts Broad Interpretation of “Special Categories” of Personal Data Under GDPR
- Def-Conn 5: Connecticut Becomes the Fifth State to Adopt a General Privacy Law
- Four and Counting: Utah on Verge of Becoming the Fourth State to Adopt a Comprehensive Consumer Privacy Law
- App-etite for Notification: FTC Says “Welcome to the Jungle” to Mobile Health App Developers in Policy Statement on Health Breach Notification Rule
- Worth the Wait? Key Takeaways from California Attorney General CCPA Enforcement Case Summaries
- The Short Arm of GDPR? UK Court Decision Analyzes Application of GDPR to US-based Company
- The Virginia Consumer Data Protection Act: Top 7 Things to Know Right Now
- HIPAA for the Holidays: How OCR’s December HIPAA Notice of Proposed Rulemaking Could Impact Covered Entities
- Fifth Time’s the Charm? Overview of the Latest Proposed CCPA Regulation Modifications
- EU-US Data Transfers Under Fire: The CJEU’s Schrems II Decision
- Some Restrictions Apply: Limits and Risks of OCR’s COVID-19 Notifications of HIPAA Enforcement Discretion
- Get Lost: Geolocation Privacy Claims Against Google Dismissed
- Unplug Social Media? How CJEU’s Fashion ID Ruling Could Affect Your Website
- Where Are We Now?: The CCPA 9 (Or So) Months In; Moderator; IAPP Raleigh-Durham KnowledgeNet; Raleigh, NC; September 23, 2020
- Proposed Overhaul of North Carolina Security Breach Notification Law Would Make It One of the Toughest in the Nation, April 17, 2019
- 2018 Actions Show North Carolina Attorney General Emerging as Leading Privacy Enforcer, Client Alert, January 2019
- “Ohio Law Creating Affirmative Defense in Data Breach Litigation Takes Effect,” ABA Litigation Section Privacy & Data Security Committee, November 2018
- "Supreme Court Addresses Stored Communications Act Cases," ABA Litigation Section Privacy & Data Security Committee, July 2018
- Data Breach Response: Practical Tips for Reducing Litigation Risk; Presenter; Annual Meeting of the North Carolina Association of Defense Attorneys, Hilton Head Island, SC, June 16, 2018
- The Inside Job: Cybersecurity, Trade Secret Protection, and Departing Employee Data Theft; Panelist; Association of Corporate Counsel-Research Triangle Area Chapter, Cary, NC, May 16, 2018
- "Supreme Court Hears Oral Argument on Stored Communications Act Cases," ABA Litigation Section Privacy & Data Security Committee, March 2018
- eDiscovery: Strategies for Privacy and Data Security Risk Management; Presenter; Wake County Bar Association Young Lawyers’ Division CLE, Raleigh, NC, February 1, 2018
- "Strategies for Drafting and Negotiating Non-Disclosure Agreements," TYL, ABA Young Lawyers Division, January 2018
- "WannaComply? OCR’s Application of HIPAA’s Breach Notification Rule to Ransomware Attacks," Elon Business Law Journal, December 2017
- "Supreme Court to Address Significant Stored Communications Act Cases," ABA Litigation Section Privacy & Data Security Committee, August 2017
- "Spies in the Skies? D.C. Circuit Invalidates Drone Registration Rule," ABA Litigation Section Privacy & Data Security Committee, June 2017
- "Treble Damages for TCPA Violations in Kraukauer v. Dish Network, L.L.C.," ABA Litigation Section Privacy & Data Security Committee, June 2017
- "Strategies for Managing Privacy and Data Security Risk in Vendor Engagements," The Inside Scoop, Corporate Counsel Section, North Carolina Bar Association, April 2017
- “Tips for Smart Privacy Practices from Smart TV Settlement,” ABA Litigation Section Privacy & Data Security Committee, March 2017
- “Fourth Circuit Weighs In On Data Breach Standing,”ABA Litigation Section Privacy & Data Security Committee, February 2017
- “Regulatory Guide-Freeing Energy Data,” Energy Policy Institute at the University of Chicago, June 2016
