
Bio
Sean is a member of the firm’s Privacy & Data Security practice group. He counsels clients on the legal requirements and risks associated with the collection, storage, use, protection, and disposal of data in their businesses. He has experience with a variety of international, federal, and state privacy and data security laws and regulations, including the Fair Credit Reporting Act (FCRA), the EU General Data Protection Regulation (GDPR), the Gramm-Leach-Bliley Act (GLBA), HIPAA, state data breach notification laws, the Stored Communications Act, the Video Privacy Protection Act (VPPA), and the Wiretap Act. Sean has experience guiding clients through responses to security incidents and data breaches, drafting privacy policies and notices, creating and administering privacy and security compliance programs, and addressing privacy and data security issues in transactional matters, including privacy and security due diligence and contract negotiation.
Sean received his J.D. from the University of Chicago Law School, where he was a Victor McQuistion scholar. Sean received his B.A. in Anthropology, with honors and distinction, from the University of North Carolina at Chapel Hill. Before joining the firm, Sean practiced in the privacy & data security and commercial litigation groups at a North Carolina firm.
Sean writes extensively on privacy matters. Visit our privacy law blog to read his take on current data privacy-related events.
- Listed among North Carolina Super Lawyers Health Care – Rising Star (2020, 2021)
- American Bar Association Litigation Section Privacy & Data Security Committee
- International Association of Privacy Professionals
- North Carolina State Bar
- North Carolina State Bar Association Privacy & Data Security Committee
- Wake County Bar Association
- Advised national pharmacy client on responding Office for Civil Rights (OCR) investigations into HIPAA compliance.
- Drafted information security and HIPAA policies and procedures for healthcare startup.
- Advised multiple portfolio companies of private equity firm on California Consumer Privacy Act compliance.
- Negotiated privacy and security purchase agreement provisions in acquisition of an international consumer research platform.
- Advised national financial institution on multistate data breach response and subsequent regulatory inquiries.
- Negotiated data protection addenda and business associate agreements for global companies.
- Advised educational institution on compliance with General Data Protection Regulation and ePrivacy Directive.
- Drafted privacy policy for local technology startup.
- Certified Information Privacy Professional, U.S. (CIPP/US), International Association of Privacy Professionals (IAPP), 2017-Present
Recent posts from our privacy and data security blog, Practical Privacy.
- The Short Arm of GDPR? UK Court Decision Analyzes Application of GDPR to US-based Company
- The Virginia Consumer Data Protection Act: Top 7 Things to Know Right Now
- HIPAA for the Holidays: How OCR’s December HIPAA Notice of Proposed Rulemaking Could Impact Covered Entities
- Fifth Time’s the Charm? Overview of the Latest Proposed CCPA Regulation Modifications
- EU-US Data Transfers Under Fire: The CJEU’s Schrems II Decision
- Some Restrictions Apply: Limits and Risks of OCR’s COVID-19 Notifications of HIPAA Enforcement Discretion
- Get Lost: Geolocation Privacy Claims Against Google Dismissed
- Unplug Social Media? How CJEU’s Fashion ID Ruling Could Affect Your Website
- Proposed Overhaul of North Carolina Security Breach Notification Law Would Make It One of the Toughest in the Nation, April 17, 2019
- 2018 Actions Show North Carolina Attorney General Emerging as Leading Privacy Enforcer, Client Alert, January 2019
- “Ohio Law Creating Affirmative Defense in Data Breach Litigation Takes Effect,” ABA Litigation Section Privacy & Data Security Committee, November 2018
- "Supreme Court Addresses Stored Communications Act Cases," ABA Litigation Section Privacy & Data Security Committee, July 2018
- The Inside Job: Cybersecurity, Trade Secret Protection, and Departing Employee Data Theft; Panelist; Association of Corporate Counsel-Research Triangle Area Chapter, Cary, NC, May 16, 2018
- "Supreme Court Hears Oral Argument on Stored Communications Act Cases," ABA Litigation Section Privacy & Data Security Committee, March 2018
- eDiscovery: Strategies for Privacy and Data Security Risk Management; Presenter; Wake County Bar Association Young Lawyers’ Division CLE, Raleigh, NC, February 1, 2018
- "Strategies for Drafting and Negotiating Non-Disclosure Agreements," TYL, ABA Young Lawyers Division, January 2018
- "WannaComply? OCR’s Application of HIPAA’s Breach Notification Rule to Ransomware Attacks," Elon Business Law Journal, December 2017
- "Supreme Court to Address Significant Stored Communications Act Cases," ABA Litigation Section Privacy & Data Security Committee, August 2017
- "Spies in the Skies? D.C. Circuit Invalidates Drone Registration Rule," ABA Litigation Section Privacy & Data Security Committee, June 2017
- "Treble Damages for TCPA Violations in Kraukauer v. Dish Network, L.L.C.," ABA Litigation Section Privacy & Data Security Committee, June 2017
- "Strategies for Managing Privacy and Data Security Risk in Vendor Engagements," The Inside Scoop, Corporate Counsel Section, North Carolina Bar Association, April 2017
- “Tips for Smart Privacy Practices from Smart TV Settlement,” ABA Litigation Section Privacy & Data Security Committee, March 2017
- “Fourth Circuit Weighs In On Data Breach Standing,”ABA Litigation Section Privacy & Data Security Committee, February 2017
- “Regulatory Guide-Freeing Energy Data,” Energy Policy Institute at the University of Chicago, June 2016
- Data Breach Response: Practical Tips for Reducing Litigation Risk; Presenter; Annual Meeting of the North Carolina Association of Defense Attorneys, Hilton Head Island, SC, June 16, 2018