Heather Sussman > Ropes & Gray LLP > Boston, United States > Lawyer Profile

Ropes & Gray LLP
800 BOYLSTON STREET
BOSTON, MA 02199
United States

Position

Heather Egan Sussman is a partner and co-head of the Privacy and Cybersecurity Practice Group, based in Ropes & Gray’s Boston office. Her practice focuses on privacy, cybersecurity and information management, and she is ranked by Chambers USA and The Legal 500 United Statesas a leader in her field.

Heather routinely guides clients through the existing patchwork of U.S. federal and state laws, including FCRA, ECPA, TCPA, HIPAA, CAN-SPAM, GLBA and California’s Online Privacy Protection Act, state breach notification laws, state information security laws, as well as existing self-regulatory frameworks, including those covering online advertising and payment card processing. She manages teams of talented local counsel around the world to deliver seamless advice for clients that operate across many jurisdictional lines, developing comprehensive privacy and cybersecurity programs that address competing regulatory regimes.  She drafts online privacy policies for global rollout and implements data transfer mechanisms for the free flow of data worldwide.

https://www.ropesgray.com/en/biographies/s/heather-egan-sussman

Lawyer Rankings

United States > Media, technology and telecoms > Cyber law (including data privacy and data protection)

In January 2019, the ‘unusually skilled litigatorDouglas MealHeather SussmanMichelle Visser and Seth Harrington joined Orrick, Herrington & Sutcliffe LLP from Ropes & Gray LLP. Sussman leads the newly launched Boston office, which also includes Meal and Harrington; Visser is based in San Francisco. Aravind Swaminathan, who is based in Seattle and co-heads the practice with Washington DC’s Antony Kim, has been advising the City of Seattle on data privacy and security matters, including data sharing restrictions, protection of law enforcement and sensitive information, public records management requiring technical cyber intelligence as well as the privacy ramifications of new technologies. The team has also acted successfully for Microsoft in a dispute against the US Government, in which the latter’s ability to obtain emails stored on servers in Ireland was challenged.

Ropes & Gray LLP’s areas of strength include privacy and security compliance, data breaches and intrusions, investigation defense and settlement negotiations as well as the development and implementation of corrective action plans. The practice is headed by Boston’s Marc Szpak, whose team has been assisting fast-food restaurant chain Arby’s against all third-party claims arising from a security breach which targeted customers’ payment card data. Other highlights included advising Nationwide Mutual Insurance Group on a 2012 cyber attack which has generated a number of class actions against the client. Marc Barnes and Deborah Gersh (from Boston and Chicago respectively) are recommended for healthcare work, while Boston’s Richard Batchelder is the name to note for litigation. In January 2019, Heather Sussman, Douglas Meal, Michelle Visser and Seth Harrington joined Orrick, Herrington & Sutcliffe LLP.