Ryan Logan is a special counsel in S&C’s General Practice Group and a member of the Firm’s Cybersecurity Group and Intellectual Property & Technology Transactions Group. His practice focuses on complex, cross-border data privacy and cyber breach matters, including compliance with state, federal and international privacy laws, regulations and requirements. These include the California Consumer Privacy Act (CCPA) and other state privacy laws, EU General Data Protection Regulation (GDPR), New York Department of Financial Services’ Cybersecurity Regulations, Gramm-Leach-Bliley Act (GLB), Children’s Online Privacy Protection Act, Health Insurance Portability and Accountability Act of 1996 (HIPAA), Fair Credit Reporting Act (FCRA) and CAN-SPAM. Ryan also advises clients on all facets of data breach preparedness, response and remediation, including regulatory investigations; and develops records management policies and retention schedules.
Ryan has represented clients from a wide range of industries, including financial services, pharmaceutical, healthcare, life sciences, technology, automotive, industrial services, energy, and consumer and retail. His knowledge of clients’ businesses and the evolving privacy landscape enables him to effectively guide clients through the full range of data privacy and security issues. His experience includes advising on privacy and security issues and provisions in connection with mergers, acquisitions and joint ventures; developing privacy and information security notices, policies and procedures, and risk assessments; providing product and strategic counseling with respect to privacy and data analytics; developing cross-border data transfer compliance strategies; negotiating privacy and information security agreements, including complex outsourcing agreements; and advising on employee privacy issues including employee monitoring, geolocation tracking and return-to-work programs.
Ryan is a member of the International Association of Privacy Professionals.
Speaking Engagements and Publications
- Co-author, “U.S. Financial Sector – Cybersecurity,” Data Guidance (June 4, 2021)
- Co-author, “Navigating Privacy and Data Security Issues in M&A and Other Transactions,” Bloomberg Law (June 20, 2019)
- Panelist, “Data Protection for Vendors: Practical Considerations for a Shifting Regulatory Environment,” Goldman Sachs 2017 Vendor Forum (March 29, 2017)
- Presenter, “Telephone Consumer Protection Act,” Retail Industry Leaders Association Privacy Leaders Council (November 18, 2016)
- Presenter, “The Legal Ramifications of Cybersecurity Attacks and Data Breaches,” Cybersecurity Conference 2016: SOX Controls and Disclosures, Hidden Threats, Risks & Costs (September 29, 2016)
- Co-author, “How to Safeguard Privacy and Data Security in Corporate Transactions,” Corporate Counsel (February 22, 2016)
- Contributor, “Industry Experts Report: What Every CISO Needs to Know about Cyber Insurance, Symantec White Paper (2015).
- Co-author, “Preventive Measures: Records and Information Management Companies Need to Take Steps to Comply with the Newly Adopted HIPAA Omnibus Rule,” Storage & Destruction Business Magazine (March/April 2013)
- Co-author, “HITECH Breaches: A How-To Guide,” BNA’s Health Law Reporter and Privacy & Security Law Report (January 24, 2013)