University of Minnesota Law School, J.D., magna cum laude, 2009
The Ohio State University, B.S., Computer Science Engineering, cum laude, 2006
Minnesota Supreme Court
U.S. District Court, D. Minn.
U.S. District Court, D. Colo.
U.S. District Court, E.D. Tex.
U.S. Patent & Trademark Office, 2010
As a shareholder at Winthrop & Weinstine, I focus on the intersection of law and technology. With more than 10 years of experience in data privacy, cybersecurity, and intellectual property matters, I take a practical and solution-oriented approach to helping my clients navigate complex legal issues in a way that meets their business needs. My background in computer engineering further enables me to develop a deep understanding of the relevant technology, and then apply that understanding to create the best available outcome for my clients. I also serve as Data Protection Officer for a number of companies, and routinely advise boards of directors and C-suite executives on various technology-related legal issues. I currently serve as cochair of the Minneapolis/St. Paul chapter of the International Association of Privacy Professionals, and am a regular speaker and author on data privacy and security topics.
Practicing Data Privacy & Security
I use a practical, business-driven strategy to advise clients on a variety of comprehensive data privacy and cybersecurity matters. I have managed responses to dozens of data breaches, both large and small, and guide my clients through complex and ever-changing data privacy legislation, both domestic and international. I represent clients in a broad range of information-driven and technology-focused industries, including healthcare, finance and banking, computer hardware and software, medical devices, and emerging technologies. My computer engineering background helps me assist my clients with a wide range of data privacy, cybersecurity, and technology legal issues, including:
Leading teams in data breach incident response, including data breach planning, mitigation, and reporting
Monitoring changes in relevant law or judicial decisions, and providing advice and compliance suggestions according to those changes
Data privacy contracting with clients and third party vendors
Assisting with and conducting Data Privacy Impact Assessments (DPIA)
Performing periodic data privacy and protection audits, and associated reports
Reviewing and maintaining compliance documentation
Handling and responding to data subject rights requests
Maintaining current privacy and data handling policies, both internally and externally
Providing employee data privacy training and awareness
Providing advice in response to privacy concerns that may arise
Advised healthcare and financial governmental organizations on data privacy, including on international policy
Represented client in strategic response to U.S. Congressional inquiries and investigations regarding data protection and privacy matters.
Advised clients in connection with a business email compromise scam and wire fraud, including data breach investigation and remediation, as well as interfacing with law enforcement.
Advised numerous clients in the healthcare and medical device industry on the data privacy and security implications of collecting and processing protected health information.
Advised numerous financial institutions and FinTech companies on insurance and consumer financial privacy laws, including data breach response planning.
Managed data breach response following global hacking event of payment processing vendor that implicated PCI data of millions of data subjects.
Represented a big data client following a vendor breach of sensitive employee data, including handling data subject notification and negotiations with vendor which resulted in a settlement that included all of the client’s costs including attorneys’ fees.
Developed GDPR data privacy and protection compliance regimes for more than 25 companies.
Advised several clients on compliance with the California Consumer Privacy Act of 2018 (CCPA), including preparing gap analyses, developing remediation plans, and leading compliance implementation projects.
Advised receiver for healthcare company in litigation involving protected health information in compliance with HIPAA and the Minnesota Health Records Act.
Routinely advise on data privacy and cybersecurity due diligence in mergers & acquisitions transactions.
Serve as Data Protection Officer for several technology and big data companies.
Represented clients before international data privacy authorities, including the Information Commissioner’s Office (UK) and the Office of the Privacy Commissioner (Canada) with regard to their federal data privacy laws.
Advised clients on cybersecurity insurance and assist with quantitative cyber-risk analysis.
Advised numerous multinational clients on EU-US Privacy Shield certification procedures and related issues.
Practicing Intellectual Property Litigation
I use my expertise in both intellectual property law and complex technology to help companies of all sizes effectively protect and manage their creative assets. I am both an experienced litigator and registered patent attorney, and provide a wide range of services, including intellectual property litigation, patent prosecution, portfolio management, licensing, and corporate due diligence. I have a degree in computer engineering, and regularly draw on my real-world knowledge and experience in representing clients in a broad range of information-driven and technology-focused industries, including computer hardware and software, medical devices, pharmaceuticals, emerging technologies, and other areas.
STAR CO Ranger Digital, LLC v. Microsoft Corporation et al. (E.D. Tex.): Represented defendant Imation in action relating patent relating to portable operating systems; obtained dismissal with prejudice.
Schwendimann v. Arkwright Advanced Coating, Inc. (D. Minn.): Represented patent plaintiff involving patents directed to image transfer sheets; won a jury verdict of willful infringement.
Spectralytics, Inc. v. Cordis Corporation and Norman Noble, Inc. (D. Minn.; Fed. Cir.): Represented plaintiff Spectralytics in patent infringement matter relating to patents on cardiovascular stents; successfully overturned district court denial of enhanced damages, and won enhanced damages award on remand.
NeoMedia Technologies, Inc. v. Target Corporation (D. Colo.): Represented defendant Target against patent infringement claims relating to Quick Response (QR) code technology; obtained favorable settlement and dismissal.
NovelPoint Security LLC v. Imation Corp. (E.D. Tex.) Represented defendant Imation in action involving patent related to encrypted storage drives; obtained favorable settlement after moving to dismiss lawsuit.
PanTaurus LLC v. Imation Corp. (E.D. Tex.): Represented defendant Imation in patent infringement action related to encrypted storage drives; obtained favorable settlement and dismissal.
Safe Storage LLC v. Nexsan Corp. (D. Del.): Represented defendant Nexsan in action relating to patent directed to RAID storage area networks; obtained favorable settlement and dismissal.
ThinkOptics v. Nintendo of America et al. (E.D. Tex.): Represented defendant Imation in patent infringement action accusing Nintendo Wii™ controller technology; obtained favorable settlement and dismissal.
Also experienced in
Patent Law & Prosecution
Technology & Intellectual Property Transactions
Honors & Awards
Minnesota Super Lawyers®, 2013-2019
Associations & Memberships
American Bar Association
Federal Bar Association
Minnesota State Bar Association
Minnesota Intellectual Property Law Association
American Intellectual Property Law Association
International Association of Privacy Professionals
Communications sent to Winthrop & Weinstine via e-mail may not be secure, do not create an attorney/client relationship, are not and should not be considered to be confidential and may not be protected by attorney/client privilege. We will not take any action in response to your e-mail unless and until we have expressly agreed to be engaged by you, which is typically done in writing. If you are looking for legal representation, you should contact us by phone.
If you understand and agree with these terms, please click on the "I Agree" button to send us an email. Otherwise, please click "Cancel."