Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi Team).
Data Privacy and Cybersecurity Compliance
Linn is nationally ranked in CHAMBERS USA: America's Leading Lawyers for Business in the area of Privacy Law, where her clients have reported “She travels to the end and back for her clients.” She helps clients comply with all state and federal data privacy and security laws and regulations, and she counsels them on state and federal data privacy and security investigations. Linn currently serves as general counsel to the Rhode Island Quality Institute, a not for profit organization that administers one of the first statewide health information exchanges.
Linn advises companies and organizations on best practices for the collection, maintenance, and sharing of high-risk data, to help avoid breaches and cyber intrusions. She assists with data mapping and development of privacy and security plans. She helps clients comply with constantly evolving, industry-specific privacy and data protection regulatory requirements, including TCPA, COPPA, FCRA, FERPA, HIPAA, CalOPPA, the Gramm- Leach Bliley Act and state specific laws and regulations.
Linn also assists clients with safe harbor applications and Written Information Security Plans (WISPs). She provides guidance regarding privacy and data protection implications associated with the deployment of mobile communication and data storage technologies, mobile applications, and location-based services. She works with clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, and social media policies, practices and procedures.
Linn has given presentations around the country on data privacy and cybersecurity, and she writes extensively on these topics, including for the firm’s Data Privacy + Security Insider and Health Law Diagnosis blogs.
Data Breach Preparedness and Emergency Response
Linn assists clients with data breach preparedness, including assisting with vendor choice and pre-negotiating contracts for forensic, notification, and call center services. She also assists with the development and training of data breach response teams. If there is a data breach, Linn assists with all related response, notification, remediation, coordination, and litigation. She is well-versed in helping clients with post-breach investigations by the Federal Trade Commission, the U.S. Office for Civil Rights, and state attorney general offices.
Privacy and Class Action Litigation and Enforcement
If a data breach or privacy issue results in litigation or an enforcement action, Linn works with clients to resolve the matter through the court system or before federal or state regulatory agencies. She is presently assisting a hospital system in a data breach class action lawsuit, which is on appeal after dismissal on Summary Judgment. She also represents various companies in privacy litigation matters around unauthorized access, use or disclosure of personally identifiable and health information and in retrieving the unauthorized transfer of data from companies by employees. Linn is a former Assistant Attorney General for the State of Rhode Island and works with the AGs of multiple states around compliance and enforcement actions involving data breaches and data security.
Linn has extensive experience helping clients with HIPAA compliance. She regularly assists with HIPAA compliance programs and employee awareness training, cybersecurity in relation to patient portals, and data use and sharing agreements for health information exchanges.
She has deep experience helping clients defend enforcement actions by the Office for Civil Rights of the Department of Health and Human Services.
Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm's Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General's Office for the State of Rhode Island.