Nationally ranked in Chambers USA in Privacy & Data Security since 2012 and globally since 2019, Linn Freedman is a leader in the field of privacy and cybersecurity law. Her clients have said that Linn “is a great lawyer, focused on understanding the client and the business” and “is very responsive, pragmatic and very good to work with," “travels to the end and back for her clients,” and has "extraordinary integrity and a great mind for creativity, while still adhering to regulatory compliance."
Linn is chair of our firm’s Data Privacy + Cybersecurity practice and of the Artificial Intelligence Team. She focuses on compliance with state and federal data privacy and security laws and regulations, emergency data breach response, mitigation and complex litigation. She counsels clients on state and federal investigations and enforcement actions. She has a particular focus on health information technology and has assisted clients with navigating laws governing the access, use and disclosure of protected health information and substance use disorder information and HIPAA compliance.
Data Privacy + Cybersecurity Compliance
As a Certified Information Privacy Professional, Linn helps clients comply with all state and federal data privacy and security laws and regulations, and counsels them on investigations and enforcement actions.
Linn advises companies and organizations on best practices for the collection, maintenance, and sharing of high-risk data, to help avoid breaches and cyber intrusions. She assists with data mapping and development of privacy and security plans. She helps clients comply with constantly evolving, industry-specific privacy and data protection regulatory requirements in a rapidly changing area of law.
Linn also assists clients with data security regulatory requirements, including implementing Written Information Security Plans (WISPs). She provides guidance regarding privacy and data protection implications associated with the deployment of communication and data storage technologies, mobile applications, location-based services, and risks associated with the use of artificial intelligence. She works with clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, social media policies, practices and procedures, assessing risk with tracking and pixel technology, and AI governance programs.
Linn has given presentations around the country on data privacy and cybersecurity, and she writes extensively on these topics, including for the firm’s Health Law Diagnosis and Data Privacy + Cybersecurity Insider blogs. The widely-recognized Insider blog has received multiple Readers Choice Awards distinction from JD Supra and featured in FeedSpot's "100 Best Infosec Blogs and Websites in 2025."
Security Incident + Data Breach Preparedness + Emergency Response
Linn assists clients with data breach preparedness, including assisting with vendor choice and pre-negotiating contracts for forensic, notification, and call center services. She also assists with the development and training of data breach response teams. If there is a security incident or data breach, Linn assists with all related investigation, negotiation, response, notification, remediation, coordination, and litigation. She has extensive experience with responding to security incidents, including ransomware attacks and business email compromise incidents. She is well-versed in helping clients with post-breach investigations by state and federal authorities. She also provides live, hands on security incident tabletop exercises for clients.
Privacy + Class Action Litigation + Enforcement
If a data breach or privacy issue results in litigation or an enforcement action, Linn works with clients to resolve the matter through the court system or before federal or state regulatory agencies. She also represents various companies in privacy litigation matters around unauthorized access, use or disclosure of personally identifiable and health information and in retrieving the unauthorized transfer of data from companies by employees. She represents companies responding to website pixel litigation. Linn is a former Assistant Attorney General for the State of Rhode Island and works with the AGs of multiple states around compliance and enforcement actions involving data breaches and data security.
HIPAA Compliance
Linn has extensive experience helping clients with HIPAA compliance. She regularly assists with HIPAA compliance programs and employee awareness training, cybersecurity in relation to websites and online portals, and data use and sharing agreements for health information exchanges.
She has deep experience helping clients defend enforcement actions by the Office for Civil Rights of the Department of Health and Human Services.
Linn is an Adjunct Professor of Law at Roger Williams University School of Law and a former Adjunct Professor in Brown University’s Executive Masters of Cybersecurity Program. Prior to joining our firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm's Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General's Office for the State of Rhode Island.
