small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
Site Search

Professionals 9 results

Alessandra Swanson
Alessandra Swanson
Partner
Email
vCard

Partner

    Joanna Kerpen
    Joanna Kerpen
    Partner
    Email
    vCard

    Partner

      Amy Gordon
      Amy Gordon
      Partner
      Email
      vCard

      Partner

        View All Professionals

        Capabilities 11 results

        Practice Area

        Privacy & Data Security

        Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core team of privacy professionals and is bolstered by more than 40 attorneys from a variety of other disciplines firmwide. Our team combines compliance counselors, transactional lawyers, former government regulators and federal prosecutors, seasoned investigators, and experienced litigators. Few firms can rival our in-depth, sophisticated, and integrated experience in this area....Read more

        Industry

        Healthcare

        Industry

        Development & Protection of AI Technologies

        Our Intellectual Property (IP) and Privacy teams work closely together to counsel clients in building, protecting, and commercializing proprietary AI technologies and data; the use of third party or open source AI technologies and data; and the implications that these activities may have under privacy laws....Read more

        Insights & News 94 results

        Benefits Blast

        |

        February 3, 2026

        |

        3 Min Read

        Group Health Plans Must Update HIPAA Notices by February 16 to Address New SUD Privacy Rules

        Covered entities, including group health plans, must update and distribute their Health Insurance Portability and Accountability Act of 1996 (HIPAA) Notice of Privacy Practices (NPP) by February 16, 2026, to comply with new rules for handling substance use disorder ) records.

        News

        |

        August 4, 2025

        |

        3 Min Read

        Key Takeaways from Winston’s Fifth Annual Health Care & Life Sciences Summit

        Winston & Strawn was pleased to host its fifth annual Health Care & Life Sciences Summit. This year’s event brought together clients, colleagues, and industry leaders for an afternoon of insightful discussions, networking, and perspectives on the shifting dynamics across the health care and life sciences sector....Read more

        Client Alert

        |

        March 28, 2025

        |

        3 Min Read

        HHS Announces Major Restructuring and Workforce Reductions

        On March 27, 2025, citing priorities to reduce agency budget costs and eliminate redundancy among sub-agencies, the U.S. Department of Health and Human Services (HHS) announced that it would be undergoing a significant restructuring, including cutting 20,000 jobs largely from public health agencies. 

        View All Insights & News

        Other Results 17 results

        Site Content

        What Is Healthcare Security Law?

        The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established U.S. regulations to protect the privacy and security of individual health information. The healthcare security law creates these specific protections through both the HIPAA Privacy Rule and the HIPAA Security Rule. The Privacy Rule has set national standards for the protection of certain types of health information. The Security Rule established security standards for protecting consumers’ health information that is stored or transferred electronically. The healthcare Security Rule outlines the operational safeguards that organizations must implement to keep protected electronic health information secure....Read more

        Site Content

        What Is Healthcare Privacy Law?

        Today, healthcare privacy law is driven by the 1996 Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. This federal privacy rule establishes protections for specific patient health information. Healthcare plans, clearinghouses, and providers are subject to the law....Read more

        Law Glossary

        What Is Data Breach and Data Security Law?

        Within 48 U.S. states and the District of Columbia, data breach and data security laws require organizations and government agencies to provide notifications of security breaches when they involve personally identifiable information. Companies may also be required by state data breach laws to act to minimize the effects of a breach. The FTC can investigate companies that do not adhere to their stated privacy policies and do not have safeguards to protect customer data, but no broad federal law exists regarding breach notifications. However, these U.S. data security laws and government agency rules are enforced:...Read more
        Logo
        facebookinstagramlinkedintwitteryoutube

        Copyright © 2026. Winston & Strawn LLP

        AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising