After the Data Breach

An interview with Michelle A. Reed

In the digital era, the specter of data breaches looms large for businesses, presenting a complex challenge that intertwines cybersecurity with complex legal obligations. As businesses grapple with the dual threats of sophisticated cyber-attacks and the labyrinthine regulations governing data protection, Michelle Reed, a cybersecurity law expert at Paul Hastings provides a timely exploration of this landscape. Reed walks through some of the challenges raised by overlapping cybersecurity laws and reporting obligations, a task that has become as crucial as it is daunting.

Reed takes us through a number of common challenges that companies face after a data breach and then explores some of the obligations under various data privacy laws.  From the European Union's General Data Protection Regulation (GDPR), known for its consent requirements and fines, to the United States' sector-specific Graham-Leach-Bliley Act (GLBA) and the burgeoning state laws like the California Consumer Privacy Act (CCPA), the legal requirements of a company operating across jurisdictions can be complex. This regulatory mosaic not only challenges organizations to maintain robust data protection practices but also to remain agile in their legal strategies when breaches occur. Reed underscores the significance of understanding these diverse legal landscapes, pointing out that the cost of non-compliance can extend beyond financial penalties to include reputational damage, contractual defaults, and consumer distrust.

Yet, amidst this complexity, Reed offers guidance. She emphasizes the importance of proactive preparation, including the development of comprehensive incident response plans and the strategic implementation of data retention policies that align with legal standards. At a time when AI threatens a new wave of cyberattacks and governments around the world intensify their focus on data protection, Reed's insights can prove an indispensable resource for legal professionals and business leaders alike.


  • Attorney CLE accreditation 

Professor Shyam Balganesh discusses AI Models & Copyright Battles
AI Models & Copyright Battles
Michelle A. Reed discusses Cyber Defense: Private Funds & Banks
Cyber Defense: Private Funds & Banks
Michelle A. Reed discusses Cyber Defense: Private Funds & Banks (Part 2)
Cyber Defense: Private Funds & Banks (Part 2)
Ira Kustin and Sherrese Smith discusses Cyber Risk at Private Funds
Cyber Risk at Private Funds
Prof. Naomi R. Cahn discusses Digital Asset Planning
Digital Asset Planning
Judge Andrew Napolitano discusses Domestic Spying and the NSA
Domestic Spying and the NSA
James Anderson discusses Driverless Cars—A Shift in Risk
Driverless Cars—A Shift in Risk
Prof. Nadine Strossen discusses Free Speech in a Social Media World
Free Speech in a Social Media World
Prof. Jeffrey Rosen discusses Government Surveillance: Privacy & Technology
Government Surveillance: Privacy & Technology
Prof. Neil Richards discusses Human Information Privacy
Human Information Privacy
Prof. Neil Richards discusses Human Information Privacy (Part 2)
Human Information Privacy (Part 2)
Prof. Emily Murphy discusses Memory Evidence (Part 2)
Memory Evidence (Part 2)
Hina Shamsi discusses Military Drones and Targeted Killing
Military Drones and Targeted Killing
Prof. Daniel Capra discusses Police Power and Personal Rights
Police Power and Personal Rights
Prof. Daniel Capra discusses Police Power and Personal Rights (Part 2)
Police Power and Personal Rights (Part 2)
Prof. I. Bennett Capers discusses Police Technology - From Body Cameras to Facial Recognition
Police Technology - From Body Cameras to Facial Recognition
Prof. Amy Gajda discusses Press Freedom vs. Privacy
Press Freedom vs. Privacy
Prof. Amy Gajda discusses Press Freedom vs. Privacy (Part 2)
Press Freedom vs. Privacy (Part 2)
Prof. Joel Reidenberg discusses Privacy & Technology in Today's Schools
Privacy & Technology in Today's Schools
Prof. Jeffrey Rosen discusses Privacy vs. Government Tech
Privacy vs. Government Tech
Chairman Christopher Giancarlo discusses Regulating Cryptocurrency after FTX
Regulating Cryptocurrency after FTX
Scott Skinner-Thompson discusses Sexual Privacy and Government "Outing"
Sexual Privacy and Government "Outing"
John Heitmann and Jameson Dempsey discusses The Internet of Things – The Latest Frontier
The Internet of Things – The Latest Frontier
John Heitmann and Jameson Dempsey discusses The Internet of Things – The Latest Frontier (Part 2)
The Internet of Things – The Latest Frontier (Part 2)
Prof. Eric Goldman discusses The Law of Deplatforming
The Law of Deplatforming