Amy MacDonald is a privacy and data security associate in Manatt’s Boston office.
Amy advises clients across a range of industries on data privacy and cybersecurity, artificial intelligence (AI) and incident response management. She has experience building sustainable privacy compliance and data governance programs, conducting website, cookie, pixel, and tracking assessments and remediation, drafting and negotiating data protection agreements, conducting privacy and cybersecurity due diligence in corporate transactions, and responding to data breaches.
Amy regularly counsels clients on compliance with state, federal, and international privacy and data protection laws and regulations, including:
- the California Consumer Privacy Act (CCPA) and other comprehensive state consumer privacy laws
- Washington’s My Health My Data Act (MHMD) and other state consumer health data laws
- the California Invasion of Privacy Act (CIPA) and other state wiretapping and monitoring laws
- the Biometric Information Privacy Act (BIPA) and other biometrics laws
- the Health Insurance Portability and Accountability Act (HIPAA)
- the Federal Trade Commission Act (FTCA)
- the Fair Credit Reporting Act (FCRA)
- the Gramm-Leach-Bliley Act (GLBA)
- the General Data Protection Regulation (GDPR)
- industry-specific standards, including the Digital Advertising Alliance (DAA) self-regulatory principles and the Network Advertising Initiative (NAI) code of conduct
Amy also assists clients with monitoring and responding to global privacy developments and legislative changes, including those concerning the use and deployment of AI.
On incident response matters, Amy supports clients with security incident investigation, containment, mitigation, and effective communication strategy and response.
While in law school, Amy interned for the Massachusetts Office of the Attorney General, Health Care Division. Before her legal career, Amy worked in the health care industry working on business development and systems integration issues.