Overview
Trish Carreiro is an experienced cybersecurity and privacy litigator who advises clients on privacy compliance and data breach response. She is a certified information privacy professional (CIPP/US) and certified information privacy manager (CIPM), accredited by the International Association of Privacy Professionals, and experienced in high-stakes cybersecurity litigation. She has particular depth of experience in privacy and cybersecurity program management in highly regulated industries, such as insurance, health care, financial services, and telecommunications. She is a privacy and cybersecurity thought leader who uses her litigation perspective to guide clients to both avoid, and effectively handle, privacy and cybersecurity litigation.
A recognized thought leader, Trish is a frequent speaker and author, including dozens of articles on cutting-edge topics such as:
- Class action breach litigation.
- The use of big data, machine learning, and AI in the life insurance industry.
- The health care industry’s use of health apps and wearable technology, and challenges surrounding HIPAA compliance for work-from-home and telehealth programs.
Her insights have been featured in publications including Bloomberg Health Law & Business, Law360, Law.com, Corporate Counsel, Today’s General Counsel, InsideCounsel, The Cybersecurity Law Report, Data Breach Today, Health IT Security, Healthcare IT News, Healthcare Infosecurity, Life Annuity Specialist, Fierce Healthcare, Daily Business Review, Miami Herald, Dark Reading, STAT, and Tampa Bay Business Journal.
Trish is at the forefront of the burgeoning telehealth industry. When COVID-19 struck, she was one of the first to begin writing about the privacy and cybersecurity challenges facing the health care industry, and how to navigate them. She has represented health care providers in class action breach litigation, executed data breach response for numerous health care providers, represented health care providers throughout post-breach Office for Civil Rights and attorneys general investigations, and drafted comprehensive HIPAA compliance programs for HIPAA-covered entities.
Trish’s experience with emerging technologies has developed into a niche practice in the life insurance industry. She has helped numerous life insurers navigate the morass of state and federal privacy laws to market their products in new and innovative ways, streamline their privacy compliance, digitize their application process, increase consumer engagement, and apply new technologies and data to underwrite their risk. From drafting the necessary notices and consents, to developing the process for presenting and recording authorizations, Trish has used her expertise to help propel the insurance industry forward.
Her prior experience includes time with the U.S. Department of Justice Criminal Division’s Fraud Section, the U.S. Securities and Exchange Commission Division of Enforcement, the New York State Attorney General’s Medicaid Fraud Unit, and the Connecticut Commission on Human Rights and Opportunities. She is proficient in Spanish and Portuguese.