• Patricia M. Carreiro
  • 305.539.7314
  • Share this page
Patricia M. Carreiro

Patricia M. Carreiro



Trish Carreiro is an experienced cybersecurity and privacy litigator who advises clients on privacy compliance and data breach response. She is a certified information privacy professional (CIPP/US), accredited by the International Association of Privacy Professionals, and experienced in high-stakes cybersecurity litigation. She has particular depth of experience in highly regulated industries, such as health care, financial services, and telecommunications. She is a privacy and cybersecurity thought leader who uses her litigation perspective to guide clients to both avoid, and effectively handle, privacy and cybersecurity litigation. 

She is a frequent speaker and author on cybersecurity, privacy, and insurance issues. Her insights have been featured in publications including Bloomberg Health Law & Business, Law360Law.comCorporate CounselToday’s General CounselInsideCounselThe Cybersecurity Law ReportData Breach TodayHealth IT SecurityHealthcare IT News, Healthcare Infosecurity, Fierce Healthcare, Daily Business Review, Miami Herald, Dark Reading, and STAT.

Her prior experience includes time with the U.S. Department of Justice Criminal Division’s Fraud Section, the U.S. Securities and Exchange Commission Division of Enforcement, the New York State Attorney General’s Medicaid Fraud Unit, and the Connecticut Commission on Human Rights and Opportunities. She is proficient in Spanish and Portuguese.


Cybersecurity Class Action Litigation
  • Advised one of the nation’s largest banks on possible causes of action, defenses, class action strategy, and litigation options following nationwide data breach.
  • Advised large, publicly traded financial institution regarding multiple data breach class actions.
  • Represented health care provider in class action breach litigation. 
Privacy Compliance
  • Advised large insurer in privacy compliance throughout development of new automated underwriting product.
  • Advised mortgage servicer regarding compliance with the Gramm-Leach-Bliley Act and the California Consumer Privacy Act (CCPA), including drafting contract provisions and sample communications.
  • Advised large insurer regarding contractual privacy provisions, privacy compliance, and cybersecurity insurance coverage.
  • Drafted privacy policy, associated notices, and CCPA request processing procedure for various retailers, including drafting sample communications and scripts.
  • Advised large telecommunications carrier on legal compliance and risk-reducing steps for proposed event and service agreement under Telecommunications Act and CCPA.
Data Breach Response
  • Executed data breach response for companies of all sizes, including a large telecommunications carrier and numerous health care providers.
  • Represented health care providers throughout post-breach Office for Civil Rights and attorneys general investigations.

All Insights

Professional & Community Involvement

  • Connecticut Bar Association
    • House of Delegates District 12 (Hartford) Representative (2018–2019)
    • Executive Committee, Women in the Law Section (2016–2019)
  •  FAIR Institute
    • Cybersecurity Insurance Workgroup (2018)

Speaking Engagements

  • "Privacy Leaders Circle: Miami," Truyo (July 9, 2020)
  • "Privacy Policy and Terms of Use Basics for Start Ups," Nova Southeastern University Shepard Broad College of Law (March 2020)
  • "Evaluating Cyber Insurance Using the FAIR Doctrine," Legal Services Information Sharing and Analysis Organization (LS-ISAO) (May 2019)
  • "Using FAIR to Optimize Your Cyber Insurance Coverage," 2018 FAIR Conference on Information Risk Management (October 2018)
  • "Data Breach Litigation: Recent Trends and Developments," The Knowledge Group (June 2018)
  • "Cyber & Law: It’s Really About the Money," Evolver (January 2018)
  • "Which Insurance Would Cover a Breach-Related Injury?," Healthcare Info Security (October 2017)
  • "Cyber Risk and Liability Insurance: What Is It and Why You Need It," The Knowledge Group (October 2017)
  • "She Leads: Women in the Law," Quinnipiac University School of Law (November 2016)
  • "Cybersecurity Litigation and the Role of Cyber Insurance," Connecticut Law Tribune (September 2015)


  • New York University School of Law (J.D., 2013)
  • Duke University (B.A., 2008)
Bar Admissions
  • Florida
  • Connecticut
Board Certifications
  • Spanish
  • Portuguese
Court Admissions
  • U.S. District Court, District of Connecticut
  • U.S. District Court, Middle District of Florida
  • U.S. District Court, Southern District of Florida


  • Litigation Associate, Axinn, Veltrop & Harkrider LLP, Hartford, CT (2015–2019)
  • Litigation Associate, Wofsey Rosen Kweskin & Kuriansky LLP, Stamford, CT (2013–2015)


The information on this website is presented as a service for our clients and Internet users and is not intended to be legal advice, nor should you consider it as such. Although we welcome your inquiries, please keep in mind that merely contacting us will not establish an attorney-client relationship between us. Consequently, you should not convey any confidential information to us until a formal attorney-client relationship has been established. Please remember that electronic correspondence on the internet is not secure and that you should not include sensitive or confidential information in messages. With that in mind, we look forward to hearing from you.