Hiruy Berhane

Associate

Philadelphia
T +1.215.564.2027
F +1.215.568.3439

Overview

With a nationwide practice centered on advising organizations on privacy and compliance matters, including responding to cybersecurity and data privacy incidents, Hiruy Berhane guides private, public and non-profit clients through complex privacy matters to mitigate clients’ risks and achieve positive outcomes.

Hiruy, a member of the firm’s Privacy and Data Protection team, focuses his nationwide practice on guiding both healthcare and non-healthcare clients through the complex field of data security incidents and privacy compliance. He concentrates on mitigating any damage that could occur as a result of the incident, including everything from determining the scope to assisting his clients in selecting the necessary third-party vendors to effectively augment the client’s resources and incident response efforts. Hiruy’s attention to detail extends to assisting in drafting notifications to potentially impacted parties, counseling his clients through state and federal regulatory investigations and pre-breach planning and compliance.

Select Experience

  • Advised numerous clients through all facets of their assessment of and response to actual or suspected data security incidents, including, but not limited to, ransomware events, business email compromises and various third-party data incidents. Assessments of client data incidents typically require a rapid gathering of the necessary facts, a determination of the nature and extent of the intrusion/data event and the planning of an expedient course of action based on the particular data incident/inquiry and the client's relevant industry/regulator(s).
  • Guided clients in the selection and retention of third-party vendors, including forensic investigators and notice mailing/call center/credit monitoring vendors, and appropriately directed the work of engaged vendors to best mitigate any harmful effects resulting from the data incident and ensure clients' compliance with applicable law.
  • Counseled clients in the drafting of notice letters to impacted or potentially impacted individuals whose protected information, as defined by applicable law, was or may have been impacted in a data incident.
More »

Experience

  • Advised numerous clients through all facets of their assessment of and response to actual or suspected data security incidents, including, but not limited to, ransomware events, business email compromises and various third-party data incidents. Assessments of client data incidents typically require a rapid gathering of the necessary facts, a determination of the nature and extent of the intrusion/data event and the planning of an expedient course of action based on the particular data incident/inquiry and the client's relevant industry/regulator(s).
  • Guided clients in the selection and retention of third-party vendors, including forensic investigators and notice mailing/call center/credit monitoring vendors, and appropriately directed the work of engaged vendors to best mitigate any harmful effects resulting from the data incident and ensure clients' compliance with applicable law.
  • Counseled clients in the drafting of notice letters to impacted or potentially impacted individuals whose protected information, as defined by applicable law, was or may have been impacted in a data incident.
  • Reported relevant data incidents to impacted or potentially impacted individuals and applicable state and federal regulatory authorities on behalf of clients. After notifying individuals and applicable authorities, counseled clients through regulatory investigations by state and federal authorities, as well as relevant industry-based authorities.
  • Provided pre-breach planning and compliance services to clients, including revision of policies and procedures, incident response plans and vendor contract management programs.
  • Drafted legal analyses and interviewed witnesses in matter involving global interest rate manipulation.

Recognitions and Memberships

Memberships

  • International Association of Privacy Professionals
  • National Bar Association
  • Philadelphia Bar Association
  • Philadelphia Barristers Association
  • Pennsylvania Bar Association

Prior Positions

  • TrustArc
    • Regulatory Analyst (2018 to 2019)
    • Privacy Extern (2018)
  • Intern for the Honorable Michael A. Shipp, United States District Court for the District of New Jersey (2018)
  • Intern for the Honorable Glynnis D. Hill, Philadelphia Court of Common Pleas (2018)
  • Law Clerk at FMC Corporation (2017 to 2018)

Admissions

  • Pennsylvania

Education

  • J.D., Temple University Beasley School of Law, 2019; Temple Moot Court Competition Team; Temple Student Bar Association; Black Law Student Association
  • B.A., University at Buffalo, 2012