Melissa M. Hewitt


T +1.713.646.1397
F +1.713.751.1717


Melissa Hewitt focuses her practice on privacy and cybersecurity law. She advises clients on cyber and data risk management and governance and adapting existing privacy programs to comply with new legislation. Counseling multinational companies in a variety of industries, Melissa regularly drafts policies for providing consumer data privacy transparency and negotiates privacy and data security provisions for various types of commercial agreements. She has also advised clients on how to conduct email and text marketing campaigns in compliance with the CAN-SPAM Act and the TCPA.

Melissa provides guidance on digital advertising practices, including in relation to cookies and other types of tracking technologies, and she regularly counsels on privacy compliance for the use of emerging technologies, advertising technology, artificial intelligence and laws addressing the collection, use, disclosure and security of biometric information. Melissa generally counsels clients on a variety of legal questions related to information and data usage, including the requirements of the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other privacy and data protection laws and regulations.

Her broader practice includes advising clients on breach response and preparedness and developing incident response plans, including addressing notification obligations and regulatory investigations from various federal and state regulators. She has handled security incidents for a wide range of entities, including educational institutions, health systems, consulting firms and technology companies.


  • Representing clients in class actions alleging violation of Americans with Disabilities Act (ADA).
  • Represented freight transportation company in putative class action. Case settled favorably following enforcement of arbitration.

Recognitions and Memberships


  • American Bar Association
  • State Bar of Texas
  • Houston Bar Association
  • Chicago Bar Association


  • Women in Cyber Security, Austin Affiliate

Emerging Issues


  • U.S. Court of Appeals, Seventh Circuit
  • U.S. District Court, Northern District of Illinois
  • Illinois
  • Texas


  • J.D., Indiana University Maurer School of Law, 2015; Indiana Journal of Global Legal Studies, Notes Editor
  • B.A., Cornell University, 2012


In The Blogs

Previous Next
Data Counsel
FTC Issues Statement Warning Health Apps to Notify Consumers About Data Breaches
By Melissa M. Hewitt
September 22, 2021
The U.S. Federal Trade Commission (FTC) issued a policy statement on Sept. 15, 2021, warning that the decade-old Health Breach Notification Rule (the rule) – which applies to companies that handle personal health records or collect health...