Melissa Hewitt focuses her practice on privacy and cybersecurity law. She advises clients on cyber and data risk management and governance and adapting existing privacy programs to comply with new legislation. Counseling multinational companies in a variety of industries, Melissa regularly drafts policies for providing consumer data privacy transparency and negotiates privacy and data security provisions for various types of commercial agreements. She has also advised clients on how to conduct email and text marketing campaigns in compliance with the CAN-SPAM Act and the TCPA.
Melissa provides guidance on digital advertising practices, including in relation to cookies and other types of tracking technologies, and she regularly counsels on privacy compliance for the use of emerging technologies, advertising technology, artificial intelligence and laws addressing the collection, use, disclosure and security of biometric information. Melissa generally counsels clients on a variety of legal questions related to information and data usage, including the requirements of the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other privacy and data protection laws and regulations.
Her broader practice includes advising clients on breach response and preparedness and developing incident response plans, including addressing notification obligations and regulatory investigations from various federal and state regulators. She has handled security incidents for a wide range of entities, including educational institutions, health systems, consulting firms and technology companies.