Robin Campbell co-leads our Data Privacy & Cybersecurity Group and is a member of our Healthcare Practice. Robin brings first-hand understanding of the day-to-day issues faced by clients, having been seconded to clients to manage privacy in-house three times, twice in the automotive sector and once in healthcare. Robin’s practice focuses on a wide array of privacy and security issues, including the development and implementation of information management strategies for the handling of personal information. Robin focuses on providing practical solutions for data security and privacy risk management. She works closely with clients to analyze the risks associated with new technologies, data use or transfers and to develop appropriate controls to reduce those risks. She focuses on the automotive industry, including connected cars and autonomous vehicles (AV), as well as on the IoT space more generally. She covers both US and international laws, including an in-depth knowledge of the EU Data Protection Directive, the General Data Protection Regulation (GDPR) and international data transfers.
Robin has worked with clients to structure complex data consolidation plans and large outsourcing agreements. She drafts and negotiates contractual agreements concerning the use of personal and protected health information, security and confidentiality, as well as the privacy and security components of more general contractual agreements. She also focuses on state and HITECH breach notification statutes, advising clients on both safeguard protocols and response plans in advance of a breach and notification procedures and best practices after a security breach. Robin also provides privacy-related training for clients.
Robin’s experience also includes serving as a special consultant to Hewlett Packard (HP) Europe in Geneva, Switzerland, while the European Data Protection Directive was in the early stages of implementation. While at HP, Robin worked with a cross-functional task force to develop a global compliance strategy under both the EU Directive and the Safe Harbor requirements. The task force acted as a European advisory body on the new privacy legislation, a central point of contact for all questions related to privacy and data protection, and it promoted a detailed policy framework within the company for handling personal data in its daily business.
Robin was selected by the US Department of Commerce and the European Commission as an Arbitrator for the EU-US Privacy Shield and is a member of Law360’s Cybersecurity & Privacy Editorial Advisory Board. She has earned her CIPP/US and CIPM certifications and is a member of IAPP’s Professional Privacy faculty. Robin regularly publishes and presents on current privacy and security issues.