Gicel Tomimbang
Associate
Gicel Tomimbang is an associate in the Corporate Practice based in our Los Angeles office. She counsels clients in the automotive, healthcare, manufacturing and tech industries on a range of commercial, regulatory, compliance and general business matters.
Gicel previously served as in-house counsel for a US-based publicly traded technology company, deputy attorney general for the California Department of Justice Office of the Attorney General, and investigator for the US Department of Health and Human Services. Her multifaceted experience across private practice, corporate legal departments, and state and federal government, enables her to guide clients through complex legal frameworks and strategic risk management.
Gicel is a certified information privacy professional (CIPP/US and CIPP/E), a certified information privacy manager (CIPM) and an International Association of Privacy Professionals (IAPP) fellow of information privacy (FIP). She invests in her community through her active membership in professional and community organizations, including the Los Angeles County Bar Association, the IAPP, the Junior League of Los Angeles and various mentorship programs.
- Counseling global automotive manufacturers on regulatory and compliance obligations, and commercial issues in connected cars initiatives in US and Latin America markets.
- Advising the US subsidiary of a multinational food and beverage company on commercial agreements and general business matters.
- Counseled a US-based publicly traded technology company on EO 14117 (Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-related Data by Countries of Concern) compliance program policy and its training program.
- Supported a publicly traded technology company on NIST CSF/NIS 2 cybersecurity maturity assessment.
- Advised a publicly traded fintech company in developing its cybersecurity incident response plan and cybersecurity policies, including procedures for assessing and reporting material cybersecurity incidents in public filings.
- Counseled a China-based social media company on commercial terms and risk allocation in third-party vendor and partner agreements.
- Supported a regional grocery store chain on compliance issues regarding state consumer privacy laws and US Department of Health and Human Services (HHS) Health Insurance Portability and Accountability Act (HIPAA) tracking technologies guidance with respect to grocery and pharmacy data practices.
- Counseled a regional hospital system on structuring organized health care arrangements and affiliated covered entity structures under HIPAA to maximize business and patient care efficiencies.
- Developed and executed incident response and regulatory investigation strategy for state health agencies targeted in a complex, multiyear HIPAA investigation by the HHS Office for Civil Rights.
- Collaborated with an in-house cybersecurity team and third-party consultants to conduct a cybersecurity maturity assessment for a publicly traded uniform rental and business services company.
Education
- Santa Clara University, J.D., 2018
- Arizona State University, B.S., cum laude, 2011
Admissions
- California, 2019
Memberships & Affiliations
- Member, IAPP Advisory Board, Privacy Bar Section
- Active member, Junior League of Los Angeles, Centennial Committee
- Chair, Los Angeles County Bar Association, Privacy & Cybersecurity Section
Languages
- English
- Filipino (Tagalog)