|
Associate
Privacy & Information Management
New York
(212) 309-1163 Phone
(212) 309-1823 Fax
Download vCard
| Practices |
Advertising &
Consumer Law
Consumer Protection
and Privacy
eDiscovery and
Cyber-Investigations
Team
Privacy &
Information
Management
Records Management
|
Ms. McLellan's practice focuses on privacy, data security, information management and related regulatory compliance issues. She assists clients in identifying, evaluating and managing risks associated with privacy and information security practices. She has advised clients on the development and implementation of records management programs and has drafted privacy notices, contracts, policies and procedures. Ms. McLellan provides counsel on privacy and information management issues related to the Gramm-Leach-Bliley Act, FCRA, FACTA, FDCPA, CAN-SPAM, CFAA, COPPA, DPPA, HIPAA, TCPA, and other state, federal and international privacy laws, regulations and requirements.
Relevant Experience 
- Advises clients on Fair Credit Reporting Act and Fair and Accurate Credit Transactions Act compliance, including authorized purposes and consent requirements for procuring consumer reports, adverse action notice and disclosure obligations, and "Red Flags" identity theft prevention regulations applicable to financial institutions and creditors.
- Counsels clients on the scope and application of electronic communications interception statutes such as the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, the Stored Communications Act and the Wiretap Act.
- Provides guidance on restrictions imposed by the CAN-SPAM Act and the Children's Online Privacy Protection Act, including in the context of multi-marketer and multimedia advertising campaigns.
- Advises clients on legal and regulatory compliance considerations associated with the use of emerging internet technologies such as online behavioral advertising and cloud computing.
- Assists clients in evaluating privacy and data security provisions and indemnities contained in vendor and service provider agreements.
- Drafts terms of use, privacy policies, procedures and notices for multiple online and offline retailers and service providers.
- Provides counsel regarding regulatory requirements imposed by the Telephone Consumer Protection Act and the FTC's Telemarketing Sales Rule and National Do-Not-Call Registry regulations, as well as the applicability of those statutes to various forms of mobile marketing.
- Advises clients regarding employee monitoring issues including workplace video surveillance, the use of Radio Frequency Identification (RFID) tags and employer review of electronic communications.
- Evaluates compliance and enforcement issues related to the processing of credit card transactions according to the Payment Card Industry Data Security Standard (PCI DSS).
- Assists clients in complying with international data transfer restrictions, including through implementation of the U.S. Department of Commerce’s Safe Harbor framework.
- Advises clients in the banking, health care, insurance, technology, information services and retail industries on data security breach management, preparation of required notifications and development of external communications and media strategies.
- Develops policy framework and procedural guidelines related to the creation and evaluation of corporate records retention policies and schedules.
- Advises clients on compliance with the Driver's Privacy Protection Act and its state law analogs.
- Developed employee training materials on privacy policy and information security practices for international retail conglomerate.
- Provided assessments of records retention obligations arising from employee use of internal instant messaging programs.
- Prepared detailed response to an FTC inquiry regarding information security practices of a multinational data management service provider.
- Counseled clients on procedural requirements and best practices under the Fair Debt Collection Practices Act with regard to mortgage restructuring and loss mitigation strategies.
- Prepared information security questionnaires and due diligence checklists for clients assessing the data protection practices of third-party service providers.
- Provided advice and analysis regarding FTC and FCC regulation of mobile marketing using SMS, EMS, MMS and MSCM messaging technologies.
- Advised on state law medical information security and privacy implications applicable to health care product development and marketing.
Background
Associate, O'Melveny & Myers LLP, 2005-2008 Executive Editor, Harvard International Law Journal, 2004-2005 Summer Associate, Nagashima Ohno & Tsunematsu, Tokyo, Japan, 2003
Membership
Awards and Professional Recognition
New York State Bar Association Empire State Counsel: 2007, 2008 & 2009 Consumer Data Industry Association: Fair Credit Reporting Act Certification
Pro Bono Work
Successful representation of client seeking asylum in the United States before the Department of Homeland Security. Volunteer welfare advocacy attorney for the City Bar Justice Center's Legal Clinic for the Homeless. Volunteer attorney at the Center for Employment Opportunities under the auspices of the Homeless Experience Legal Protection (H.E.L.P.) Program, New York City. Civil rights and indigent legal representation advocacy work for the Brennan Center.
Education - J.D., Harvard Law School, 2005
- B.A., Rice University, Political Science & French Studies, 2000
Languages
-
French (fluent), Italian (conversational)
|
Melinda McLellan
|
|
|
