Ryan’s practice focuses on privacy, data security, and records management. Ryan assists clients in conducting privacy and information security assessments, developing and implementing records management programs, and drafting privacy notices, contracts, policies and procedures. Ryan counsels clients on the impact of various privacy laws, including the Gramm-Leach-Bliley Act, HIPAA, CAN-SPAM, and other state, federal and international privacy requirements.
Ryan is an integral member of Hunton & Williams LLP’s Privacy & Information Management Practice, which has been named the top privacy adviser for each of its four surveys by Computerworld magazine and which received a Band 1 US national ranking from Chambers USA in Privacy & Data Security.
- Prepared comprehensive HIPAA privacy and security policies and procedures, Business Associate Agreements, privacy notices and training materials for numerous HIPAA-covered entities.
- Served as primary HIPAA privacy counsel to various clients, including consumer goods manufacturer, pharmacy chain and pharmaceutical manufacturer.
- Counseled pharmaceutical manufacturer regarding health privacy requirements relevant to an innovative pharmaceutical marketing program.
- Designed comprehensive records management programs, including drafting compliance policies and how-to guides.
- Drafted and reviewed records retention schedules for clients subject to various records retention regulations, including retailers, consumer goods manufacturers, telecommunications providers, and utilities.
- Conducted full-scale privacy and information security assessments, including extensive data flow mapping, remediation and development and implementation of privacy and information security policies and procedures.
- Drafted Gramm-Leach-Bliley and state-specific financial privacy notices.
- Advised multiple clients on data breach security management and requirements of state data breach notification laws.
- Analyzed proposed state privacy legislation and drafted potential amendments to legislation on behalf of multinational consumer goods client.
- Advised client on the development and implementation of a comprehensive transaction privacy and information security checklist.
- Developed and implemented a privacy governance program for major consumer goods manufacturer.
- Developed and implemented service provider programs to help clients evaluate the privacy and information security practices of their service providers.
- Advised automobile manufacturer on privacy laws pertaining to vehicle event data recorders.
- Assisted in structuring a mortgage purchasing and refinancing program to comply with Fair Credit Reporting Act and Gramm-Leach-Bliley Act requirements.
- Counseled medical technology company on the advantages and disadvantages of public and private cloud computing.
- Advised insurer regarding compliance with state laws regulating employee e-mail monitoring.
- Counseled retail client on the application of federal privacy regulations to its e-mail and mobile marketing programs, including the provision of requisite privacy notices and opt-out mechanisms.
- Drafted wills and powers of attorney for first responders as part of the Wills for Heroes program.
- Assisted homeless clients in obtaining public assistance benefits.