Kari Prochaska

Kari has significant experience counseling clients regarding the implementation of GDPR and CCPA compliance programs, including advising on data mapping, data subject request procedures, internal- and external-facing policies, and cross-border data transfer mechanisms. She regularly drafts and negotiates both data processing agreements and privacy and data security provisions in service provider agreements. She counsels clients on privacy and data security deficiencies and remediation in legacy customer and vendor contracts.

Kari frequently conducts privacy and cybersecurity-related diligence for numerous corporate transactions for companies across a wide range of industries, including telecommunications, financial services, manufacturing, e-commerce, and healthcare. She advises clients regarding the compliance posture of target companies and proactively assists in developing post-closing integration strategies.

Kari regularly assists clients responding to data security incidents by helping clients navigate the regulatory and legal landscape through the investigation and notification stages, particularly with respect to international data breach notification obligations, the preparation of required notifications pursuant to state breach notification laws, and development of media strategies. She has prepared data security-readiness solutions for clients by drafting incident response plans and legal playbooks. In addition, Kari counsels clients on cyber risk management, drafts cybersecurity policies, and performs cybersecurity gap and risk assessments.

Kari is both a Certified Information Privacy Professional/United States (CIPP/US) and a Certified Information Privacy Professional/Europe (CIPP/E) through the International Association of Privacy Professionals (IAPP).