Brian J. McGinnis
Partner, Barnes & Thornburg LLP
Brian has developed a national practice advising businesses from multinational corporations to startups on the full range of data protection compliance and legal matters. He holds extensive experience investigating and responding to data breaches, negotiating and drafting data privacy agreements and policies, and developing comprehensive data protection programs that prepare his clients to face these legal challenges.
Brian has earned considerable experience assisting clients in assessing their obligations under the European Union's General Data Protection Regulation (GDPR). Working with cross organizational teams, Brian advises clients toward a clear understanding of the applicability of GDPR to their business practices, assists in auditing personal data collection and use, and helps clients develop and implement the strategies necessary to meet their GDPR compliance obligations. He also assists clients with international privacy and data protection compliance relating to cross-border data transfers, including enacting EU Standard Contractual clauses and obtaining certification under the EU-U.S. Privacy Shield. He also counsels clients on compliance with the wide variety of state privacy laws and regulatory issues, including the Children's Online Privacy Protection Act (COPPA), Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, Payment Card Industry Data Security Standard (PCI-DSS), Gramm-Leach-Bliley Act (GLBA), and privacy-by-design and security-by-design development.