With extensive experience in data privacy, cybersecurity, and artificial intelligence governance, Brian helps businesses and individuals manage complex legal challenges, from privacy compliance and artificial intelligence adoption to data breach response. A certified information privacy professional and certified artificial intelligence governance professional, Brian addresses the unique challenges posed by emerging technologies and evolving privacy laws and regulations. He works closely with business leaders and internal teams to develop and implement policies, procedures, and notices; negotiate data processing agreements; manage data breach responses; and ensure secure international data transfers.
Brian's practice includes advising clients on compliance with key regulatory frameworks, such as:
- The EU General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Health Insurance Portability and Accountability Act (HIPPA)
- Health Information Technology for Economic and Clinical Health Act (HITECH)
- Emerging laws such as the EU AI Act and new state-level privacy laws
Brian also assists in the development of artificial intelligence platforms, mobile applications, Software as a Service (SaaS) products, and online platform design and operation, collaborating with engineers and product teams to ensure seamless integration of legal frameworks into product development.
Brian enjoys spending time with his family, learning about new technology and computing systems, and cheering on the Vikings, Tar Heels, and Celtic FC.
Education
J.D., Wake Forest University School of Law, 2007
B.A., History, Political Science, University of North Carolina at Chapel Hill, 2003
Professional Associations
- North Carolina State Bar Cybersecurity & PMBR Committee
Certifications
- Certified Information Privacy Professional (U.S.), International Association of Privacy Professionals (IAPP), 2023
- Certified AI Governance Professional, IAPP, 2024
Representative Matters
- Represented an international nonprofit organization, advising on a complete overhaul of internal and public-facing policies and procedures related to data privacy and cybersecurity
- Represented a regional manufacturing company, assisting in the creation, development, and implementation of an internal artificial intelligence platform dedicated to real-time supply chain management
- Represented a local company, advising on the ground-up development of a mobile application, including legal matters related to privacy, interstate commercial sale, vendor contracting and negotiation, and regulatory compliance
- Represented an IT managed service provider, advising and negotiating contracts with numerous vendors and several long-term clients
- Represented numerous clients as a data breach response manager, including matters involving ransomware attacks, business email compromise, and distributed denial of service attacks, assisting clients in restoring systems, establishing a system for responding to customer and press inquiries, auditing and improving the company's response, and representing the client in interaction with state and federal regulators