Elizabeth focuses on projects including breach prevention, privacy risk assessments, and management of breach response teams. Elizabeth also focuses on building enterprise-wide privacy and cybersecurity compliance frameworks across industries such as retail, health care, contingent workforce and staffing, education, and state and local governments. She has a breadth of experience creating solutions for privacy issues arising in the employment law context, as she spent the first half of her law career as a management-side employment lawyer.
Leveraging her in-house and Texas state government experiences, Elizabeth works with executive leadership and other stakeholders to provide practical compliance counseling on cybersecurity and privacy requirements, design and conduct tabletop exercises, and create and implement policies, procedures, and employee privacy and security awareness training.
Outside of her law practice, Elizabeth teaches cybersecurity and privacy law topics for the University of Texas School of Information’s Master’s Program in Information Privacy & Security. She is a thought leader on privacy and cybersecurity matters facing businesses and frequently speaks about and is published on emerging trends in these areas.
Develops EU and Global Data Compliance Program based on the GDPR, the Privacy Shield and privacy laws and regulations in regions throughout the world.
Advises and counsels e-commerce and global store front retailers, financial institutions and other companies on cybersecurity risks, incidents and policy issues, including proactive cybersecurity readiness, developing and conducting full-scale tabletop exercises for C-suite executives and Boards of Directors.
Advises major health care providers and health plans on all aspects of HIPAA security breaches, including OCR and state enforcement.
Conducts all phases of online and offline privacy assessments and information security policy audits.
Develops global corporate records management programs, including policies, records retention schedules and training modules.
Evaluates practices associated with data analytics, “big data,” and the Internet of Things.
Offers specialized counseling for fiduciaries, including Board Members, Board Committees and Named/Managing Fiduciaries of ERISA Plans and other asset plan managers, concerning their fiduciary obligations to provide adequate cybersecurity controls and best practices for information assets belonging to shareholders and plan participants.
Evaluates cyber liability insurance needs and negotiation of provisions in cyber liability insurance policies.
Merger and Acquisition support to assess privacy and security practices of target corporation, portfolio company, or start-up.
Supports breach litigation and regulatory activities to remediate vulnerabilities in privacy and information security governance programs and/or information security standards.
Drafts and negotiates appropriate privacy and cybersecurity clauses in complex technology and other transactions.
Honors & Recognitions
Top Latino Lawyers, Latino Leaders magazine, 2019, 2020
Outstanding Young Lawyer of San Antonio, 1992
Chairman of the Board of Directors, the Computer & Technology Section of the State Bar of Texas, June 2021 – Present
Advisory Member, Global Cybersecurity Institute – UC Berkeley, 2018–Present
Member, Cybersecurity Task Force, Greater Houston Partnership, 2017–Present
Fellow, Texas Bar Foundation
Member, Austin Bar Association
Co-Chair, Legislative Committee, 2015–2016
Co-Chair, Leadership Academy, Class of 2015
Co-Chair, Membership Committee, 2013–2015
Board Member, St. Mary’s University School of Law Foundation, 2011–present
Former Board Member and President, Alumni Association, St. Mary’s School of Law, 1993–2011