Former In–House Counsel with Multi–National Experience
Rachel is a key member of our Incident Response Team, helping clients of all sizes respond to complex cyber incidents, including ransomware and business email compromise attacks. She also guides clients in the development of protocols to prevent and prepare to respond to incidents. Rachel also represents clients in the development of data privacy programs in compliance with both domestic and international data privacy and security laws, including the California Consumer Privacy Act (CCPA), the EU General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as well as sector-specific state and federal regulations.
Rachel’s scope of extensive experience includes responding to requests from data subjects and authorities; drafting privacy notices, policies, and business practices; assessing data privacy and cybersecurity risk; designing data privacy compliance programs; negotiating data privacy contract terms and data processing agreements; and implementing “Privacy by Design.” Rachel also provides guidance on data privacy issues related to digital marketing, employee privacy, “bring your own device,” cross-border transfers, data classification and management, and the use of location-tracking technology.
In addition to privacy and cybersecurity work, Rachel works with clients to build regulatory compliance programs around anti-corruption, trade and export controls, third-party due diligence, and anti-trust. She routinely conducts high-level investigations and training in these areas and has extensive experience advising companies on government and workplace investigations involving bribery, financial impropriety and fraud, and conflicts of interest.
Throughout her early career, Rachel served in multiple in-house legal and compliance roles, including Chief Compliance Officer and Chief Privacy Officer. She has lived and worked overseas throughout Europe, Asia, and South America and has provided guidance and training to multi-national companies globally. She also served as a foreign service officer with the U.S. Department of State, where she did tours in China and Venezuela.
Rachel is recognized by the International Association of Privacy Professionals as a Privacy Law Specialist and a Certified Information Privacy Professional. She regularly speaks on the topic of data privacy as a panelist or featured speaker at conferences and forums. She speaks Spanish and Chinese.
- University of Texas School of Law, J.D., 2008
- University of Kent, M.A., 2000
- Texas A&M University, B.S., 1999
Past and Present Affiliations
- American Bar Association
- Society of Corporate Compliance and Ethics
- International Association of Privacy Professionals (IAPP)
- Texas State Bar Association, Computer and Technology, International, and Employment Sections
- Montgomery County United Way, Board Member
- Salvation Army of Montgomery County, Board Member
- Texas A&M University International Board, Member