Maki DePalo

Privacy and Cybersecurity

• Counsel to top-tier corporations across a variety of industry sectors, including health care, retail, food services, manufacturing, financial services, and gaming and platform services, for data privacy and cybersecurity compliance programs, including the California Consumer Privacy Act (CCPA), the Children’s Online Privacy Protection Act (COPPA), the Washington state My Health My Data Act, the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach-Bliley Act (GLBA).
• Advising clients on the design, implementation, and operation of effective privacy and cybersecurity compliance programs, including support for policymaking, framework building, data governance, data analytics, privacy impact assessments, and global tabletop exercises.
• Counsel to clients across multiple industries in strategizing for and adopting AI governance, information governance, and records and information management (RIM) programs.
• Representing clients navigating privacy disputes and litigation.
• Representing clients in various industries to conduct privacy and cybersecurity due diligence reviews as part of vendor-vetting and M&A transactions.

Technology Transactions

• Counsel to health care institutions, insurance institutions, and other multinational corporations in the negotiation of strategic and complex IT outsourcing, technology and data licensing, and data processing agreements.
• Counsel to a leading health care products and services provider in a series of IT transactions and strategic initiatives.
• Represented multiple health care providers in the procurement of strategic health care IT platforms.
• Represented clients in diverse industries for marketing and advertising initiatives, online marketing and behavioral advertising, games of chance, contests, and rebate programs.

Maki DePalo is a client advocate and problem solver who counsels clients on privacy and cybersecurity compliance, AI and data strategies and governance, and complex outsourcing and technology transaction matters. She advises companies on designing and operationalizing data protection programs for compliance with state-level comprehensive privacy laws, utilizing a keen understanding of the intersections of laws and regulations impacting consumer privacy, children’s privacy, health privacy, financial privacy, and employee privacy.

As the AI legal landscape continues to develop, Maki collaborates with clients’ cross-functional teams to develop and implement enterprise-level governance models customized to meet their compliance needs, as well as the goals of their business. Maki also advises on general corporate matters, enabling clients of various sizes and industries to successfully navigate business challenges as they arise.

For over a decade before becoming a lawyer, Maki served as a technical and business transformation leader for one of the world’s largest IT and security services companies, delivering method-based consultation, solution design, and IT infrastructure service management to navigate and implement cutting-edge technologies.

Languages

• Japanese

Bar Admissions

• Georgia

Education

• Georgia State University (J.D.)
• Indiana University - Bloomington (M.S.)
• Meiji University (B.S.)

Memberships