Amanda Rose Martin
Amanda is an associate in the firm's national Data Privacy and Cybersecurity Practice Group and focuses her practice specifically in the area of data privacy and cybersecurity.
Amanda advises a broad range of clients in the areas of data privacy and cybersecurity. Amanda has extensive experience managing data security incident response, including containment, forensics, notification and communication for cross-industry clients. Among other types of incidents, she has counseled on various ransomware variants, cyber extortion events, business email compromise, vendor and MSP incidents, employee incidents, unauthorized or accidental access and/or disclosure incidents. Following these incidents, Amanda advocates for clients in communications with law enforcement and state and federal regulators relating to initial security incident notifications and subsequent investigations.
Amanda has experience in advising clients on risk management and compliance with privacy laws, including: California Consumer Privacy Act (CCPA); General Data Protection Regulation (GDPR); Health Insurance Portability and Accountability Act (HIPAA); Gramm-Leach-Bliley Act (GBLA), and privacy, data breach, and biometric laws in all US jurisdictions.
Amanda assists her clients with developing and evaluating privacy programs, procedures and policies for compliance and industry best practices, including: Incident Response Plan (IRP), Written Information Security Program (WISP), bring your own device, remote work, password management, computer and electronic usage and employee exit policies. To ensure that her clients are ready to respond to an incident, she coordinates and leads tabletop exercises with clients and provides solutions-focused feedback.
Complementing her data privacy and cybersecurity work, Amanda works with clients in the fintech and emerging technologies space. She frequently counsels clients on online flow, apps, electronic transactions, communications, and marketing. Amanda provides practical and dynamic advice to clients with respect to consumer credit laws, payments laws, ESIGN and state Uniform Electronic Transaction Acts, consumer protection laws, state Unfair and Deceptive Acts and Practices (UDAP) laws and Federal Trade Commission enforcement actions and guidance. Amanda also advises clients on data retention and destruction policies, and policies related to analytics, marketing and advertising, lead generating and brokering activity.
Admissions - State
- Cleveland-Marshall College of Law
- Case Western Reserve University
Honors and Awards
- Selected for inclusion in Ohio Rising Stars (2019-2021)
- FDCC Ladder Down Cleveland (2019)
- Cleveland-Marshall College of Law, Adjunct Professor, Legal Writing; Master of Legal Studies in Cybersecurity and Data Privacy
- 2020 Ladder Down Cleveland; Committee Member
- American Bar Association, Business Law Section; Committee on Consumer Financial Services; Privacy & Data Security Subcommittee Young Lawyer Liaison
- Cleveland Metropolitan Bar Association
- Cyber + section, Incoming Vice Chair
- Business, Banking & Corporate Counsel Section
- Federal government issues new cybersecurity incident reporting rule for banks and bank service providers
- Businesses urged to take action to protect against the growing threat of ransomware
- 9 tips for keeping your workforce CyberSavvy while working from home
- 12 back-to-school cybersecurity tips for parents
- New Jersey revises data breach law, expands definition of personal information to include online account information
- Washington overhauls data breach law
- Supreme Court of Illinois holds no actual injury is required to state a claim under the Illinois Biometric Information Privacy Act
- OFAC sanctions necessitate improved cybersecurity preparedness and an experienced incident response team
- Washington DC expanding data breach notification law
- 10 ways to stay CyberSavvy while employees return to work
- California Consumer Privacy Act of 2018: What you need to know
- 5 California Consumer Privacy Act amendments signed into law
- Nevada updates privacy law, requires offer to opt out of data sale
- New data privacy laws broaden protections for NY residents and impose major obligations on organizations
- How will you respond to a ransomware attack?
- JPMorgan Chase the first major bank to create its own digital currency
- Google fined millions for alleged GDPR violations
- "Developments in Advertising and Consumer Protection in Cyberspace," The Business Lawyer; Volume 73, Winter 2017-2018.
- "Consumer Financial Services Answer Book 2017," Practising Law Institute, 2017.
- "It's Not all Memes and GIFs: E-Contracting for Millennial Consumers," Cleveland Metropolitan Bar Journal, January 25, 2017.
- Public Law in Practice - Ransomware and Wire Fraud: Everything You Need to Know to Protect Your Organization | Tuesday, August 3, 2021
- Cyber Risk How to position yourself strategically in a challenging marketplace and manage compliance | Wednesday, June 23, 2021
- Technical and Legal Implications of the Growth in Supply Chain Cyberattacks, 2021 Cybersecurity & Privacy Protection Virtual Conference | Friday, May 21, 2021
- Drafting & Implementing Bring Your Own Device Policies | Thursday, October 29, 2020
- Incident Response | Thursday, September 17, 2020
- PPP Loan Forgiveness & Going from Brick and Mortar to Virtual | Wednesday, September 16, 2020
- “Navigating Privacy Compliance Management in an Evolving Landscape,” ABA Business Law Section Annual Meeting, September 23, 2021
- "How the Cookie Crumbles: An overview of data privacy and cookies," ABA Business Law Spring Meeting, April 19, 2021
- “Careers on Cybersecurity/Privacy” panel, Cleveland Marshall College of Law, October 26, 2020
- “Cyber Incident Response” panel, Women in eDiscovery NYC Chapter, May 14, 2020
- “Cybersecurity: Technology, Risk and the Law,” Ohio Grocers Association, 2020 Loss Prevention Summit, February 11, 2020
- "Once More into the (Data) Breach: The Preparation for, Response to, and Ethics of Security Incidents” - Professional Liability Services Seminar, November 22, 2019
- "Incident Response and Cyber Risk Insurance," Cybersecurity & Privacy Protection Conference 2019, Cleveland-Marshall College of Law (May 31, 2019)
- “Creating an Electronic Loan Transaction: E-SIGN, UETA, Apps, Website (ADA), and Privacy Issues,” 2018 Consumer Finance Legal Conference (October 18, 2018)
- "Marketplace Lending Update: Litigation, Enforcement, and Regulatory Challenges," 2018 Consumer Finance Legal Conference (October 18, 2018)
- "2018 Privacy and Data Security Update," ABA Business Law Section Annual Meeting (September 12, 2018)
- "E-Contracting Issues for both Mortgage and Non-Mortgage Products," 16th Annual Consumer Finance Legal Conference (October 13, 2017)
- "Third-Party Data Aggregators, Business Process Outsourcing: Vendor Management, Privacy, and Related Concerns," 16th Annual Consumer Finance Legal Conference (October 13, 2017)
- "The Future of the Bank Partnership Program," 16th Annual Consumer Finance Legal Conference (October 12, 2017)
- "The Problem with Millennials: How to Structure Your Loan Products to Appeal to Both Regulators & the Online Generation," 15th Annual Consumer Finance Legal Conference (September 30, 2016)
- "Mobile Payments: Introduction to Virtual Currency & Emerging Payments; Update on Electronic Payment Issues," 15th Annual Consumer Finance Legal Conference (September 29, 2016)
- "FinTech/Online Lending," 15th Annual Consumer Finance Legal Conference (September 29, 2016)
- "Online Loan Origination Compliance Concerns for Lead Generators and Lenders," 14th Annual Consumer Finance Legal Conference (October 22, 2015)
- "Recent Trends in CFPB Enforcement," 14th Annual Consumer Finance Legal Conference (October 21, 2015)