Kara Hilburger advises and counsels clients on the development and implementation of enterprise-wide data security and privacy programs and regulatory compliance under federal, state and international privacy laws, including the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA) and the Colorado Privacy Act (CPA), the Fair Credit Reporting Act (FCRA), and the Telephone Consumer Protection Act (TCPA). The scope of her work includes data privacy regulatory assessments, information privacy protocols & policies, external policies & data collection, data mapping, information security protocols & policies, employee data security policies, and incident response plan development.
Kara concentrates a portion of her practice in the representation of clients in consumer facing technology and privacy regulatory matters, such as digital accessibility requirements under the ADA, and website compliance and disclosure requirements pertaining to privacy policies and cookie consent notices. She has successfully defended numerous clients in ADA website accessibility class action proceedings, providing proactive counsel regarding website remediation, litigation strategy, defense, and settlement. She develops comprehensive operational procedures, training and compliance protocols in these areas, and assists clients in navigating the legal and practical implications in developing comprehensive digital accessibility infrastructures.
Kara draws on her experience in labor and employment law to advise on technology and privacy matters in the workplace and in the development of organization wide procedures and training programs that engage stakeholders and employees as active partners in the data privacy & compliance process. She provides innovative and thoughtful guidance in areas such as bring-your-own-device (BYOD) policies, social media and technology-use issues, and workplace privacy concerns.
Kara is a Certiﬁed Information Privacy Professional, United States (CIPP/US) as certiﬁed by the International Association of Privacy Professionals (IAPP).
- Develop and implement enterprise-wide data security, privacy, and regulatory compliance programs, including regulatory assessment, policy and procedure development, stakeholder communications, and employee training programs.
- Successfully defended numerous clients in ADA website accessibility class action proceedings, providing proactive counsel regarding website remediation, litigation strategy, defense, and settlement.
- Acted as legal liaison and advisor for organization-wide initiative to increase social media presence and technology-use in the workforce.
- Developed and piloted new employee orientation and on-boarding initiative for organization with hundreds of employees in several offices.
- Litigated action against governmental agency challenging wrongful termination.