Path to Privacy & Data Security Forum

[Anonymous User]

I'll keep it short -- I'm an incoming SA at a v100 satellite office and I am extremely interesting in going into Privacy & Data Security. I have experience in the field and my resume reflects it. However, the particular office I'm going into (assuming I am given an offer) does not have a Privacy and Data Security practice, but has most of the common ones. I want to keep my options open so that I can do this type of work down the line. Which practice group should I go for? I'm assuming general litigation, but I was wondering if there was anything else.

Thanks for the help.

[Anonymous User]

To be honest, I would look at tech transactions. I would stay clear of litigation. The reason why is because in terms of exit options, there are FAR more transactional positions available than litigation. I went from corporate to tech transactions and data privacy. Ironically the reason why I went into that field was sheer luck. I was moved from corporate after my first year due to corporate being slow at my firm. I couldn't have been happier for that move.

The slight downside is that for privacy, the money is mostly in handling breaches, especially credit card breaches. If you go down the transactional path, you will be doing mostly compliance work and review of technology based contracts that uses personal information. Compliance work doesn't generate as much income for a firm. However, the positive is that there are far more transactional related positions inhouse and doing tech transactions/privacy related work.

[elendinel]

What specifically do you want to do/think you want to do?

[albanach]

If there's a healthcare practice group, privacy and data security is a big part of HIPAA compliance and is bread and butter stuff for corporate health law groups.

[1styearlateral]

Sit for the CIPP/US exam.

With regards to the above poster about privacy and litigation, I would disagree only to the extent that I know people in that area who are trial attorneys as well. Some Privacy groups, such as Hunton's, ONLY does transactions/compliance. But there are other groups that I am blanking on that also incorporate the litigation side of privacy and data breaches.

Also consider crisis management, which includes counseling clients on preventing breaches.

[Anonymous User]

Sit for the CIPP/US exam.

With regards to the above poster about privacy and litigation, I would disagree only to the extent that I know people in that area who are trial attorneys as well. Some Privacy groups, such as Hunton's, ONLY does transactions/compliance. But there are other groups that I am blanking on that also incorporate the litigation side of privacy and data breaches.

Also consider crisis management, which includes counseling clients on preventing breaches.

I'm not saying that trial attorneys or litigators can't get into privacy. What I am saying is that exit opportunities for transactional attorneys are by far better than the exit opportunities for litigators, especially if you look at people who do tech transactions and data privacy.

Generally speaking, litigation and arbitration related breach work provides more revenue than say a compliance project. However, compliance and tech transactions related privacy work has better exit opportunities. Just look at the inhouse jobs that are available.

[1styearlateral]

Sit for the CIPP/US exam.

With regards to the above poster about privacy and litigation, I would disagree only to the extent that I know people in that area who are trial attorneys as well. Some Privacy groups, such as Hunton's, ONLY does transactions/compliance. But there are other groups that I am blanking on that also incorporate the litigation side of privacy and data breaches.

Also consider crisis management, which includes counseling clients on preventing breaches.

I'm not saying that trial attorneys or litigators can't get into privacy. What I am saying is that exit opportunities for transactional attorneys are by far better than the exit opportunities for litigators, especially if you look at people who do tech transactions and data privacy.

Generally speaking, litigation and arbitration related breach work provides more revenue than say a compliance project. However, compliance and tech transactions related privacy work has better exit opportunities. Just look at the inhouse jobs that are available.

I see; understood.

[SFSpartan]

Curious as to how helpful people think CIPP/US and CIPP/EU would be in an EC/VC practice (we primarily deal with foreign startups moving ops into the US from Europe, which is why I include EU here)