Rita Heimes, CIPP/E, CIPP/US, CIPM

Rita Heimes is the IAPP’s General Counsel and privacy officer/DPO. Prior to joining the IAPP as its first Research Director in 2015, Rita was a law professor and academic dean at the University of Maine School of Law, where she directed the Center for Law + Innovation and developed the nation’s first Privacy Pathways program. She also worked in private practice with law firms in Seattle, Boulder and Portland, ME. She has a BA in Journalism from the University of Iowa and a JD from Drake University School of Law.
Contributions by Rita Heimes
-
Privacy Risk Study 2020
-
Changes in IAPP's cookie tool
DPO Confessional -
Building Ethical Decision Making into Legal Advice on Data Protection
Moderator at IAPP Summit Sessions 2020 Online -
The Evolving Privacy Professional: Dealing With Change in Times of Crisis
Speaker at IAPP Summit Sessions 2020 Online -
Privacy in the Wake of COVID-19: Current and Future Impacts
Web Conference Speaker -
Building Ethical Decision Making into Legal Advice on Data Protection
Web Conference Speaker -
Current and Future Enforcement Trends
Speaker at IAPP Summit Sessions 2020 Online -
Swimming in the Right Lane: How to Avoid the Unauthorized Practice of Law
Speaker at IAPP Summit Sessions 2020 Online -
Career Transitioning from eDiscovery into Privacy
Web Conference Speaker -
The IAPP updates its privacy notice
DPO Confessional -
Privacy Governance in 2019: A Report on Leading Practices
Speaker at IAPP Europe Data Protection Congress 2019 -
Privacy Governance in 2019: A Report on Leading Practices
Speaker at IAPP Privacy. Security. Risk. 2019 -
Data scraping and the implications of the latest LinkedIn-hiQ court ruling
Privacy Tracker -
The Role of the DPO One Year Into the GDPR
Web Conference Speaker -
GDPR one year later: Looking backward and forward
Women Leading Privacy -
Are Businesses Ready for the CCPA? See the Survey Results
Speaker at Global Privacy Summit 2019 -
How opt-in consent really works
DPO Confessional -
An Introduction to the California Consumer Privacy Act
Speaker at IAPP Europe Data Protection Congress 2018 -
Looking Beyond the GDPR: What Is the Future of Privacy?
Moderator at IAPP Europe Data Protection Congress 2018 -
Top 10 Operational Responses to the GDPR
Author -
Data Deletion Day
DPO Confessional -
Top 5 Operational Impacts of CaCPA
Speaker at Privacy. Security. Risk. 2018 -
Latest CJEU opinion may illuminate personal data risks
Privacy Tracker -
Top 5 Operational Impacts of the CCPA: Part 3 - Responding to consumers’ personal information access requests
The Privacy Advisor -
Cookies and consent at the IAPP
DPO Confessional -
Compliance and Marketing Collaboration: A Winning Approach In the GDPR Era
Web Conference Speaker -
Top 5 Operational Impacts of the CCPA: Part 1 — Determining if you’re a business collecting or selling consumers’ personal information
The Privacy Advisor -
New California privacy law to affect more than half a million US companies
The Privacy Advisor -
Constitution v Congress: Carpenter v United States
Privacy Tracker -
DPO Confessional: The prep for GDPR Day
DPO Confessional -
DPO Confessional: Think globally, but direct market locally
DPO Confessional -
Hoping to become a Privacy Law Specialist? Applications open today
The Privacy Advisor -
Privacy Bar Section Forum Scholarship Presentation and Closing Remarks
Speaker at IAPP Privacy Bar Section Forum 2018 -
Privacy Law Specialist Q&A
Speaker at Global Privacy Summit 2018 -
Top 10 Operational Responses to the GDPR – Part 9: Vetting and contracting with processors
Westin Research Center -
Top 10 Operational Responses to the GDPR – Part 5: Preparing and implementing data-retention and record-keeping policies and systems
Westin Research Center -
Top 10 Operational Responses to the GDPR – Part 3: Build and maintain a data governance system
Westin Research Center -
Top 10 operational responses to the GDPR: Data inventory and mapping
Westin Research Center -
Explaining the GDPR to an American
DPO Confessional -
What's the Risk of Not Complying with the GDPR?
Web Conference Speaker -
Ask the DPO, December 2017
Web Conference Speaker -
eBook– The Top 10 Operational Impacts of the EU’s General Data Protection Regulation
-
Responding to subject access requests
DPO Confessional -
Making a (privacy) statement
DPO Confessional -
Privacy Training from Top to Bottom
Moderator at Privacy. Security. Risk. 2017 -
When is a vendor a processor?
DPO Confessional -
Getting on the Same Page: How to Align Privacy Needs with Business Objectives
Web Conference Speaker -
Checking that pesky 'data mapping' box
DPO Confessional -
The case of the unsolicited email
DPO Confessional -
The IAPP DPO: Countdown to May 2018
DPO Confessional -
So We Have Brexit: What Now for Data Protection?
Moderator at Global Privacy Summit 2017 -
WP29 releases guidance on DPOs, data portability, one-stop shop
Privacy Tracker -
US appeals court narrows FTC's 'unfair' standard in LabMD case
Westin Research Center -
Study: GDPR’s global reach to require at least 75,000 DPOs worldwide
The Privacy Advisor -
Using Technology and Data for Change: Laws, Ethics and Social Norms
Moderator at IAPP Europe Data Protection Congress 2016 -
IAPP one step away from ‘Privacy Law Specialist’ designation in 2017
The Privacy Advisor -
Top 10 Operational Impacts of the GDPR (English language version)
Web Conference Speaker -
So We Have Brexit: What Now for Data Protection?
Moderator at Privacy. Security. Risk. 2016 -
Models for Privacy and Security Education and Workforce Development
Speaker at Privacy. Security. Risk. 2016 -
The US government wants privacy pros: Time to act on it
Privacy Perspectives -
Unpacking Spokeo v. Robins
Privacy Tracker -
Study: At least 28,000 DPOs needed to meet GDPR requirements
The Privacy Advisor -
Should states be more aggressive in privacy regulation and enforcement?
The Privacy Advisor -
Top 10 operational impacts of the GDPR: Part 9 - Codes of conduct and certifications
Westin Research Center -
Top 10 operational impacts of the GDPR: Part 5 - Profiling
Westin Research Center -
Top 10 operational impacts of the GDPR: Part 2 - The mandatory DPO
Westin Research Center -
Top 10 operational impacts of the GDPR: Part 1 – data security and breach notification
Westin Research Center