About the IAPP

Heidi Salow is a Partner in the firm’s Privacy and Cybersecurity practice. Ms. Salow has more than two decades of executive level experience advising Fortune 50 companies, start-ups and non-profit organizations in the areas of data protection, data privacy, healthcare privacy and security, and cybersecurity as well as navigating novel issues involving data governance, social media, risk management, data ethics and mobile technologies.

Ms. Salow has served as a strategic advisor to entities seeking to develop and implement legally compliant U.S. and global data protection programs in the information technology, media, telecommunications, retail, financial, healthcare and legal services industries. She established the first Global Privacy Office function for a $13B company and has counseled clients in the aftermath of 75-plus data breaches and data security incidents.

She routinely advises clients on a wide range of issues involving the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), California Consumer Protection Act (CCPA)/California Consumer Rights Act (CPRA), Fair Credit Reporting Act (FCRA), UK Data Protection Act 2018, NIST Privacy Framework, NIST 800-53, Australian Privacy Principles (APPs), U.S. state data privacy laws and pending U.S. and global privacy legislation.

A frequent author and lecturer in the areas of U.S. and global data privacy and cybersecurity, Ms. Salow has also been recognized for receiving the following certifications: Certified Information Privacy Professional/ U.S. (CIPP/US); Certified Information Privacy Manager (CIPM) and Certified Information Privacy Professional /Europe (CIPP/E). She has advocated before Congress and U.S. federal agencies on behalf of high-tech and telecommunications companies and participated in legislative and regulatory proceedings on a multitude of privacy, data security, advertising, marketing, and IP issues.

Prior to joining Potomac Law, Ms. Salow was the Chief Privacy Officer for Leidos, a U.S. federal government contractor with 400 locations in 30 countries. Previous to that, she served as Vice President & Senior Privacy Officer at Thomson Reuters, a Canadian multinational media conglomerate operating in 94 countries.