Elliot Golding, CIPP/US


McDermott Will & Emery


Elliot provides business-oriented privacy and cybersecurity advice to global companies spanning virtually every sector of the economy, with particular expertise in the technology, health care/life sciences, retail/ecommerce, automotive, and financial sectors. His practical approach gives clients actionable advice to help balance legal risk with business needs, particularly relating to innovative issues such as “digital health” technologies, biometrics, the Internet of Things, data monetization, online advertising technology, and Artificial Intelligence/Machine Learning tools. He not only enables companies to leverage data for business needs through day-to-day product counseling but also helps companies develop global compliance programs that harmonize CCPA/CPRA (and equivalent laws in other states); GDPR and other international laws; specific rules in the highly regulated health and financial sectors (HIPAA/HITECH, ONC Information Blocking and CMS Interoperability Rules, 42 CFR Part 2, the Common Rule, GLBA, and state equivalents); marketing rules (TCPA, CANSPAM, and industry self-regulatory standards); security standards (such as PCI-DSS, NIST, and ISO); and many others. Elliot has also managed hundreds of breaches and ransomware attacks, guiding clients through all aspects of investigation, notification, remediation, and engagement with regulators.

Elliot is IAPP certified (CIPP/US) and has been recognized in a number of industry rankings and awards, including by Bloomberg Law, Global Data Review, and National Law Review. Elliot also co-chairs the American Bar Association’s SciTech Privacy, Security and Emerging Technology Division; E-Privacy Committee; and Biotechnology, Healthcare Technology, and Medical Device Committee.


Contributions by Elliot Golding

  • US Privacy Law at a Crossroads: The Past, Present and Future
    Speaker at IAPP Global Privacy Summit 2023