Carolyn Metnick, CIPP/E, CIPP/US


Sheppard, Mullin, Richter & Hampton


Carolyn Metnick is a partner in the Corporate Practice Group in the firm's Chicago office and a member of the Healthcare and Privacy & Cybersecurity Teams.

Areas of Practice 

Carolyn represents a range of healthcare industry clients, including hospitals and health systems, physician organizations and digital health companies. She advises on healthcare regulatory and transactional matters with a focus on health information privacy and security. 

Carolyn advises clients on a range of privacy and security laws, including HIPAA and the California Consumer Privacy Act (CCPA). She also counsels businesses in data breach investigations and compliance with federal and state breach notification laws. Carolyn is a Certified Information Privacy Professional/United States (CIPP/US) and a Certified Information Privacy Professional/Europe (CIPP/E). 

Carolyn also represents healthcare industry clients in transactional matters. She guides clients through joint ventures, mergers and acquisitions, and advises on healthcare regulatory issues. Her background as a former litigator helps inform her transactional work. 


Contributions by Carolyn Metnick

  • The New Frontier of ChatGPT and Privacy Implications
    Speaker at IAPP Privacy. Security. Risk. 2023
  • HIPAA Year in Review: Recent enforcement actions and guidance
    Speaker at Virtual Chicago KnowledgeNet: August 2, 2023
  • AI, A Privacy Odyssey: Conducting Privacy Assessments on AI Projects
    Web Conference Speaker
  • Speaker at IAPP Privacy. Security. Risk. 2020 - Canceled