Amber serves as the Deputy Chair of Bond’s Data Privacy and Cybersecurity practice and maintains Certified Information Privacy Professional/United States (CIPP/US) and Certified Information Privacy Professional/European (CIPP/E) credentials through the ANSI-accredited International Association of Privacy Professionals.
Amber represents a wide range of clients across all industries, including retail, hospitality, manufacturing, development, higher education, technology, health care and media. She currently serves as part-time corporate counsel at Paychex, Inc. where she advises on privacy and cybersecurity matters.
Privacy Compliance
Amber advises clients on cybersecurity and data privacy compliance issues, including state, federal and international cybersecurity and data privacy laws. Her practices involves counseling clients on managing and mitigating risks associated with the collection, use and disclosure of personal data. Amber assists clients with the development of comprehensive privacy programs and policies, retention and records management, risk assessments and response to data subject requests and complaints. Her broad experience with various data privacy regimes including the California Consumer Privacy Act (CCPA), the European Union’s General Data Protection Regulation (GDPR), China’s Personal Information Protection Law (PIPL), the Illinois Biometric Information Privacy Act (BIPA), the Children’s Online Privacy Protection Act (COPPA), the Federal Trade Commission (FTC) and the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) provides clients with robust knowledge of industry laws and regulations.
Transactions and Technology
Amber’s practice often focuses on the intersection of data privacy, technology and transactions. She assists clients with complex contract review and negotiation, including strategic risk mitigation for cybersecurity and data privacy liabilities and drafting data protection and data transfer agreements. Amber advises clients on merger and acquisition strategy for data privacy and cybersecurity issues including due diligence and structure review. In addition, she advises clients on product and technology development and implementation with a specific focus on compliance with data protection safeguards and standards.
Data Breach Response
Amber counsels clients on multi-jurisdiction data breach response including reporting obligations for various state, federal and international cybersecurity laws. She assists clients in developing proactive data protection programs and information security policies. Amber works closely with cybersecurity forensic teams to assist in the investigation and remediation portions of a cybersecurity event.
Amber’s practice focuses on:
Data audit and risk assessment
Privacy compliance review and program implementation
MSA, SaaS, Cloud Service, Technology agreements drafting and negotiation
Privacy notices, policies and terms of use agreements
Data protection and security addenda drafting
M&A privacy and cybersecurity diligence review
Cybersecurity insurance review
Vendor security assessment
Remediation strategy and implementation
Data subject request and response policies and procedure
Records management procedures, policies and guidelines implementation
The Best Lawyers in America® Ones to Watch, Corporate Law; Mergers and Acquisitions Law and Privacy and Data Security, 2021-2025
New York Super Lawyers® Rising Star, Technology Transactions, 2023-2024
New York State Bar Association
Onondaga County Bar Association
CNY Women’s Bar Association
Syracuse College of Law Alternate Dispute Resolution Competition, Winner Fall, 2016
Syracuse College of Law Alternate Dispute Resolution Competition, Best Advocate, Fall 2016
Business Editor, Volume 67, Syracuse Law Review; Editorial Member, Volume 66
Moot Court Honor Society
St. Lawrence University, Government Honors, Thesis: Public Financing of Elections: A Comparative Analysis of US Presidential and US Gubernatorial Elections, 2014.
Bernard J. Lammers Award, Leadership and Research in the Study of Government, 2014
Developing a Strategy to Comply with Multiple State Privacy Laws, International Legal Technology Association, October 25, 2022
Legal Issues in Cyber Incident Response, MACNY Cybersecurity Summit, September 29, 2022
Panelist, Buffalo chapter of The Institute for Supply Management®, “Cybersecurity Risk Mitigation; Lessons Learned from Ransomware Triage,” May 6, 2022
Co-Panelist alongside Scott Charney, VP of Security Policy at Microsoft Corporation and Kevin Minsky, Senior Legal Counsel of Product Compliance at DocuSign; Cybersecurity and Data Privacy Career Panel, Syracuse University College of Law, February 17, 2022
NY SHIELD Act – Are You in Compliance?, Human Resources Association of the Twin Tiers, August 12, 2021
The ABCs of Data Privacy: GDPR, CCPA, NY SHIELD Act and More, Monroe County Bar Association, April 16, 2020
Data Privacy and Cybersecurity Legal Overview: How to Comply With New Data Protection Laws and What to do in the Event of a Data Breach, MACNY Cyber Security Summit, March 13, 2020
GDPR, California Consumer Privacy Act, and NY SHIELD Act, American Payroll Association NYS Capital Region Chapter Meeting, September 19, 2019
Amber serves as the Deputy Chair of Bond’s Data Privacy and Cybersecurity practice and maintains Certified Information Privacy Professional/United States (CIPP/US) and Certified Information Privacy Professional/European (CIPP/E) credentials through the ANSI-accredited International Association of Privacy Professionals.
Amber represents a wide range of clients across all industries, including retail, hospitality, manufacturing, development, higher education, technology, health care and media. She currently serves as part-time corporate counsel at Paychex, Inc. where she advises on privacy and cybersecurity matters.
Amber serves as the Deputy Chair of Bond’s Data Privacy and Cybersecurity practice and maintains Certified Information Privacy Professional/United States (CIPP/US) and Certified Information Privacy Professional/European (CIPP/E) credentials through the ANSI-accredited International Association of Privacy Professionals.
Amber represents a wide range of clients across all industries, including retail, hospitality, manufacturing, development, higher education, technology, health care and media. She currently serves as part-time corporate counsel at Paychex, Inc. where she advises on privacy and cybersecurity matters.
Privacy Compliance
Amber advises clients on cybersecurity and data privacy compliance issues, including state, federal and international cybersecurity and data privacy laws. Her practices involves counseling clients on managing and mitigating risks associated with the collection, use and disclosure of personal data. Amber assists clients with the development of comprehensive privacy programs and policies, retention and records management, risk assessments and response to data subject requests and complaints. Her broad experience with various data privacy regimes including the California Consumer Privacy Act (CCPA), the European Union’s General Data Protection Regulation (GDPR), China’s Personal Information Protection Law (PIPL), the Illinois Biometric Information Privacy Act (BIPA), the Children’s Online Privacy Protection Act (COPPA), the Federal Trade Commission (FTC) and the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) provides clients with robust knowledge of industry laws and regulations.
Transactions and Technology
Amber’s practice often focuses on the intersection of data privacy, technology and transactions. She assists clients with complex contract review and negotiation, including strategic risk mitigation for cybersecurity and data privacy liabilities and drafting data protection and data transfer agreements. Amber advises clients on merger and acquisition strategy for data privacy and cybersecurity issues including due diligence and structure review. In addition, she advises clients on product and technology development and implementation with a specific focus on compliance with data protection safeguards and standards.
Data Breach Response
Amber counsels clients on multi-jurisdiction data breach response including reporting obligations for various state, federal and international cybersecurity laws. She assists clients in developing proactive data protection programs and information security policies. Amber works closely with cybersecurity forensic teams to assist in the investigation and remediation portions of a cybersecurity event.
Amber’s practice focuses on:
Data audit and risk assessment
Privacy compliance review and program implementation
MSA, SaaS, Cloud Service, Technology agreements drafting and negotiation
Privacy notices, policies and terms of use agreements
Data protection and security addenda drafting
M&A privacy and cybersecurity diligence review
Cybersecurity insurance review
Vendor security assessment
Remediation strategy and implementation
Data subject request and response policies and procedure
Records management procedures, policies and guidelines implementation
The Best Lawyers in America® Ones to Watch, Corporate Law; Mergers and Acquisitions Law and Privacy and Data Security, 2021-2025
New York Super Lawyers® Rising Star, Technology Transactions, 2023-2024
New York State Bar Association
Onondaga County Bar Association
CNY Women’s Bar Association
Syracuse College of Law Alternate Dispute Resolution Competition, Winner Fall, 2016
Syracuse College of Law Alternate Dispute Resolution Competition, Best Advocate, Fall 2016
Business Editor, Volume 67, Syracuse Law Review; Editorial Member, Volume 66
Moot Court Honor Society
St. Lawrence University, Government Honors, Thesis: Public Financing of Elections: A Comparative Analysis of US Presidential and US Gubernatorial Elections, 2014.
Bernard J. Lammers Award, Leadership and Research in the Study of Government, 2014
Developing a Strategy to Comply with Multiple State Privacy Laws, International Legal Technology Association, October 25, 2022
Legal Issues in Cyber Incident Response, MACNY Cybersecurity Summit, September 29, 2022
Panelist, Buffalo chapter of The Institute for Supply Management®, “Cybersecurity Risk Mitigation; Lessons Learned from Ransomware Triage,” May 6, 2022
Co-Panelist alongside Scott Charney, VP of Security Policy at Microsoft Corporation and Kevin Minsky, Senior Legal Counsel of Product Compliance at DocuSign; Cybersecurity and Data Privacy Career Panel, Syracuse University College of Law, February 17, 2022
NY SHIELD Act – Are You in Compliance?, Human Resources Association of the Twin Tiers, August 12, 2021
The ABCs of Data Privacy: GDPR, CCPA, NY SHIELD Act and More, Monroe County Bar Association, April 16, 2020
Data Privacy and Cybersecurity Legal Overview: How to Comply With New Data Protection Laws and What to do in the Event of a Data Breach, MACNY Cyber Security Summit, March 13, 2020
GDPR, California Consumer Privacy Act, and NY SHIELD Act, American Payroll Association NYS Capital Region Chapter Meeting, September 19, 2019
