Michele Grenier Associate

     

Contact

   

Michele Grenier practices in the areas of cybersecurity, data privacy, information governance and cyber risk management. Michele also represents clients in regulatory investigations brought by state and federal regulators, including the Department of Health and Human Services, Office for Civil Rights, and state attorneys general. While earning a dual J.D., M.B.A. degree at Villanova University, Michele took computer engineering courses in the College of Engineering, cybersecurity courses in the School of Business and data privacy courses in the School of Law.

Areas of Focus

Cybersecurity & Data Privacy
As a member of Wilson Elser’s breach response team, Michele provides 24/7 counseling to clients experiencing data breach and privacy incidents. She understands the emerging threats to information security systems and advises clients − including financial institutions, health care organizations, professional services firms, educational institutions, government contractors, nonprofits and municipalities − on efficiently responding to data breaches while protecting their business and reputation. 

Michele also counsels clients on their legal notice and compliance responsibilities required by state, federal and international law as well as those stemming from ethical obligations and by contract, and assists in developing privacy policies and incident response plans. Michele routinely advises clients on compliance with sector-specific and medium-specific privacy or data security laws and regulations, including HIPAA, FERPA, DFARS, PCI Data Security Standards, New York State Department of Financial Services Cybersecurity Regulation, and the EU General Data Protection Regulation (GDPR). 

In addition, Michele coordinates incident response efforts with information technology departments and third-party information technology providers. She also oversees the engagement of forensics experts to ensure that remediation and investigation efforts are handled quickly to reduce disruptions to businesses and in compliance with notification and reporting deadlines.