Ryan Gallagher Associate




Ryan Gallagher practices in the areas of cybersecurity, data privacy, information governance and cyber risk management. He also represents clients in regulatory investigations brought by state and federal regulators, including the Department of Health and Human Services, Office for Civil Rights, and state attorneys general. After earning his J.D. degree, Ryan studied cybersecurity prevention and response at New York University’s School of Law and Tandon School of Engineering. Prior to law school, Ryan was a member of the U.S. Navy Criminal Investigation Division, where he worked cyber-crime and financial fraud cases in conjunction with the Department of Justice and Naval Criminal Investigative Service.

Areas of Focus

Cyber Breach Response
As a member of Wilson Elser’s breach response team, Ryan provides counseling to clients experiencing data breach and privacy incidents. He understands the emerging threats to information security systems and advises clients − including financial institutions, health care organizations, professional services firms, educational institutions, government contractors, nonprofits and municipalities − on efficiently responding to data breaches while protecting their business and reputation. In addition, Ryan coordinates incident response efforts with information technology departments and third-party information technology providers. He also oversees the engagement of forensics experts to ensure that remediation and investigation efforts are handled quickly to reduce disruptions to businesses and in compliance with notification and reporting deadlines.

Data Privacy & Compliance
Ryan also counsels clients on their legal notice and compliance responsibilities required by state, federal and international law as well as those stemming from ethical obligations and by contract, and assists in developing privacy policies and incident response plans. Ryan routinely advises clients on compliance with sector-specific privacy or data security laws and regulations, including HIPAA, FERPA, DFARS, PCI Data Security Standards, New York State Department of Financial Services Cybersecurity Regulation, and the EU General Data Protection Regulation (GDPR).