Matthew Berger advises clients on data privacy and cybersecurity issues to ensure companies comply with the ever-evolving national and international regulations related to data protection and use. As part of his practice, he regularly provides advice on emerging data privacy initiatives and efforts, including changes and ruling regarding the California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (CDPA) and European Union General Data Protection Regulation (GDPR).
Matthew works closely with his clients to support global business growth initiatives by developing strategies, policies and programs in compliance with privacy and information security issues, including matters related to the California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA), online privacy, marketing and advertising, operational and third-party risks, M&A privacy due diligence, GDPR, cross-border data transfers protocols, supply chain data vulnerabilities, and data and cybersecurity breach prevention and response. He also helps clients develop security compliance and risk assessments and, when necessary, respond to cybersecurity incidents and data breaches including responses to regulators and managed action plans to notify affected individuals and mitigate harm.
Prior to joining Bass, Berry & Sims, Matthew was an associate at Epstein Becker Green in Washington, D.C. in the healthcare and life sciences practice where he counseled clients in data privacy and cybersecurity matters. In addition, Matthew worked at several technology companies, where he served as the Team Lead and Highest-Level Privacy Advisor to the U.S. Department of Energy’s Chief Privacy Officer, as the Lead Data Privacy Incident Associate to the Federal Deposit Insurance Corporation’s Chief Information Officer Office, and as a Privacy Advisor to the National Nuclear Security Administration.
International Association of Privacy Professionals — Washington D.C. KnowledgeNet Chapter Chair (2020-2021)
International Association of Privacy Professionals — Certified Information Privacy Professional (CIPP/US)
International Consortium of Minority Cybersecurity Professionals
L’association Internationale pour la Protection de la Propriété Intellectuelle
American Health Law Association (AHLA)
Environmental Law and Policy Review — Staff Member