Catherine Geisler

Catherine is a member of the Constangy Cyber Team and is based in Chicago. She assists clients in responding to various data security incidents such as ransomware, business email compromises, and other types of cyberattacks. Through her daily work helping to manage responses to data security incidents, she stays abreast of the evolving legal landscape regarding privacy and cybersecurity issues to better serve clients. She also has substantial experience providing clients with advice on the development of policies and procedures for data privacy and security to ensure compliance with all U.S. laws, such as the California Consumer Privacy Act (CCPA) and Health Insurance Portability and Accountability Act (HIPAA), and international privacy laws, such as the General Data Protection Regulation (GDPR).

Catherine worked as an associate in an insurance practice group prior to joining Constangy, where she represented insurance carriers in a variety of insurance coverage disputes. Her experience included analyzing insurance coverage issues, assessing insurance carriers’ risks, preparing coverage opinions and position letters, and handling all aspects of insurance coverage litigation in state and federal courts. This experience makes Catherine particularly well-suited to assess and help mitigate third-party liability during the incident response process.

Catherine has written extensively on data privacy and security matters, and she serves as the technology columnist for Illinois Defense Counsel. She also holds the Certified Information Privacy Professional/United States (CIPP/US) credential from the International Association of Privacy Professionals (IAPP).

• Recognized in The Best Lawyers in America^® "Ones to Watch" for Insurance Law (2023-2024)

Associations

• Chicago Bar Association
• Illinois Defense Counsel
• Illinois State Bar Association
• International Association of Privacy Professionals
• Professional Liability Underwriting Society (Member)

Certifications

• Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)

• The Past, Present and Future of NFTs, IDC Quarterly, Volume 33, Number 1 (2023), https://cdn.ymaws.com/www.idc.law/resource/resmgr/quarterly_v32-33/33.1.15.pdf.
• Implementing Industry Standards Relating to Privacy May Help Small and Mid-Sized Companies Comply with Federal Privacy Regulations, IDC Quarterly, Volume 32, Number 4 (2022), https://cdn.ymaws.com/www.idc.law/resource/resmgr/quarterly_v32-33/32.4.34.pdf.
• Guidelines for Compliance with Federal Privacy Regulations for Small and Mid-Sized Companies, IDC Quarterly, Volume 32, Number 3 (2022), https://cdn.ymaws.com/www.idc.law/resource/resmgr/quarterly_v32-33/32.1.33.pdf.
• Guidelines for Compliance with State Privacy Regulations for Small and Mid-Sized Companies, IDC Quarterly, Volume 32, Number 2 (2022), https://cdn.ymaws.com/www.idc.law/resource/resmgr/quarterly_v32-33/V32N3_wMonograph.pdf
• Advising Small to Mid-Sized Business Clients on Privacy and Data Liability: GDPR Compliance, IDC Quarterly Volume 32, Number 1 (2022), https://cdn.ymaws.com/www.idc.law/resource/resmgr/quarterly_v32-33/32.1.33.pdf.
• Northern District of Illinois Finds Employment-Related Practices Exclusion Applies to BIPA Suit, Claims Pages, (Jan. 18, 2022), https://www.claimspages.com/editorials/northern-district-of-illinois-finds-employment-related-practices-exclusion-applies-to-bipa-suit/.