Skip to main content

Cybersecurity and Legal Ethics


Speaker(s): Heather McArn, Joanna Storey
Recorded on: Apr. 28, 2021
PLI Program #: 327640

Heather McArn advises financial services businesses on regulatory compliance, the integration of financial technology with business operations, and on data governance, cyber security, and incident-response best practices. She prepares clients for regulatory exams, and advises them on responding to regulator inquiries and investigations, as well as the creation and implementation of policies and procedures to meet evolving requirements.

Before joining Hinshaw, Heather served as Chief of Staff and Special Counsel at the New York State Department of Financial Services (DFS) where she led efforts to modernize the agency's examination, supervision, and investigation processes and resources. This included launching a new research and innovation division dedicated to virtual currency supervision and implementing the agency's new cyber security regulations.

A Certified Information Privacy Professional/Europe (CIPP/EU), Heather advises businesses on compliance with privacy-related laws, rules, and regulations and data breach response.

Professional Affiliations

  • International Association of Privacy Professionals (IAPP)
    • Certified Information Privacy Professional/Europe (CIPP/E)
  • New York City Bar Association
    • Compliance Committee
      • Chair, Privacy and Cybersecurity Subcommittee


Joanna Storey focuses her practice on defending professionals, providing risk management advice and responding to time sensitive attorney hotline calls. She works with attorneys and other professionals to identify and resolve their conflicts efficiently.

A Certified Information Privacy Professional/United States (CIPP/US), Joanna advises businesses on compliance with privacy-related laws, rules, and regulations and data breach response. She drafts and revises privacy policies and counsels clients on best practices for implementing privacy programs, focusing on the requirements of the California Consumer Privacy Act (CCPA).

Joanna is a regular speaker and contributor to various publications on risk management, ethics and cyber security. She offers practical tips to help attorneys navigate the intersection of ethics, risk management and privacy considerations, with an eye on technology competence.

Professional Affiliations

  • International Association of Privacy Professionals (IAPP)
    • Certified Information Privacy Professional/United States (CIPP/US)
  • Women in Security and Privacy
  • Bar Association of San Francisco
    • Legal Ethics Committee, Secretary
  • American Bar Association
    • Center for Professional Responsibility
    • Section of Litigation
      • Privacy and Data Security Committee

Honors & Awards

  • Indiana University
    • Phi Beta Kappa