Email address
[email protected]Contact number
(202) 663-6128Share profile
Band 1
Band 2
About
Provided by Kirk J Nahra
Practice Areas
Kirk Nahra has been a leading authority on privacy and cybersecurity matters for more than two decades. Indeed, he is one of the few lawyers in the world ranked in Band 1 by Chambers in privacy and data security. He is also the winner of the 2021 Vanguard Award from the International Association of Privacy Professionals (IAPP)—one of the most prestigious in the privacy field—which recognizes one IAPP member each year who demonstrates exceptional leadership, knowledge and creativity in privacy and data protection. Mr. Nahra counsels clients across industries, from Fortune 500 companies to startups, on implementing the requirements of privacy and data security laws across the country and internationally, and he advocates for clients experiencing privacy and security breaches. Mr. Nahra also represents clients in contract and deal matters, enforcement actions, litigation and investigations related to a wide range of issues before the Federal Trade Commission (FTC), the US Department of Health and Human Services (HHS) Office for Civil Rights, and other state and federal privacy and security regulators.
Mr. Nahra is best known for his work with health insurers, hospitals, service providers, pharmaceutical manufacturers and other health care industry participants. He has a deep understanding of the privacy and security issues healthcare companies face relating to HIPAA rules, state and federal legislation, enforcement activities, internal investigations, international principles, due diligence in transactions, data breach risk assessments, and the key lines between regulated and unregulated data. During his decades of experience, Mr. Nahra has developed compliance programs, drafted privacy and information security policies, negotiated agreements involving health data, responded to health incidents and defended clients against government investigations.
In recent years, Mr. Nahra has represented technology companies, advertising service providers, financial services companies, hospital systems, health insurers, healthcare technology companies, consumer products companies and others in front of the FTC, the HHS Office for Civil Rights, and other privacy and security regulatory agencies. He advises clients on avoiding privacy and security investigations, navigating situations where investigations are likely, and then handling both the actual investigation and related issues involving consumers, customers, legislators, regulators and others.
Mr. Nahra also has substantial experience working with clients in the financial services and insurance industries on privacy and data security matters relating to the Gramm-Leach-Bliley Act, Fair Credit Reporting Act, Fair and Accurate Credit Transactions Act, data aggregation and sharing practices, and privacy and data security compliance under a wide range of state and federal laws. He also has a breadth of experience drafting and evaluating data security practices and policies across varying industry standards, has investigated and litigated potential fraud against insurers, and has assisted with the development and oversight of corporate compliance programs.
Additionally, Mr. Nahra is well versed in a variety of other privacy and consumer protection issues, including marketing laws pertaining to email, phone and online communications; the Children's Online Privacy Protection Act; and the Family Educational Rights and Privacy Act of 1974.
Professional Memberships
Mr. Nahra is a member and longtime board member of the International Association of Privacy Professionals, and he has helped establish the organization’s Privacy Bar Section and their first and most popular certification for Certified Information Privacy Professionals. He is a member of the Center for Cybersecurity and Privacy Protection National Advisory Board. In addition, he currently serves as a fellow with the Cordell Institute for Policy in Medicine & Law at Washington University in St. Louis and as a fellow with the Institute for Critical Infrastructure Technology.
Personal
JD, cum laude, Harvard Law School, 1987; BA, magna cum laude, Georgetown University, 1984
Chambers Review
USA
Kirk Nahra is a high-level data security practitioner with notable capabilities to serve healthcare and financial services clients.
Kirk Nahra is a high-level data security practitioner with notable capabilities to serve healthcare and financial services clients.
Strengths
Provided by Chambers
"Kirk is extremely well regarded."
"He's one of the most experienced and best healthcare privacy lawyers."
"Kirk is extremely well regarded."
"He's one of the most experienced and best healthcare privacy lawyers."