We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

Close View our cookies policy

Enter a keyword for global search Search Search Search

Careers

Location

Donald DePass

Associate
Washington, D.C.

donald.depass@hoganlovells.com

Phone

+1 202 637 3286 +1 202 637 3286

Fax

+1 202 637 5910 +1 202 637 5910

Practice Group

Regulatory

Donald DePass helps clients tackle challenging state, federal, and at times international privacy and data security issues. He advises on compliance with the Health Insurance Portability and Accountability Act (HIPAA), state health privacy laws, the FTC Act, the Family Educational Rights and Privacy Act (FERPA), among other privacy and data security laws and regulations.

Donald regularly counsels clients on incident response, including breach notification obligations, as well as response to government investigations and enforcement actions in the wake of large-scale cyber-attacks. He also helps clients develop and implement compliance programs and draft contractual language for safeguarding sensitive information and legitimizing cross-border data transfers.

Donald counsels clients facing dynamic regulatory environments in a wide range of industries, primarily in the technology, life sciences and healthcare, and education sectors. In addition to assisting clients with complex legal matters, Donald helps clients resolve complicated policy issues affecting data privacy and security. In a rapidly evolving marketplace, he provides practical solutions that help clients meet legal and policy challenges and retain consumer trust.

While in law school, Donald served as a student attorney in the Georgetown Social Enterprise & Nonprofit Clinic and was a member of The Tax Lawyer.

Donald graduated with honors from Georgetown University Law Center and from Duke University, where he earned a bachelor's degree in public policy studies.

Practices

Industries

Areas of focus

Incident Preparedness, Response, Investigation, and Communication

Health Information Privacy and Security

Privacy and Cybersecurity Public Policy Counseling and Advocacy

Risk Management, Governance, and Compliance

Retail and Consumer Goods

Hospitals and Healthcare Providers

Representative experience

Privacy counsel in largest health-related cyber attacks in U.S. history, supporting breach response, government investigation, and privacy compliance.

Obtained successful resolution, without penalty, in numerous HHS OCR investigations of academic institutions and insurance organizations.

Advised clients on privacy-related HHS OCR and state attorney general and Insurance Commission investigations and enforcement actions.

Assisted a major U.S. university in responding to cybersecurity incidents, including forensic review, notification analysis, and remediation.

Conducted privacy- and cybersecurity-related diligence for several transactions involving healthcare and education companies.

Helped a global company assess compliance with privacy laws in multiple countries, focusing on privacy notices, cross-border transfers, and data use restrictions.

Education and admissions

Education

J.D., with honors, Georgetown University Law Center, 2014
B.A., with honors, Duke University, 2011

Memberships

Member, American Bar Association
Member, International Association of Privacy Professionals

Bar admissions and qualifications

District of Columbia
New York