Our Team

Ellen M. Giblin

Privacy Counsel

Download vCard

Download PDF Bio

Connect on LinkedIn

 

Ellen M. Giblin serves as The Ashcroft Law Firm’s lead privacy and data security counsel. Her primary responsibilities for the firm include managing the data breach response team for client incidents, executing client enterprise governance risk and compliance engagements, performing data mapping risk assessments, data minimization and leading compliance remediation project teams.

Ms. Giblin is internationally recognized for her expertise in privacy, data security, breach response and investigations, cybersecurity, and information management. Since 2005, Ms. Giblin has been a Certified Information Privacy Professional (CIPP/United States Government/Canadian) by the International Association of Privacy Professionals (IAPP). She joined the IAPP Canadian Advisory Board in 2013.

Since joining The Ashcroft Law Firm, Ms. Giblin has advised multi-national companies on compliance and regulatory related matters, including compliance with GLBA, HIPAA, FCRA rules and global data security laws and regulations. Most recently, Ms. Giblin has served as a Compliance Expert on providing an independent review of audit reports and draft board of directors’ reports. She also recently assisted a United States based national mortgage company during multiple audits completely reviewing the incident management, information security and data management policies, procedures and training. This effort was followed by extensive drafting and creating new policies, procedures and training to include an information classification and risk rating scheme and data mapping exercise.

Prior to joining The Ashcroft Law Firm, Ms. Giblin served in a variety of roles at Littler, including Privacy Counsel, a leader of the Workplace Privacy Practice Group, Privacy Counsel to the firm’s General Counsel as well as CISO. During her time with Littler, she provided subject matter expertise to entities and employers covered under the HIPAA Hi-Tech Privacy and Security Rule, GLBA and 201 CMR 17 as well as authored and edited privacy and data security chapters of the 2011 and 2012 editions of The New England Employer and The National Employer.

As Senior Risk Manager and Privacy Officer at RBS/Citizens NA, Ms. Giblin provided advice and guidance in all aspects of privacy law, data protection, review of new products and services, information sharing under the USA Patriot Act, OFAC, AML-BSA data breach incident management and investigations, risk management, vendor management, training, employment screening under the Fair Credit Reporting Act, and compliance with GLBA, HIPAA, Hi-Tech, state data breach and security laws. Ms. Giblin also worked at Iron Mountain as Privacy and Data Contracts Manager and oversaw the incident management process and created a vendor management self-certification process.

Ms. Giblin is co-chair of the Boston Bar Association’s Intellectual Property Section - Privacy and Data Protection Committee, co-chair of the IAPP New England KnowledgeNet, a member of HIMSS (Healthcare Information and Management Systems Society), the AHLA (American Health Lawyers Association), SCCE (Society of Corporate Compliance and Ethics), and ACEDS. She is often called upon to speak at privacy and security educational events including those organized by the IAPP, RSA, ABA, MCLE, MYCLE and the American Corporate Counsel’s series of webinars. Ms. Giblin’s expertise is often sought for publications in multiple social media formats, such as Reuters, Information Security Media Group, Law 360, NYMITY and the IAPP Daily Dashboard. Ms. Giblin is very active as a Suffolk Law School alumni mentoring law students and judging the ABA Contracts Negotiation Competition.

News

July 01, 2014 | Thought Leadership

Ashcroft Law Firm Monthly Privacy and Data Protection Newsletter

Our monthly newsletter sharing cutting edge developments on Privacy and Data Protection

June 05, 2014 | Thought Leadership

Ashcroft Law Firm Monthly Privacy and Data Protection Newsletter

Our monthly newsletter sharing cutting edge developments on Privacy and Data Protection

April 30, 2014 | Thought Leadership

Ashcroft Law Firm Monthly Privacy and Data Protection Newsletter

Our monthly newsletter sharing cutting edge developments on Privacy and Data Protection

March 31, 2014 | Thought Leadership

Ashcroft Law Firm Monthly Privacy and Data Protection Newsletter

Our monthly newsletter sharing cutting edge developments on Privacy and Data Protection

February 28, 2014 | Thought Leadership

Ashcroft Law Firm Monthly Privacy and Data Protection Newsletter

Our monthly newsletter sharing cutting edge developments on Privacy and Data Protection

December 02, 2013 | Announcements

Ellen Giblin to Speak on Panel regarding FTC’s First ‘Internet of Things’ Settlement

Key Takeaways From The Settlement And Strategies For Developing A Compliance Program

December 02, 2013 | Announcements

Ellen Giblin to bring data security and privacy expertise to February RSA Conference

Lead privacy and data protection counsel, Ellen Giblin, and Mercer's America's privacy leader, Constantine Karbaliotis will present at the 2014 RSA Conference entitled, BYOD: An Interpretive Dance.

November 30, 2013 | Thought Leadership

Ashcroft Law Firm Monthly Privacy and Data Protection Newsletter

Our monthly newsletter sharing cutting edge developments on Privacy and Data Protection