Biography

MATTHEW H. BERGER* is an Associate in the Health Care and Life Sciences practice, in the Washington, DC, office of Epstein Becker Green. A Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals, Mr. Berger has extensive experience in international data transfer standards and protocols, supply chain data vulnerabilities, and data breach management due to his work as a privacy professional supporting the U.S. Department of Energy’s Privacy Program and other federal agencies’ privacy programs and as a data privacy and security attorney.

Mr. Berger’s experience includes:

  • Counseling health care companies, private equity firms, hedge funds, and other private-sector and public-sector entities on matters involving cybersecurity, data privacy, data center consolidation, privacy compliance, high-capacity computing, and breach responses/wargames
  • Working with corporate or department leadership to build cross-vertical collaboration in cybersecurity matters
  • Providing advice to government contractors and to businesses with international clientele or Internet-based advertising or services on issues pertaining to U.S. federal privacy and transnational border data transfer protocols, the Health Insurance Portability and Privacy Act (HIPAA), and the new Office for Civil Rights’ “Audit Protocol”
  • Advising clients on compliance with HIPAA Privacy and Security Rules, and other relevant privacy laws, rules, and regulations regarding protected health information, during mergers, acquisitions, and divestitures
  • Drafting and reviewing vendor and data processor agreements for compliance with international data transfer standards, including General Data Protection Regulation (GDPR) model clauses, binding corporate rules (BCRs), and APEC Cross-Border Privacy Rules (CBPRs)
  • Counseling clients on emerging European Union data privacy issues, including “the right to be forgotten” and GDPR

Before joining Epstein Becker Green, Mr. Berger worked at several technology companies, where he was assigned to serve as the Team Lead and Highest-Level Privacy Advisor to the U.S. Department of Energy’s Chief Privacy Officer, as the Lead Data Privacy Incident Associate to the Federal Deposit Insurance Corporation’s Chief Information Officer Office, and as a Privacy Advisor to the National Nuclear Security Administration. Earlier in his career, he was a data privacy and security attorney at a national law firm.

*Admitted in Virginia; not admitted in the District of Columbia.

Education
  • Stanford Law School (Certificate of Completion, 2016)
    • Program in Law, Science & Technology
  • William & Mary School of Law (J.D., 2011)
    • Staff Member, Environmental Law and Policy Review
    • Hillsman V. Wilson Law Fellow
  • The College of William and Mary (B.A., 2007)
Bar Admissions
  • Virginia
Memberships
  • International Association of Privacy Professionals
  • L’association Internationale pour la Protection de la Propriété Intellectuelle