Richard Sheinis

Rich takes advantage of his litigation background to work with businesses in the areas of data privacy and cybersecurity, employment, and technology. He works with a wide variety of companies from small technology businesses to publicly traded companies with a global footprint.

Rich also teaches Health Information Privacy and Security as an adjunct professor at the University of North Carolina at Charlotte.

Certifications

•Certified Information Privacy Professional (CIPP/US), IAPP
•Certified Information Privacy Technologist (CIPT), IAPP
•fellow of Information Privacy, IAPP

Experience

Data Privacy & Cybersecurity

Rich is a Certified Information Privacy Professional (CIPP-US) and a Certified Information Privacy Technologist (CIPT) through the International Association of Privacy Professionals (IAPP). He works with companies to investigate and respond to HIPAA and other data breaches, advises on regulatory compliance including HIPAA, COPPA, PCI DSS, cross-border data transfer, the EU-US Privacy Shield, and other global privacy regulations. Rich is well-versed in technology matters, and regularly works on technology issues related to:

•Software as a Service (SaaS) agreements
•Web development and hosting
•Cloud computing
•Electronic Health Record software agreements
•Software licensing
•Technology outsourcing
•Data analytics

Labor & Employment

Rich has represented the interests of clients in a variety of employment matters. He has defended clients against discrimination claims base on race, religion, national origin, sex, disability, and age as well as Title IX claims against colleges and universities. He has also represented clients in lawsuits alleging violations of the Family Medical Leave Act, the Fair Labor Standards Act, and a variety of claims alleging wrongful termination. Representative matters include:

•Defended hotel chain against claims of national origin and religious discrimination.
•Defended employer against claim of gender discrimination.
•Represented health care providers against claims of disability, religious and racial discrimination.
•Prepared employment agreements, which included non-compete, non-solicitation and non-interference restrictive covenants.
•Responded to EEOC charges on behalf of a variety of employers.

Affiliations

•Analytics and Big Data Society, Board Member
•Care Ring: Board of Directors, 2024-Present
•DRI
•Hospitality Technology Next Generation
•International Association of Privacy Professionals
•Netherlands-American Chamber of Commerce of the Southeastern United States, Secretary
•University of North Carolina at Charlotte, School of Data Science, Adjunct Faculty

Recognition

•AV Preeminent Peer Review Rated, Martindale-Hubbell

Presentations

•Legal Perspective on AI
Charlotte Metro ISSA, Monthly Meeting; May 22, 2024
•Artificial Intelligence in Medicine: Risks, Benefits, and Best Practices
Georgia Society of Healthcare Risk Management (GSHRM) 2024 Winter Meeting; February 2, 2024
•Using AI in Your Business
HBS Webinar; July 27, 2023
•New U.S. Privacy Laws & the Changing International Landscape
BITAC - Operations, April 2023

•Partnering with Cyber Insurance Before, During, and After an Event
Charlotte Technology Leadership Conference; September 10, 2020
•COVID-19 Legislative Updates and Remote Security,
Curi; August 13, 2020
•Revised CCPA Regulations And How COVID-19 Is Affecting Data Privacy
Hall Booth Smith; April 7, 2020
•State Privacy Law Update
IAPP-Charlotte Knowledge Net Chapter; October 23, 2019
•CCPA Is Almost Here - How to Get Ready
Hall Booth Smith; October 16, 2019
•Beyond HIPAA: Cyber Threats, Hackers and Risks ... and How to Protect PHI
Georgia Society of Healthcare Risk Managers, Fall Conference; September 9, 2019
•NY SHIELD Act: How Your Data Privacy and Security Obligations Could Change
Hall Booth Smith; August 20, 2019
•How AI Is Reshaping the Future of HealthCare
Florida Society of Hospital Risk Managers and Patient Safety, Annual Conference; August 15, 2019
•Blockchain in Hospitality: Regulatory and Governance
Hotel Technology Next Generation; April 30, 2019
•Are You Ready for GDPR?
HTNG Asia-Pacific Conference, Macau, China; July 24-26, 2018
•Held for Ransom! First Steps to Mitigate Potential Server and Systems Takeover
Medical Mutual 2018 Webinar Series; April 11,2018
•Worried About GDPR?
HT-NEXT Conference; March 14, 2018
•GDPR Contracting
HT-NEXT Conference, CISO Forum; March 13, 2018
•Cybersecurity: Keeping Us Safe or Making Us More Vulnerable?
Charleston School of Law 2018 Symposium; February 9, 2018
•GDPR Readiness
Hospitality Financial & Technology Professionals, Central Carolina Chapter Meeting; January 26, 2018
•IT For Banking Law Lawyers: Threats, Security Trends, and Expectations
USLAW NETWORK Banking and Financial Services In-House Counsel Forum; October 4, 2017
•Exercising Cybersecurity Due Diligence in Mergers and Acquisitions
Claims and Litigation Management Alliance, 2017 CLM Management & Professional Liability Conference; July 27, 2017
•Data Security Risk Assessments: The Gold of Due Diligence
American Bar Association, National Legal Malpractice Conference; April 20, 2017
•Getting Smart about PII: A Legal & Logistical Roadmap to Protect from Privacy and Security Risks
Hotel Technology Forum + HTNG North America HT-Next; April 11, 2017
•Cloud Security and Mitigating Vulnerabilities
UNC Charlotte Cybersecurity Symposium; October 5, 2016
•The GDPR, EU - US Privacy Shield and the Russian Data Localization Law
Hotel Technology Next Generation; May 3, 2016
•Privacy/Cyber Legal Issues in Private Practices
Sterling Risk Advisors, Sterling Club Educational Breakfast; February 2, 2016
•Better Call Saul
Hospitality eResources, Data Security Training Seminar; January 2016
•Data Privacy and Security, Cyber Liability, Compliance and Other Concerns in the Data Age
Ohio Association of Civil Trial Attorneys; November 20-21, 2015
•Protection and Use of EMR in the Digital Age of Analytics, Clouds and Bad Guys
North Carolina Health Information Management Association; November 5, 2015
•Privacy & Cyber Liability, Protecting Your Business
Sovereign Risk Solutions, Soup to Nuts Lunch & Learn; August 27, 2015
•Dawn of the Data Age
DRI, Data Breach & Privacy Law Conference; September 2014
•The Road to Data Privacy and Cybersecurity
Alabama Association of Corporate Counsel, April 2014
•The New HIPAA Security Omnibus Regulation & Other Updates for the HIPAA Security Rule
Georgia Society for Healthcare Risk Management, Fall 2013 Conference
•Employment Policies and Agreements to Minimize Risk in BYOD Program
USLAW Webinar, August 20, 2013
•HIPAA/HITECH and Other Data Security Issues
Georgia Healthcare Association, Spring 2012 Conference

Publications

•Global Data Download: Data Privacy & Security Report
Monthly newsletter highlighting updates on trending cybersecurity and related news topics. Subscribe here .
•The CrowdStrike Incident: Analysis and Takeaways
HBS PrivacyCafe Podcast; July 24, 2024
•Texas Judge Rules HHS’ Web Tracking Guidance Is Unlawful
HBS Data Privacy & Cybersecurity Blog; July 2, 2024
•EDPB Task Force Issues Report on ChatGPT Compliance with GDPR
HBS Data Privacy & Cybersecurity Blog; June 6, 2024

•Navigating AI in Health Care with Rachel Stuve, Elevance Health
HBS PrivacyCafe Podcast; May 8, 2024
•FTC Updates the Health Breach Notification Rule: Health-Related Websites & Mobile Apps Beware
HBS Data Privacy & Cybersecurity Blog; May 8, 2024
•Analysis and Implications of the EU AI Act
HBS PrivacyCafe Podcast; March 27, 2024
•A Closer Look: EU’s Finalized AI Act & What It Means for the U.S.
HBS Data Privacy & Cybersecurity; March 20, 2024
•Predictions for 2024 in Data Privacy and Cybersecurity
HBS PrivacyCafe Podcast; March 6, 2024
•The FTC Shows Its Dislike of Facial Recognition Technology
HBS Data Privacy & Cybersecurity Blog; January 2; 2024
•HHS Warnings Trigger Class Actions Against Medical Providers for Use of Online Tracking Technologies
HBS Data Privacy & Cybersecurity Blog; January 2; 2024
•Another Year Wasted for U.S. Federal Data Privacy Legislation
HBS Data Privacy & Cybersecurity Blog; December 5, 2023
•Legal Implications of Using AI in Your Business
HBS Legal Trends Podcast; September 27, 2023
•Legal Tips with Richard Sheinis: AI In Hospitality
Hotel Interactive; June 25, 2023
•As Data Breach Class Actions Rise, Here’s What to Know About the ‘Kill Chain’
New York Law Journal; June 20, 2023
•Canada’s Consumer Protection Privacy Act (CPPA) at Least One Year Away
HBS Data Privacy & Cybersecurity Blog; November 8, 2022
•Irish DPA Fines Whatsapp $225 Million Euro For Transparency Violation
HBS Data Privacy & Cybersecurity Blog; September 14, 2021
•The European Protection Board Issues Guidance On Supplementary Measures For The Cross-Border Transfer Of Personal Data
HBS Data Privacy & Cybersecurity Blog; July 13, 2021
•Representative Ted Lieu Once Again Introduces The “Ensuring National Constitutional Rights For Your Private Telecommunications (ENCRYPT) Act”
HBS Data Privacy & Cybersecurity Blog; June 8, 2021
•The FTC Is Looking For Truth, Fairness, And Equity In The Use of Artificial Intelligence
HBS Data Privacy & Cybersecurity Blog; May 3, 2021
•French Supervisory Authority To Enforce Its Ad Tracker (“Cookie”) Guideline
HBS Data Privacy & Cybersecurity Blog; April 2, 2021
•Facebook Ordered to Pay $650 Million For Violation of Illinois’ Biometric Information Privacy Act
HBS Data Privacy & Cybersecurity Blog; March 9, 2021
•What Is The Status Of Personal Data Transfers Between the EU and the UK?
HBS Data Privacy & Cybersecurity Blog; February 9, 2021
•No Solution Yet For The Transfer of Personal Data from EU to the US
HBS Data Privacy & Cybersecurity Blog; January 12, 2021
•European Lawsuit Accuses Uber of “Robo-Firing” Drivers
HBS Data Privacy & Cybersecurity Blog; November 10, 2020
•California Privacy Rights Act Passed By California Voters
HBS Data Privacy & Cybersecurity Blog; November 4, 2020
•U.S. National Privacy Legislation Introduced: The SAFE DATA Act
HBS Data Privacy & Cybersecurity Blog; October 13, 2020
•Patient Death Attributed to Hospital Ransomware Attack
HBS Data Privacy & Cybersecurity Blog; September 23, 2020
•Is the European Hospitality Industry Ready for the Payment Services Directive 2?
HBS Data Privacy & Cybersecurity Blog; September 8, 2020
•Update In the Post-Schrems II Era and Guidance for the Use of Standard Contract Clauses
HBS Data Privacy & Cybersecurity Blog; September 8, 2020
•Legislation Introduced to Put Limits on Use of Facial Recognition
HBS Data Privacy & Cybersecurity Blog; August 10, 2020
•Congress is All Talk And No Action When It Comes To Data Privacy
HBS Data Privacy & Cybersecurity Blog; June 30, 2020
•Thailand Delays Data Protection Law Because of COVID-19
HBS Data Privacy & Cybersecurity Blog; June 9, 2020
•Dutch Court Goes Too Far In Enforcing Privacy Regulation
HBS Data Privacy & Cybersecurity Blog; June 2, 2020
•European Data Protection Board Issues Guidelines On The Use of Location Data and Contact Tracing Tools In the Context of COVID-19
HBS Data Privacy & Cybersecurity Blog; May 12, 2020
•Senators Introduce Bill to Protect Personal Data Amidst COVID-19
HBS Data Privacy & Cybersecurity Blog; May 12, 2020
•Are Countries Willing To Bend The Privacy Rules To Track COVID-19
HBS Data Privacy & Cybersecurity Blog; April 14, 2020
•California Attorney General Fiddles While Rome Burns
HBS Data Privacy & Cybersecurity Blog; March 30, 2020
•Brexit Is Here, so What Does That Mean for Data Privacy?
HBS Data Privacy & Cybersecurity Blog; February 13, 2020
•CA Attorney General Issues New Draft of CCPA Regulations
HBS Data Privacy & Cybersecurity Blog; February 13, 2020
•The Cyber Threat: Landscape for 2015
Hall Booth Smith, 2015
•Data security risk: You can take it anywhere
Journal of Accountancy; April 1, 2014
•Data Security Part 3: Training Staff to Reduce Risks Associated with Data Breach
Hospitality Upgrade, March 2014
•Making Your Cloud Agreement Work for You
Hospitality Upgrade, October 2013
•Legal Corner: Embracing Mobility
Hospitality Upgrade, June 2013
•Data Protection in International Business
DRI: For The Defense, 2012
•Data Protection in International Business
DRI: For The Defense, May 2012
•Enforcement of International Arbitration Awards in the United States
DRI: For The Defense, 2011

In the Press

The AI Journal: Richard Sheinis on AI Governance & Ethics in the EU & USA

April 23, 2025

In a recent article published in The AI Journal, Charlotte Partner Richard Sheinis discussed the AI regulatory landscape in the EU in comparison to the U.S.