Elfin Noce is an associate in the Intellectual Property Practice Group in the firm's Washington, D.C. office. He also is a member of the Privacy and Cybersecurity Team.
Areas of Practice
Elfin counsels his clients on a wide range of data privacy and cybersecurity matters.
Elfin’s practice includes managing cyber breach response, drafting incident response plans, breach simulations, drafting privacy policies, negotiating and drafting complex technology agreements, and defending companies in cybersecurity litigation. His experience spans a wide range of privacy regimes, including CCPA, GDPR, telecommunications privacy (both the Cable Act and CPNI regulations), HIPAA, GLBA, TCPA, automated license plate reader regulations, and CALEA.
As in-house counsel at Charter Communications, Elfin led the company in operationalizing privacy, cybersecurity and technology matters. He advised on internal policies, breach investigation and response, drafting and negotiating privacy and data security contracts, and responding to legal requests for subscriber information.
He previously worked in-house advising a large employer health care plan with over 100,000 members on a wide range of legal issues, focusing in particular on the intricacies of HIPAA, including negotiating business associate agreements, day-to-day compliance issues, training, and notice drafting.
Elfin holds a CIPP/US certification from the International Association of Privacy Professionals.
Elfin also volunteers his time with the Washington Legal Clinic for the Homeless, assisting those in the Washington, DC area who are homeless, or at risk of becoming homeless, and in need of legal assistance.
Eye on Privacy Blog Posts
- "Implications of SEC’s Scrutiny of Data Use Representations," November 16, 2021
- "Connecticut Enacts New Cybersecurity Safe Harbor," July 22, 2021
- "What To Do About Employees Under CCPA: An Update," September 19, 2019
- "Illinois Joins States Requiring Breach Notice to AG," September 3, 2019
- "New York SHIELD Act Expands Breach Notice Requirements Starting in October," August 27, 2019
- "Preparing for New York’s New Data Security Requirements," August 26, 2019
- "Maryland Adds Requirements to Breach Notice Law," July 2, 2019
- "Texas Breach Law Will Change in 2020, To Require Attorney General Notification," June 25, 2019
- "Maine Passes Broadband Privacy Bill," June 12, 2019
- "Washington Enacts Restrictions on Applicant Wage and Salary Questions," June 10, 2019
- "Feds Want New IoT Guidance to Address Security Vulnerabilities," May 22, 2019
- "New Jersey Breach Notice Law Expands To Cover Online Account Breaches," May 16, 2019
- "Utah Requires Law Enforcement Search Warrants," May 14, 2019
- "Happy First Day of Spring! Ohio Insurance Law Effective Today," March 20, 2019
- "Cyber Concerns Lead to EU Recall of a Connected Kids Devices," February 13, 2019
- "Court Finds Cybersecurity-Related Claims Sufficient in Securities Class Action," February 6, 2019
Government Contracts & Investigations Blog
- "IoT Legislation Advances in Congress," September 29, 2020
FCC Law Blog Posts
- LTA/LCTA Annual Meetings & Conference, 03.01.2019
Certified Information Privacy Professional/U.S., International Association of Privacy Professionals