Andrew Leahey

Privacy Consultancy



Data privacy is a front-of-mind issue for modern businesses. All systems and implementations, regardless of their security, are susceptible to hacking and data breach. Waiting for a breach to happen to ensure there are appropriate safeguards in place at the policy level is simply not an option — your customers, clients and employees demand and deserve better. Your information and the information of other’s that you are entrusted with need to be collected and maintained in a manner that is consistent with international, national and local laws.


Data breaches, identity theft, record retention requirements, compliance, breach response, and security policy enactment — if running a business was ever simple, those days are long gone. There are notification requirements under international, national, and state law. Good policies are useless if your employees don’t comply with them. The field of information security policy is always in flux, and you need someone that will stay on top of the latest news and best practices so you can get back to doing what you’re good at — running your business.



I advise clients on compliance with international, national, and state level privacy and data security laws and regulations. From the Telephone Consumer Protection Act, to the General Data Protection Regulation and the forthcoming California Consumer Privacy Act, the field is getting more sophisticated, the requirements more stringent, and the penalties steeper.


On an infinite timeline, every internet-facing business will suffer a data breach. Data security incidents require specific notifications at the state and federal level and, in some cases, international law requirements. Additionally, following a breach there must be an assessment of what went wrong, what can be done better in the future, and constant open communication with regulators.


I’d love to help ensure your business is operating securely, compliantly, and efficiently. You can read a little bit more about my background here. In sum, I have more than a decade of experience in IT, and am a licensed and barred attorney (New Jersey and Pennsylvania). I can help you meet and exceed your compliance requirements on the European Union General Data Protection Regulation (GDPR), the forthcoming California Consumer Privacy Act (CCPA - in effect Jan. 1, 2020), the Telephone Consumer Protection Act (TCPA), and myriad other rules, regulations, and guidelines for handling data privacy and information security issues. I would love to get to know a little bit more about your business and see where I might be able to be of assistance. Please don’t hesitate to get in touch.

Name *
Tell me a little bit about your business and your concerns.