Pasha Sternberg helps companies navigate the complex and ever-evolving landscape of domestic and international privacy and cybersecurity regulations. He advises clients of all sizes and across industries on developing and implementing policies and programs to comply with key regulations, including the CCPA, CPRA, GDPR, HIPAA and GLBA. Pasha assists clients with their proactive and reactive privacy and cybersecurity needs, from data mapping exercises, onto compliance and risk assessments reviews for new products, programs and initiatives, through to investigating and responding to cyber incidents.

Pasha has significant experience representing clients in incident response matters involving malicious employees, sophisticated external attacks and everything in between. He counsels companies through all phases of incident response process — including network containment and restoration, forensic investigation, PR messaging and notification stages — and helps organizations assess and mitigate potential regulatory investigations and litigation risk arising from data breaches and security events.

In the aftermath of data incidents, Pasha guides companies through responding to investigations launched by federal and state regulators as a result of an incident. He has successfully resolved dozens of state and federal regulatory investigations and inquiries on behalf of clients, demonstrating sounds incident response practices coupled with proactive compliance measures that minimize the impact of an incident. 

Drawing on his early in-house experience helping to coordinate a full-scale privacy program for a major health care organization, Pasha brings a practical understanding of how to manage compliance in real-world complex business environments. His well-rounded background also includes serving as an associate at a global law firm in San Francisco and as a Privacy Breach Response Manager, where he assisted hundreds of companies in responding to cyber incidents.