Photo of Kathryn Rattigan

Kathryn Rattigan

Subscribe to Kathryn Rattigan's Posts

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Contact:Read more about Kathryn Rattigan

A new California trial court decision offers website operators some long-awaited relief in the ongoing wave of website privacy suits under the California Invasion of Privacy Act (CIPA). In early December, the Los Angeles County Superior Court, rejected an increasingly common theory that routine website analytics and tracking tools function as illegal “pen registers” or “trap

Enforcement of California’s Delete Act is accelerating. The California Privacy Protection Agency (CPPA) recently sent a clear message to data brokers: register, pay the required fee, and be prepared to defend your data practices, especially when they involve sensitive populations.

CPPA announced recent settlements with two data brokers totaling more than $100,000 for failing to

California’s 2025 legislative session ended with a familiar message to businesses: privacy compliance is expanding in scope, and artificial intelligence (AI) governance is moving quickly from voluntary best practices to enforceable transparency and safety obligations. On the last day of 2025, lawmakers introduced 33 privacy and AI bills and passed 16 for Governor Gavin Newsom

After a decade of cloud migration and incremental modernization, the technology sector is approaching an inflection point. This year, 2026, is shaping up to be the year AI must move from pilots to production. The focus is shifting from more tools and bigger platforms toward autonomy, context, and embedded intelligence across the stack, from software

Happy New Year! 2025 was a busy year for the Insider authors—we published 271 posts throughout 2025. To kick-off 2026, in case you missed them last year, we are providing the articles from 2025 that were the most interesting to our readers across various categories.

We hope you enjoy them and look forward to another

California’s strict privacy laws, particularly the California Invasion of Privacy Act (CIPA), are fueling a surge in class action lawsuits against major companies over their use of online tracking technologies. In recent weeks, prominent brands including Estée Lauder, Nike, and Luxottica have been hit with proposed class actions in the Northern District of California, all

On January 1, 2026, broad new privacy laws will take effect in Kentucky, Indiana, and Rhode Island, granting consumers in those states greater control over their personal data. With these additions, 19 states now have comprehensive privacy laws in place, which is a significant shift in the data privacy landscape since California led the way in 2018 with the

While the disruptive potential of generative AI in legal services dominates headlines, the real story lies with the individuals making that transformation possible. For in-house legal teams and law firms facing rapid shifts in regulation and technology, upskilling has evolved from a competitive advantage into the foundation of any successful AI strategy.

Technology Isn’t the