Photo of Kathryn Rattigan

Kathryn Rattigan

Subscribe to Kathryn Rattigan's Posts

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Contact:Read more about Kathryn Rattigan

Finally, after providing the building blocks for strong Information Governance (IG) programs and operationalizing that framework, we discuss how to sustain your IG program in the last part of the series. An effective IG program powered by the ARMA IGIM framework isn’t static. To remain relevant in an AI-driven world, it must be scalable

If you’ve ever browsed Etsy looking for a handmade candle or a quirky T-shirt, you might have unknowingly shared more than just your shopping preferences. A new lawsuit filed last week in California claims that Etsy has been quietly allowing third-party companies like Google, Meta, and Microsoft to collect personal data from users through website

Last week, we outlined the building blocks for a strong IG program. Now that you’ve laid the groundwork, it’s time to bring your IG program to life. The ARMA IGIM framework emphasizes operational execution in three key areas:

  1. Procedural Framework
  2. Capabilities
  3. Information Lifecycle

These domains are where your framework tangibly interacts with AI systems

On July 1, 2025, California Attorney General Rob Bonta announced a settlement with Healthline Media LLC stemming from alleged violations of the state’s consumer privacy law, the California Consumer Privacy Act (CCPA). According to the complaint, Healthline’s privacy practices failed to comply with several core CCPA requirements.

Opt-Out Mechanisms

Under the CCPA, California residents have

Last week, we introduced you to the ARMA IGIM Framework. What’s next? Every successful Information Governance (IG) program starts with a strong base. The ARMA IGIM framework outlines three critical building blocks:

  1. Steering Committee
  2. Authorities
  3. Support Functions

Implementing these foundational pieces not only gets your IG program off the ground but also creates a

Today, organizations face unprecedented data challenges. The sheer volume of information, evolving regulations, and the rising momentum of artificial intelligence (AI) revolutionizing industries make it clear that information governance (IG) is not optional. The ARMA IGIM 2.1 framework provides organizations with a practical, structured approach to manage data effectively, enabling them to meet these challenges

Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents, spreadsheets, customer information, financial records, and even scanned IDs. But here’s the problem: these network shares

This post was co-authored by Government Enforcement + White-Collar Defense partner David E. Carney.

On June 6, 2025, President Donald Trump signed two executive orders aimed at significantly reshaping the future of drone policy in the United States. One focuses on protecting national airspace from malicious drone threats, while the other seeks to supercharge