Spencer Fane LLP Logo

Spencer Fane Attorney Putting Cyber Security Certification To Work

Spencer Fane attorney Jonathan Gray has earned the esteemed designation of Certified Information Privacy Professional/United States (CIPP/US) from the International Association of Privacy Professionals (IAPP), a global organization dedicated to advancing the privacy and data protection industry.

Since earning his CIPP designation in June of 2015, Jonathan has focused on helping clients develop comprehensive strategies to address data breach risks and ensure compliance with all relevant legal requirements. He is knowledgeable in creating protocols surrounding how to respond when a data breach occurs and defending his clients against potential lawsuits regarding data breaches. Additionally, Jonathan has successfully represented companies on compliance best practices with the US-EU Safe Harbor Framework and privacy and data security laws in Europe.

Along with his CIPP certification, Jonathan has authored a number of publications, including “Safe Harbor Under Siege – Is This the End for the EU-US Safe Harbor,” “Banks: The Forgotten Victim of Data Breach,” and “Data Breach: Are You Prepared to Respond.” In addition to his privacy and data security work, he routinely helps clients successfully navigate and close multi-million dollar real estate development projects. His experience includes business law, financial services, privacy and data security, intellectual property, and real estate solutions. Jonathan is also an active member of the Denver Active 20-30 Children’s Foundation and an Associate Representative for the Legal Aid Foundation of Colorado Associates Campaign.

CIPP is considered to be the global standard in privacy certification and is the world’s first broad-based global privacy and data protection credentialing program. The CIPP/US demonstrates a strong foundation in U.S. private-sector privacy laws and regulations and an in-depth understanding of the legal requirements for the responsible transfer of sensitive personal data to and from the U.S., the EU and other jurisdictions.