Photo of Erin Jane Illman

Erin Jane Illman

Subscribe to Erin Jane Illman's Posts

Erin Illman is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. She regularly advises clients on CCPA, GLBA, HIPAA, COPPA, CAN-SPAM, FCRA, security breach notification laws, and other U.S. state and federal privacy and data security requirements, and global data protection laws. In addition to providing proactive privacy and information security compliance and legal advice, Erin manages privacy-related enforcement actions and litigation. Her practice includes representing companies in reactive incident response situations, including insider cybersecurity threats, electronic and physical theft of trade secrets, and investigation, analysis, and notification efforts with respect to security incidents and breaches.

Follow:Read more about Erin Jane IllmanErin Jane's Linkedin Profile

Upending Trade Finance through Blockchain TechnologyTrade finance, in both domestic and international financial transactions, is often utilized when one company seeks to import a shipment of goods from a supplier (or exporter). These transactions comprise an enormous amount of global trade. It is estimated that approximately 80 to 90 percent of world trade relies on trade finance. In fact, almost

In the Wake of Equifax: What Auto Dealers Need to Know About Data PrivacyFollowing the recent Equifax data breach wherein millions of consumers’ private information may have been compromised, it is increasingly clear that consumer-interfacing businesses need to, and in some cases are required to, take steps to protect their consumers’ private information. Although not traditionally considered “financial institutions,” auto dealers that engage in financial activities—those that extend

Bitcoin and Bankruptcy: What You Need to Know about the Value of Bitcoin and Other Cryptocurrencies in BankruptcyIt is hard to peruse the internet or even mainstream media outlets without hearing about bitcoin. What is this ubiquitous bitcoin? It depends on whom you ask.

A CNN Money articled defined bitcoin as “a new currency that was created in 2009 by an unknown person using the alias Satoshi Nakamoto.” The IRS has recently

CFPB Walks the Data Privacy Tightrope on Public HMDA DisclosuresIn the wake of the Equifax data breach, consumers, companies, and regulators alike are cognizant of the potential exposure of personal information, and many companies are looking at ways to decrease the risk of unauthorized disclosure of personal data. In creating effective data privacy policies and procedures, companies must also analyze requirements under certain statutes

OCC Addresses Long-Standing Questions on Vendor Management ProgramsThe Office of the Comptroller of the Currency (OCC) recently issued supplemental guidance (Bulletin 2017-21) on third-party risk management. Responding to questions raised by banks and federal savings associations since the release of the OCC’s Bulletin 2013-19 on vendor management issues, the OCC provided additional insight on topics in the 2013 Bulletin and the application

[This post is the first in a series of post which will examine the risks, rewards, innovative uses, and changing legal landscape of social media use by financial services institutions. Future blog posts will examine topics such as: monitoring and managing consumer complaints through social media, disgruntled employee use of social media, and control over

Banks Should Prepare for Increased Collaboration between IT, Legal and BSA/AML Compliance Departments under New FinCEN GuidanceLast month, the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) issued an Advisory which provided substantial guidance to financial institutions regarding the scope of information that must be provided in Suspicious Activity Reports (SARs) arising from cyber-events, cyber-enabled crime, and cyber-related information under the Bank Secrecy Act (BSA).

When are financial institutions required to

Is Your Company Compliant? CFPB Requires Written Enterprise-Wide UDAAP Risk-Management ProgramThe Consumer Financial Protection Bureau (CFPB) ordered First National Bank of Omaha (FNBO) to pay a $4.5 million civil money penalty and $27.75 million in customer restitution for violations of engaging in deceptive marketing tactics and illegally billing consumers for add-on credit productions under the Dodd-Frank Act, which prohibits unfair, deceptive or abusive acts or

CFPB Sends Clear Message That FinTech Start-Ups Have Same Obligations as Established CompaniesIn a clear message to FinTech start-ups, on September 27, 2016, the Consumer Financial Protection Bureau (CFPB) ordered online lender Flurish, Inc. to pay $1.83 million in refunds and a civil penalty of $1.8 million for failing to deliver the promised benefits of its products. Flurish, a San Francisco based company doing business as LendUp,

Federal and State Authorities Take First Steps Toward Regulating Blockchain, Mobile Banking and Digital Financial ServicesLast week, federal and state lawmakers took significant steps toward specific regulations targeting digital financial technology, mobile banking and cybersecurity, signaling the possibility of wholesale changes to the legal landscape. The federal and state legislative proposals follow significant vertical market development and industry investment in financial technology, including an industry-wide consortium of banks’ investment in