Skip to content

Simone McCormick

Member

Simone McCormick is a seasoned litigator in state and federal courts and before administrative tribunals admitted to practice law in the states of California, Oregon and Washington. Her litigation practice includes cyber/technology, commercial disputes, errors and omissions and employment liability practices. Simone defends consumer privacy/statutory violation claims and data breach related lawsuits whether single plaintiff or (national) class actions to achieve an efficient resolution in best interest of the business. Her experience in the defense of consumer protection law, employment and civil rights cases include claims of false claims violations, discrimination, retaliation, whistleblower, wrongful termination as well as wage and hour violations, misclassification claims including class and PAGA actions.

Simone is also an experienced breach coach. In that role, she leads data security incident response investigations of any size and industry sector. This includes managing a network of vendors such as forensics, remediation, and public relations. It also includes counseling clients on legal and regulatory obligations resulting from the incident and guiding them through the notification process, potential regulatory investigation and claims or litigation. Simone has managed data security incidents of varying sizes, complexities and types ranging from email compromises, social engineering attacks, wire fraud, ransom- and other malware attacks to sophisticated hacking attacks perpetrated by malicious actors. Affected clients have included industry sectors from financial, health, retail, education, service/professional service, municipal/governmental to social media. Her experience includes multi-state and large-scale international incidents including notifications of affected individuals and regulators such as Attorney General offices, other U.S. state and federal regulators and international Data Protection Authorities. If necessary or desired, Simone stands ready to litigate commercial disputes arising from incidents or defend against third party claims.

Simone’s experience has made her a trusted advisor for counseling clients on compliance and best practices in data privacy & cyber security and employment law matters. She has devised compliance strategies, conducted risk assessments, prepared policies & procedures, contracts and incident response plans. Simone also provides fractional general counsel services, management side employment counseling, compliance audits and strategic planning.

Education

J.D., Golden Gate University School of Law, San Francisco, California
M.A., Christian-Albrechts-University, Kiel, Germany, Teaching degree
International Association of Privacy Professional (IAPP), Certified Information Privacy Professional for the United States (CIPP/US) and Europe (CIPP/E)

Memberships

International Association of Privacy Professionals (IAPP)

California State Bar Association

Oregon State Bar Association

Washington State Bar Association

German American Business Association (GABA)

Oregon Women Lawyers

Professional Liability Underwriting Society

International Women Cyber Alliance (Founder)

Languages

English, German, French

State Bar Licenses

California, Oregon, Washington

Court Admissions

U.S. District Ct., N.D. of California
U.S. District Court, District of Oregon
U.S. District Ct., W.D. of Washington
U.S. District Ct., E.D. of Washington
U.S. Court of Appeals, 9th Circuit

Organizations

Co-Founder of Kids Nature Adventures

Co-Founder of Kinderhaus SF

Founder of women network: International Women Cyber Alliance

Publications

  • Inclusion Provides Opportunities to Build the Strongest, Most Resilient & Creative Workforce for Future Success, LBBS Grindstone Blog, October 8, 2020
  • A Human Resources Challenge – The Insider Threat to Data Assets, LBBS Grindstone Blog, June 2019
  • CCPA Requirements in Flux (Co-Author) (Three Parts/White Paper), LBBS Digital Insights Blog, June 2019
  • Legislative Alert: Maryland Amends its Breach Notification Law To Improve Incident Response (Co-Author), LBBS Digital Insights Blog, May 2019
  • Social Media and the Workplace – Why and How Employers Should Limit the use of Social Media in the Workplace (Co-Author), LBBS Digital Insights Blog, November 2018
  • Law firms must take steps to protect private client data, Daily Journal, Nov. 27, 2014
  • Anti-SLAPP in the Employment Investigation Context, Daily Journal, Oct. 22, 2013
  • ASEM – A Promising Attempt to Overcome Protective Regionalism and Facilitate the Globalization of Trade, Annual Survey of International and Comparative Law, Volume X, 233 (2004)

Presentations

  • Data Privacy and Cyber Security for Lawyers, Multnomah Bar Association, October 7, 2020
  • The End of Lawlessness: Your Data, Your Decision, DRI’s Women in the Law Seminar, January 22-24, 2020
  • Cyber Threats Panel Discussion at Traveler’s Cyber Symposium, Portland, October 2019
  • Cyber Threats Panel Discussion, Columbia Bank, Eugene, September 2019
  • Co-Leader at Portland IAPP KnowledgeNet Roundtable Discussion on GDPR & CCPA, July 2019
  • HIPAA Compliant Office Management, American Association of Orthodontists 2019 Annual Session, May 2019
  • Taking Cyber Security to the Next Level, OCAA, Spring Symposium, Co-Presenter with Duc Nguyen of RGL Forensics, Wilsonville, April 2018
  • Updates in Cyber Insurance, Panel Speaker at Perrin Conference, Philadelphia, April 2018
  • Legal Ethics in the Digital Age, DRI Appellate Advocacy Seminar, Las Vegas, March 2018
  • Chair of Defense Research Institute’s 2017 Cyber Security and Data Privacy Seminar, Chicago, September 2017
  • 10 Steps To Improve HIPAA Compliance at the Office, Presenter at the 2017 Annual Session of the American Association of Orthodontists (AAO), San Diego, April 2017
  • Ethics: Data Security Steps to protect Information, Speaker at DRI’s Data Privacy and Cyber Security Seminar, Atlanta, September 2016
  • Privacy, Security and Data Breaches for Law Students, Guest-Lecturer at University of San Francisco, September 2016
  • Offers to Compromise under Cal. Code Civ. Proc., section 998, Presenter at San Francisco Trial Lawyer Association, July 2016
  • Data & Cyber Security for Lawyers, Co-presenter with Winston Krone and Sylvia Johnson, Bar Association of San Francisco, CA, June 2016
  • HIPAA Audits, Webinar presentation with Anjali Kulkarni, ePlace Solutions, May 2016
  • Navigating the New, Scalable Worker Model, Moderator for panel discussion co-sponsored by DLA Piper and GABA, San Francisco, March 2016
  • Data Privacy & Cyber Security for Lawyers 101, DRI CLE-Webcast Presenter with Chris Travis and Adam Cohen, Chicago, IL, January 2016
  • Managing Cyber Risks in Healthcare, Presenter at Prosystems AG’s Medical Device Regulator’s Forum, Cupertino, CA, October 2015
  • Privacy, Security and Data Breaches for Law Students, Guest Lecturer, University of San Francisco School of Law School, September 2015
  • Privacy 101 for Businesses – Basic Steps to Protect Your Valuable Data, sponsored by the California Employment Advisory Council, San Francisco, CA, September 2015
  • Much Ado About Privacy and Security, Co-presented with Jon D. Feldhammer, sponsored by Golden Gate University and the Bay Area Young Tax Lawyers, San Francisco, CA, July 2015
  • Roundtable for Non-Profit Organizations, Co-presented with Angela Rho, Murphy, Pearson, Bradley & Feeney, San Francisco, CA, July 2015
  • Privacy and Cyber Security for Solo and Small Firm Lawyers, CLE-Webinar Presenter sponsored by Lawyers Mutual Insurance Company, Burbank, CA, July 2015
  • Discovery, Privacy & Data Breach, Co-presented with Adrian Driscoll, Murphy, Pearson, Bradley & Feeney, San Francisco, CA, July 2015
  • Managed Cyber Risks In Healthcare: How To Prepare For And Respond To A Data Breach, Guy Carpenter Medical Liability Network, San Diego, CA, April 2015 2015
  • The Year Of The Law Firm Hack: Why Preserving Privacy And Data Security Is Critical For Law Firms, co-presented with Winston Krone of Kivu Consulting and Lara Forde of ePlace Solutions, Inc., March 2015
  • Interview on Steps Law Firms Should Take Steps To Protect Private Client Data by Mari Frank of Privacy Piracy Radio Show, A Public Affairs Radio Program from The University Of California, Irvine, CA, February 2015
  • Responsibilities of Directors And Boards Regarding Privacy, Security and Data Incidents, AAOIC, St. Louis, MO, September 2014
  • Privacy and HIPAA Compliance for Orthodontist, Presenter at Defense Counsel Seminar of St. Louis, MO, August 2014
  • What Every Business Needs To Know About Privacy And Data Breach, Co-presented with James F. Monagle at Medtechfrontiers, Fremont, CA, January 2014
  • Liability Concerns Arising From The Integration Of Medical Devices Into IT Networks, co-presented with Oliver Christ of Prosystems USA LLC et.al., May 2013
  • Best Practices in Representing the Elderly, Presenter at the Marin County Estate Planning Council, San Raphael, CA, May 2013
  • New Challenges for Medical Device Manufacturers and Hospitals, Presenter with Oliver Christ of Prosystems AG at the German-American Business Association, San Francisco, CA, October 2012

Experiences

  • Handled hundreds of data/cyber incidents for businesses of all sizes ranging from ransomware attacks, insider threats, loss of data, email compromises, malware attacks, hacking intrusions, managed internal and external teams including internal and forensics investigations, communication strategy, legal analysis, response strategy, notification of affected individuals regulators -state, federal or international- handled subsequent regulatory investigations (national/international) and negotiations of consent decrees, fines and settlements.
  • Representative Breaches include: Multi state and large-scale international incidents including notifications of  millions of affected individuals and regulators such as Attorney General offices, other U.S. state and federal regulators and international Data Protection Authorities.
  • Defend consumer protection enforcement action by Washington Attorney General against client and negotiated reasonable resolution and consent decree;
  • Defend consumer class action lawsuits alleging privacy violations following consumer breach notifications negotiating reasonable resolutions;
  • Defended dozens of lawsuits and pre-litigation claims alleging privacy and federal and state statutory violations including California Invasion of Privacy Act (CIPA), Electronic Communications Privacy Act (ECPA) achieving reasonable resolutions based on client objectives;
  • Defend employee class actions lawsuits for wage and hour violations and other claims (PAGA) in California and Washington state courts achieving company saving resolutions.
  • Defend whistleblower, retaliation, discrimination and wrongful termination lawsuits by former employees including C-suite and director level employees against employers and achieved resolutions by confidential settlements;
  • Defended businesses in large scale commercial litigation stemming from data loss/data incidents or software/hardware malfunctions and reached confidential resolutions.

The Clark Hill approach is equally pragmatic and growth-minded, which is why we understand our clients’ toughest business challenges. Our multidisciplinary, global team of advisors focuses on smart legal solutions, delivered simply.

© 2026 Clark Hill PLC.