Mel Gates counsels clients in data privacy, cybersecurity and regulatory compliance matters, helping organizations achieve an effective balance between data protection and business capabilities. She holds a Certified Information Privacy Professional (CIPP/US) certification from the International Association of Privacy Professionals (IAPP). Ms. Gates has experience with health care clients ranging from small physician practices to state health information exchanges in developing policies, training employees and meeting HIPAA and HITECH obligations.
Since joining Patton Boggs, Ms. Gates has facilitated information security policy development for clients across multiple industries, including a data analytics firm, which she provided with a comprehensive policy rewrite, aligned with international standards and for which she identified more than a dozen sector-specific privacy and data protection regimes. She also assists clients with understanding the causes and implications of data breaches, hack attacks and other security incidents and provides counsel on proactive measures that can help prevent such events from occurring.
Ms. Gates worked in telecommunications and information technology for more than twenty years prior to joining the legal field. Most recently, she served as chief information security officer (CISO) for Qwest Communications. In her seven-year tenure as CISO, Ms. Gates held a “top secret” security clearance, managed information security controls around the world and created a specialized team of technology professionals dedicated to protecting both enterprise and customer assets.
Ms. Gates has made numerous television, radio and event appearances, including on CBS’ “Early Show” and “The Montel Williams Show,” and has spoken at industry events such as the Rocky Mountain Information Security Conference. She has written several articles on the topics of privacy and information security and co-authored an article featured in the Albany Law Journal of Science & Technology in 2010. Ms. Gates is also a joint patent holder of the Method and System for Authenticating and Auditing Access by a User to Non-Natively Secured Applications, issued in 1998.