Rebecca L. Rakoski, Esquire
- Corporate and Banking Law, Regulatory Compliance (FINTEC, GLBA, NYDFS Cyber Reg500)
- Business Regulatory Investigations and Defense (HHS, OCR, FTC)
- Casino & Gaming
- Health Law Compliance (HIPAA)
- Complex Privacy and Cybersecurity Litigation
- Domestic and International Data Privacy (CCPA, CPRA, GDPR, CPA, CDPA)
- International Data Transfers
- Data Privacy Compliance Investigations
Bar & Court Admissions
- New Jersey, New York, Pennsylvania
- United States District Court for the District of New Jersey
- United States District Court for the Eastern District of Pennsylvania
- United States Court of Appeals for the Third Circuit
Rebecca L. Rakoski is the co-founder and managing partner at XPAN Law Partners. Rebecca counsels and defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. As an experienced litigator, Rebecca has handled hundreds of matters in state and federal courts. Rebecca skillfully manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to mitigate her client’s litigation risks.
Rebecca advises her clients on a proactive, multi-jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She uses her extensive experience to work with her clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.
Rebecca regularly negotiates complex contractual provisions that are impacted by domestic and international data privacy regulations including the California Consumer Privacy Act of 2018 and the European Union’s General Data Protection Regulation. She understands how the nature of the data can affect the role her client plays in the data transaction and uses that knowledge to minimize corporate liability.
As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association’s Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association’s Bankruptcy Law Section and also served on the Complex Business Litigation Committee that drafted and revised the Court Rules involving electronic discovery in complex litigation matters.
Rebecca is regularly appointed by the New Jersey Courts as a Technology and/or Discovery Special Master.
Rebecca is on the Board of Governors for Temple University Health Systems and an adjunct professor at Drexel University’s Thomas R. Kline School of Law and Rowan University. She is currently serving as the Interim Associate Dean for Online and Graduate Programs at Drexel University’s Thomas R. Kline School of Law.
- The Counterstrategy Blueprint: Raising the Economic Costs of Generating a Cyber Attack to Decrease Data Breach and Infiltration Success Rates. New York Law Journal (May, 2023)
- AI’s Learning Curve Clashes with Proprietary Data: Processing Originality Raises Legal, Ethical Questions. New York Law Journal (March, 2023)
- Mitigating the Rising Tide of Data Breach Costs for Global Corporations Through Regulatory Compliance Management. New York Law Journal (November, 2022)
- Move Over Third-Party Data: Rising First-Party Data Collection Looks To Impact Business and Data Privacy Laws. New Jersey Law Journal (October, 2022)
- AI vs. AI: Forecasting the Ethical Dilemma Circling Law, Business and Technology. New York Law Journal (May, 2022)
- Cannabis M&A: Protecting the Valuation Calculus Using Cyber Compliance and Due Diligence. National Cannabis Industry Association (April, 2022)
- Lowering a Corporation’s Legal Risk Profile Through Employee Cybersecurity Training. New Jersey Law Journal (March, 2022)
- Anatomy of an NYDFS Enforcement Action for Violating New York’s Cybersecurity Regulation. New York Law Journal; Reprinted in Treasury & Risk (November, 2021)
- Supply Chain Cybersecurity in Clinical Research. MAGI – Journal of Clinical Research Best Practices (August, 2021)
- Finance Industry Fault Lines: Profit and Compliance Compatibility. New Jersey Law Journal (June, 2021)
- The Devil is in the Contracts. Secure World (June, 2021)
- Data-Breach Concerns Rise as NY Launches Adult-Use Cannabis Program. The Legal Intelligencer (May, 2021)
- Calculating a More Cyber Secure Tax Season. Secure World (March, 2021)
- US Should Create New 3-Pronged Approach To Cybersecurity. Law360.com (March, 2021)
- Ethics in Data Collection. Secure World (March, 2021)
- Navigating Global Privacy Regulations. Benefits Magazine (March, 2021)
- Expanded New York Data Privacy Laws Loom in 2021. Secure World (February, 2021)
- Roadmap to Avoiding Data Breach Litigation. Secure World (October, 2020)
- Examining Data Breaches in Pharma Companies During COVID-19. PharmExec (September, 2020)
- In the Cannabis Industry, Profitability and Data Security go Hand-in-Hand. New Jersey Law Journal; Reprinted in NU Property Casualty 360 (July, 2020)
- The Sippy Cup Problem, Redefining Cybersecurity Awareness. New Jersey Law Journal (May, 2020)
- A Modern Renaissance – Privacy In 2018 And Its Continuing Domestic Evolution, Feature Article Policy and Medicine (December, 2018)
Interviews & Seminars
- New Jersey Bar Association Cybersecurity Task Force
- New Jersey Bar Association Vice-Chair Elect Bankruptcy Law Section
- Board of Governors Temple University Health Systems
- Temple University- Cybersecurity and Data Privacy Committee
- Alice Paul Institute- Past Chair of Equality Awards