Johanna N. Skrzypczyk

Johanna Skrzypczyk (pronounced “Scrip-zik”) is a counsel in the Data Strategy and Security practice of Debevoise & Plimpton LLP. Her practice ... Read Full Biography

Publications

California Attorney General’s CCPA Sweep Indicates Focus on HR Data
21 July 2023

Avi Gesser
,
Tricia Bozyk Sherno
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
Practising Law Institute: Privacy Law Answer Book
23 January 2023

Luke Dembosky
,
Avi Gesser
,
Jyotin Hamid
,
Satish M. Kini
,
Henry Lebowitz
,
Erez Liebermann
,
Maura Kathleen Monaghan
,
David A. O'Neil
,
Jim Pastore
,
David Sarratt
,
Jeffrey P. Cunard
,
Kim T. Le
,
Tricia Bozyk Sherno
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
Michael Bloom
,
Fanny Gauthier
,
Corey Jeremy Goldstein
,
Kyle Kysela
,
Hannah R. Levine
,
Linda Lin
,
Melissa Muse
,
Kate Saba
,
Noah L. Schwartz
,
Mengyi Xu
Compliance & Enforcement: Legal Risks of Using AI Voice Analytics for Customer Service
11 January 2023

Compliance & Enforcement

Avi Gesser
,
Johanna N. Skrzypczyk
,
Robert Maddox
,
Martha Hirst
,
Kyle Kysela
CLS Blue Sky Blog: Debevoise Discusses What the GDPR Can Tell Us About State Privacy Laws
19 December 2022

CLS Blue Sky Blog

Robert Maddox
,
Johanna N. Skrzypczyk
,
Martha Hirst
NYDFS Publishes Official Amendments to Its Cybersecurity Regulation (Part 2) – Answers to the Top Questions from Our Webcast
30 November 2022

Avi Gesser
,
Erez Liebermann
,
Johanna N. Skrzypczyk
,
Mengyi Xu
NYU Compliance & Enforcement: NYDFS Publishes Official Amendments to Its Cybersecurity Regulation
14 November 2022

NYU Compliance & Enforcement

Luke Dembosky
,
Avi Gesser
,
Erez Liebermann
,
Caroline N. Swett
,
Johanna N. Skrzypczyk
,
Mengyi Xu
NYDFS Publishes Official Amendments to Its Cybersecurity Regulation
11 November 2022

Luke Dembosky
,
Avi Gesser
,
Erez Liebermann
,
Caroline N. Swett
,
Johanna N. Skrzypczyk
,
Mengyi Xu
CLS Blue Sky Blog: Debevoise & Plimpton Discusses “Dark Patterns” and Regulatory Scrutiny
20 October 2022

CLS Blue Sky Blog

Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
Melissa Muse
CLS Blue Sky Blog: Debevoise & Plimpton Discusses the SEC’s Most Recent Reg S-P Enforcement Action
7 October 2022

CLS Blue Sky Blog

Avi Gesser
,
Kristin A. Snyder
,
Erez Liebermann
,
Charu A. Chandrasekhar
,
Johanna N. Skrzypczyk
Lessons From the SEC’s Most Recent Reg S-P Action
6 October 2022

Avi Gesser
,
Erez Liebermann
,
Kristin A. Snyder
,
Charu A. Chandrasekhar
,
Johanna N. Skrzypczyk
NYU Compliance & Enforcement: California’s Age-Appropriate Design Code Act Expands Businesses’ Privacy Obligations Regarding Minors
27 September 2022

NYU Compliance & Enforcement

Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
Michael Bloom
,
Martha Hirst
,
Alessandra G. Masciandaro
CPRA Rulemaking Is Underway - Getting Ahead of Enforcement Risks
2 August 2022

Avi Gesser
,
David Sarratt
,
Christopher S. Ford
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
H Jacqueline Brehmer
Columbia Blue Sky Blog: Debevoise Discusses What the ADPPA Means for U.S. Data Regulation
15 July 2022

Columbia Blue Sky Blog

Paul D. Rubin
,
Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
Alessandra G. Masciandaro
36-Hour Breach Notification for Banks is Here
31 May 2022

Avi Gesser
,
Johanna N. Skrzypczyk
,
Courtney Bradford Pike
,
Michael R. Roberts
NYU Compliance & Enforcement: Data Minimization – Recent Enforcement Actions Show Why Some Companies Need to Get Rid of Old Electronic Records
26 May 2022

NYU Compliance & Enforcement

Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
NYU Compliance & Enforcement: Utah Joins the Comprehensive State Privacy Law Club
3 May 2022

NYU Compliance & Enforcement

Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
Alessandra G. Masciandaro
NYU Compliance & Enforcement: Data Minimization – Recent Enforcement Actions Show Why Some Companies Need to Get Rid of Old Electronic Records
9 March 2022

NYU Compliance & Enforcement

Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
Notice of Electronic Monitoring to Employees — New Requirements for Employers in NY State
24 February 2022

Jyotin Hamid
,
Tricia Bozyk Sherno
,
Johanna N. Skrzypczyk
NYU Compliance & Enforcement: Time to Update Cyber Incident Response Plans, Especially for Banks Subject to the New 36-Hour Breach Notification Rule
31 January 2022

NYU Compliance & Enforcement

Luke Dembosky
,
Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael R. Roberts
,
Michelle Huang
NYU Compliance & Enforcement Blog: A New Era of Federal Trade Commission (“FTC”) Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure
26 January 2022

NYU Compliance & Enforcement Blog

Luke Dembosky
,
Avi Gesser
,
Ted Hassi
,
Paul D. Rubin
,
Jim Pastore
,
Johanna N. Skrzypczyk
,
Leah Martin
,
Melissa Runsten
,
Christopher S. Ford
Law360: What Stablecoin Industry Can Expect From Congress In 2022
25 January 2022

Law360

Luke Dembosky
,
Avi Gesser
,
Ted Hassi
,
Paul D. Rubin
,
Jim Pastore
,
Johanna N. Skrzypczyk
,
Leah Martin
,
Melissa Runsten
,
Christopher S. Ford
Time to Update Cyber Incident Response Plans, Especially for Banks Subject to the New 36-Hour Breach Notification Rule
19 January 2022

Luke Dembosky
,
Avi Gesser
,
Johanna N. Skrzypczyk
,
Michelle Huang
,
Michael R. Roberts
A New Era of Federal Trade Commission (“FTC”) Privacy and Cybersecurity Oversight: Top Ten Things Companies Should Know When Assessing FTC Compliance and Exposure
12 January 2022

Luke Dembosky
,
Ted Hassi
,
Avi Gesser
,
Jim Pastore
,
Paul D. Rubin
,
Johanna N. Skrzypczyk
,
Christopher S. Ford
,
Leah Martin
,
Melissa Runsten
NYU Compliance & Enforcement Blog: Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws
20 December 2021

NYU Compliance & Enforcement Blog

Avi Gesser
,
Johanna N. Skrzypczyk
,
Michael Bloom
,
Michael R. Roberts
,
Tricia Reville
,
Kate Saba
Latin Lawyer – The Guide to Corporate Crisis Management: Data Privacy and Cybersecurity: Crisis Avoidance and Management Strategies
16 December 2021

Latin Lawyer – The Guide to Corporate Crisis Management

Andrew M. Levine
,
Johanna N. Skrzypczyk
,
H Jacqueline Brehmer
,
Michael Bloom
,
Hilary Davidson
,
Mengyi Xu
Banking Regulators Finalize 36-Hour Data Breach Notification Rule
24 November 2021

Luke Dembosky
,
Avi Gesser
,
Satish M. Kini
,
Gregory J. Lyons
,
Johanna N. Skrzypczyk
,
Christopher S. Ford
,
Alexandra N. Mogul
The FTC’s Strengthened Safeguards Rule and the Evolving Landscape of Reasonable Data Security
18 November 2021

Avi Gesser
,
Satish M. Kini
,
Johanna N. Skrzypczyk
,
Corey Jeremy Goldstein
Compliance and Enforcement: Face Forward: Strategies for Complying with Facial Recognition Laws (Part II of II)
1 November 2021

Compliance and Enforcement

Avi Gesser
,
Johanna N. Skrzypczyk
Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition
27 October 2021

Avi Gesser
,
Johanna N. Skrzypczyk
New York University School of Law Blog: Face Forward: Strategies for Complying with Facial Recognition Laws (Part I of II)
21 October 2021

New York University School of Law Blog

Avi Gesser
,
Johanna N. Skrzypczyk
Face Forward: Strategies for Complying with Facial Recognition Laws
Part 1: The Current Patchwork
20 October 2021

Avi Gesser
,
Johanna N. Skrzypczyk
China Passes the Personal Information Protection Law
1 September 2021

Luke Dembosky
,
Avi Gesser
,
Edwin Northover
,
Jim Pastore
,
Emily Lam
,
Philip Rohlik
,
Johanna N. Skrzypczyk
,
Tingting Wu
Harvard Law School Forum on Corporate Governance: The SEC’s Cyber Priorities and Four Ways for Companies to Reduce Regulatory Risk
11 August 2021

Harvard Law School Forum on Corporate Governance

Avi Gesser
,
Johanna N. Skrzypczyk
,
Suchita Mandavilli Brundage
The SEC’s Cyber Priorities and Four Additional Ways for Companies to Reduce Regulatory Risk
29 July 2021

Avi Gesser
,
Johanna N. Skrzypczyk
,
Suchita Mandavilli Brundage
Key Takeaways from the First Year of CCPA Enforcement
28 July 2021

Jim Pastore
,
David Sarratt
,
Johanna N. Skrzypczyk
,
H Jacqueline Brehmer
,
Christopher S. Ford
CLS Blue Sky Blog: Debevoise & Plimpton Discusses New Privacy Legislation in the U.S.: The Patchwork Problem Grows
26 July 2021

CLS Blue Sky Blog

Johanna N. Skrzypczyk
,
Kim T. Le
,
H Jacqueline Brehmer
Department of Labor Intensifies Cyber Readiness Inquiries Among Retirement Plan Administrators
13 July 2021

Lawrence K. Cagney
,
Avi Gesser
,
Jonathan F. Lewis
,
Jim Pastore
,
Johanna N. Skrzypczyk
The Supreme Court TransUnion Case Part 1 — What It Means for Standing in Cyber Cases
8 July 2021

Avi Gesser
,
Johanna N. Skrzypczyk
Seven Tips for Reducing CCPA Litigation Risks – Lessons from the First 18 Months
22 June 2021

Avi Gesser
,
Jim Pastore
,
Johanna N. Skrzypczyk
,
H Jacqueline Brehmer
,
Christopher S. Ford
Effective Access Controls, Timely Breach Notification and Other Takeaways from the Latest NYDFS Cyber Resolution
15 April 2021

Luke Dembosky
,
Avi Gesser
,
Jim Pastore
,
Johanna N. Skrzypczyk
,
Christopher S. Ford
,
Mengyi Xu
Federal Financial Regulators to Propose Enhanced Cyber Risk Management Standards
25 October 2016

Luke Dembosky
,
Eric Dinallo
,
Gregory J. Lyons
,
Jim Pastore
,
Johanna N. Skrzypczyk
FCPA Update - August 2015
Vol. 7, No. 1

Bruce E. Yannett
,
Philip Rohlik
,
David Sarratt
,
Andrew M. Levine
,
David A. O'Neil
,
Colby A. Smith
,
Johanna N. Skrzypczyk

Upcoming Events

Recent Events

NYDFS New Draft Amendments to Part 500 Cybersecurity Rules
18 November 2022

Debevoise & Plimpton LLP

Insurance Regulatory Developments Briefing Series

Webcast

Speaker: Eric Dinallo, Avi Gesser, Erez Liebermann, Caroline N. Swett, Johanna N. Skrzypczyk

Speaking Engagements
Privacy in Financial Services
1 October 2022

Advisor Group

Webcast

Speaker: Avi Gesser, Charu A. Chandrasekhar, Johanna N. Skrzypczyk, Michael R. Roberts

Speaking Engagements
Legal and Regulatory Roundup: Recent Developments and Trends to Watch
5 May 2021

The Risk Management Association

Global Consumer Conference

Webcast

Speaker: Courtney M. Dankworth, Johanna N. Skrzypczyk

Speaking Engagements

Johanna N. Skrzypczyk

Publications

Upcoming Events

Recent Events

Practices

Industries

Regions