Rita S. Heimes

Senior Counsel

Areas of Focus

Rita S. Heimes

Senior Counsel

rheimes@akingump.com

Areas of Focus

Save as PDF

Share This Biography

Biography
  • Over 20 years of experience advising clients in cybersecurity, artificial intelligence (AI) regulatory and data privacy matters.

Rita advises clients across industries—from startups and major technology companies to Tier 1 research institutions—on navigating the risks and opportunities presented by emerging technologies. Her deep knowledge of state, federal, and global privacy and data protection laws, combined with fluency in digital technologies, enables her to support clients in managing complex, high-stakes data issues across both transactional and dispute contexts. She also has extensive experience guiding organizations through cybersecurity incident response, from breach investigation to regulatory notification, and helps ensure compliance with evolving federal cybersecurity requirements. Rita holds the following IAPP certifications: CIPP/E, CIPP/US and CIPM.

Rita recently served as General Counsel and Chief Privacy Officer at the International Association of Privacy Professionals (IAPP), where she gained unique experience guiding a multinational client with pressing business-to-business (B2B) and business-to-consumer (B2C) privacy and data protection issues and solutions. She also managed organization-wide legal issues for IAPP in collaboration with the senior executive team, including overseeing litigation and other disputes, risk management, international operations strategy, insurance portfolio, talent opportunities, terminations, and supporting leadership with Board relations.

Through her service on the faculty at the University of Maine School of Law, where she is currently a Senior Affiliate Fellow and Adjunct Law Professor, Rita developed the University’s acclaimed privacy program, including organizing and hosting the annual Information Privacy Summer Institute and annual conference. She also launched and grew one of the nation’s first intellectual property law school clinics in both patent and trademark law, supporting inventors and start-ups to address a multitude of IP issues and worked with universities and non-profit research laboratories to develop collaborative tech transfer conversations and programs to support state economic development initiatives.

Rita’s legal career has spanned geography, skills, and subject matters, starting with a Ninth Circuit clerkship and developing through commercial litigation, IP acquisition and tech transactions, teaching and scholarship in multiple legal areas, and executive roles in higher education and business.

Representative Work

Cybersecurity, Privacy, Data Protection & AI

  • Developed and managed interdisciplinary privacy and data protection program for global non-profit (data inventory and mapping; global privacy law compliance; consumer-facing privacy statements and consent management; employee training; privacy and security policies; data protection impact assessments; international data transfers).
  • Drove time-sensitive responses (internally and with outside counsel) to European regulatory investigations relating to GDPR.
  • Guided cybersecurity incident victims and associated data controllers in the supply chain through investigation, risk management, notification analysis, and follow-on residual risk assessment, in myriad industries including government contractors.
  • Developed guidelines for assessing risk and opportunity to incorporate AI tools into products, services and use of suppliers’ platforms.
  • Collaborated across disciplines on development of internal AI governance program.
  • Supported M&A team on privacy and cybersecurity due diligence in asset acquisitions.

General Counsel and Risk Management

  • Translated complex legal concerns into actionable decisions consistent with fast-growing and resource-constrained nonprofit with international business ambitions.
  • Worked directly with product owners, sales, marketing, and technology teams to guide business forward through complex commercial relationships with the world’s largest companies.
  • Assisted with purchase and sale of assets.
  • Selected, engaged and managed outside counsel on international corporate tax and compliance matters.

Technology transactions, IP acquisition, litigation and licensing

  • Negotiated multi-year (e-filing) software agreements on behalf of states’ judicial systems.
  • Counseled children’s cancer research institute on IP and data sharing issues associated with international research collaboration
  • Created and supported several multi-stakeholder events addressing technology transfer by R1 universities and federally-funded research institutions.
  • Managed copyright and trademark portfolios; prepare licensing and cease-and-desist letters; co-counsel on significant IP litigation matters.

* List includes matters worked on prior to joining Akin.

Education
  • J.D., Drake University Law School, summa cum laude, 1993

  • B.A., University of Iowa, with highest distinction, 1990

Clerkships
  • U.S.C.A., 9th Circuit

Bar Admissions
  • District of Columbia

  • Maine

Affiliations and Public Service
  • International Association of Privacy Professionals, General Counsel and Chief Privacy Officer, 2019-2025, Research Director and Data Protection Officer, 2015-2019.
  • Judicial Clerk, The Honorable Robert R. Beezer, U.S. Court of Appeals for the Ninth Circuit, 1993-1994.
Speeches and Publications
  • Presenter, “Emerging AI Legal Issues,” University of Maine School of Law, Spring 2025.
  • Presenter, “In-House Privacy Practice,” Information Privacy Summer Institute, University of Maine School of Law, May 30, 2024.
  • Presenter, “What keeps a CEO or Managing Partner up at night? – Artificial Intelligence,” Maine Law Business and Society Summit, January 25, 2024.
  • Presenter, “Privacy and Security Implications of Data Sharing,” Information Privacy Summer Institute, University of Maine School of Law, June 6, 2022.
  • Presenter, “Data Monopolies: Competition Law for Privacy Pros,” Information Privacy Summer Institute, University of Maine School of Law, June 1, 2021.
  • Presenter, “California Consumer Privacy Act: Implications for Financial Institutions,” CBA Live, 2019.
  • Presenter, “Sausage Making in Privacyland,” Annual Meeting of the Consumer Financial Services Committee of the American Bar Association, 2019.
  • Presenter, “The impact of GDPR on Fintech Data Portability,” Michigan Technology Law Review Symposium on Data Privacy and Portability in Financial Technology, U. Michigan School of Law, 2019.
  • Presenter, “Building a Strong Data Privacy and Ethics Program: From Theory to Practice,” United Nations Global Pulse, May 2017.

Related Content

People

Distinguished by our areas of focus, as a cohesive and integrated firm, we are defined by the caliber of our work, the responsiveness of our service and a culture that is rooted in collaboration and forward-thinking.

We Also Recommend

Loading...
Loading...
Loading...
Loading...