Rachel St. John is a member of Heenan Blaikie’s National Privacy and Information Management group.
Rachel advises clients on a broad range of privacy, data security, information management matters, including information security breach response; cross-border data transfers; online and mobile marketing; behavioural tracking; employee monitoring and internal investigations; payment card systems; outsourcing transactions; health information privacy; data governance; and strategic management of information assets.
Rachel also drafts and negotiates contractual agreements concerning information security and develops policies, procedures and training programs. She also counsels on compliance with federal, provincial and international privacy requirements, including the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL) and Alberta’s Personal Information Protection Act (PIPA).
Rachel is a contributor to the AccessPrivacy.com Private Sector Source. An innovative online information tool, AccessPrivacy.com provides strategic guidance on key privacy issues.
Rachel also advises clients with respect to consumer protection matters, particularly as related to consumer agreements, direct selling, and other practices regulated under Alberta’s Fair Trading Act and related legislation.
Rachel joined Heenan Blaikie in September 2010. Prior to joining the firm, she practised global privacy and information management law at a leading U.S. law firm in New York, New York.
Education
- B.C.L./LL.B., McGill University, 2007
- B.A. (Honours), Mount Allison University, 2003
- Japanese Studies Certificate, Kwansei Gakuin University, 2002
Professional Affiliations
- Canadian Bar Association
- International Association of Privacy Professionals (IAPP)
- Law Society of Alberta
- Ontario Bar Association
- The Law Society of Upper Canada (Ontario)
Publications & Conferences
- Speaker, “Canada’s New Anti-Spam Law”, 2012 Access and Privacy Conference, June 14, 2012.
- Speaker, “Health Privacy Enterprise Risk Management”, Western Canada Health Information Privacy Symposium (WCHIPS), April 30, 2012.
- Speaker, "Anti-Spam Legislation", The Canadian Bar Association, Alberta Branch, Calgary, November 28, 2011.
- Speaker, "Canada's Anti-Spam Law: A Practical Approach to e-Marketing" PIPA Conference 2011, October 14, 2011.
- Co-Author, "Draft anti-spam regulations pose challenges", The Lawyers Weekly, Volume 31, No. 20, September 30, 2011.
- Co-Author, “Canada's Anti-Spam Regulations Released for Comment”, Heenan Blaikie’s IP Advocate, July, 2011.
- Co-Author, "Privacy Commissioner Calls for Enhanced Enforcement Powers", The Lawyers Weekly, Volume 3, No. 5, June 3, 2011.
- Co-Author, “PIPEDA Case Law Update: Federal Court Issues a Landmark Decision on Damages; Ontario Court of Appeal Deals with the Issue of Disclosure of Mortgage Information to a Third Party Creditor”, Eye on Privacy, OBA Privacy Law Section Newsletter, Volume 11, No. 1, February, 2011.
- Guest Lecturer, “Privacy and Information Security”, Columbia University, April 26, 2010.
- Guest Lecturer, “Privacy and Information Security”, Columbia University, December 7, 2009.
- Guest Lecturer, “Into the Breach: A Legal Perspective on Data Security Incident Response”, John Jay College of Criminal Justice Center for Cybercrime Studies and Center for Business Preparedness, November 23, 2009.
- Speaker, “Federal Breach Notification”, IAPP Privacy Academy, September 8, 2009.
- Speaker, “Data Breach: Where Are We? Where Are We Going?”, Annual ACM Northeast Digital Forensics Exchange, July 21, 2009.
- Co-author, “Nevada updates encryption law and mandates PCI DSS compliance’, Lexology/ACC Newsstand. June 17, 2009.
- Co-author, “The Boucher Bill: Shaping the Privacy Landscape in the U.S.”, Data Protection Law and Policy, Vol. 7:6. June 17, 2009.
- Contributing author, “European Union Data Protection”, in Data Security and Privacy Law: Combating Cyberthreats. Cronin/Weikers (2008).