General Counsel Services
Data Privacy & Cybersecurity
Security, Privacy, Integrity
RISK ASSESSMENT & GOVERNANCE
We assist clients in implementing and improving data security and privacy. We direct and review comprehensive risk assessments, advising on safeguards, and assisting with the development of robust risk management plans that include relevant policy and procedure review and implementation.
INCIDENT RESPONSE & BREACH NOTIFICATION
We work with clients who have experienced an incident or breach, managing the overall response by conducting internal investigations, coordinating public relations, ensuring legal compliance with breach notification requirements, liaising with technical experts, law enforcement and communicating with insurance carriers.
CONTRACTS & AGREEMENTS
We review and negotiate service level agreements, terms of service, data licenses, non-disclosure agreements and confidentiality agreements, business associate agreements and other vendor agreements and contracts.
COMPLIANCE & INVESTIGATION
We advise clients on legal and regulatory requirements and assist them with FTC, AG, HIPAA, GDPR and other investigations from responding to inquiries and negotiating settlements to preparation for litigation, if necessary.
We advise clients on security and privacy risks and other considerations regarding the migration of data to the cloud and negotiate cloud contracts.
TRAINING & AWARENESS
We work closely with clients to develop training & awareness curricula that are specifically tailored to each client's needs and requirements.
We advise clients on security and privacy risks and other considerations regarding the use of existing, new and emerging technologies, such as artificial intelligence.
We assist clients in devising breach response, emergency operations and business resilience plans.
WHAT WE DO
in Cybersecurity & Privacy
“There are only two types of companies: those that have been hacked and those that will be.”
- Former FBI Director
WHO WE ARE
We are a good idea. Shasteen Law, PA, is a law firm managed by M. Lisa Shasteen. Through her work, we deliver senior-level legal services to clients who appreciate not only legal advice but a strategic perspective. First, we listen. Our approach is client-tailored and business-minded. Our goal is to fully understand and satisfy the objectives of every client in the most cost-effective manner.
We represent clients in several industries. We have advised international and domestic clients who are operating in the fields of digital communications, internet services, and new technologies, finance, medical practice, medical research, real property development, real estate brokerage, commercial leasing, hospitality, business development, the sale of goods, charitable work, and more.
Our clients range from sole proprietorships to large clients with multiple locations. While some of our clients might share legal or regulatory obligations, each client is individual, and so is our approach.
M. Lisa Shasteen
M. LISA SHASTEEN:
Lisa is founder, sole member, and CEO of Shasteen Law, PA. She is former Senior Vice President and General Counsel for Communications Equity Associates, Inc. (CEA), an international investment and merchant bank focused on focused on acquiring emerging technology, broadcast television, telecommunications, outdoor properties (billboards), facility naming rights, and later technology based assets. At that time, CEA had $3 billion under management and 17 offices worldwide, including in Europe, Asia, and the Middle East. While there, Lisa was an investor in early-stage tech companies. She was also a member of the Board of Directors of the International Institute of Communications based in London, England, with membership spanning over 150 countries. The IIC fosters global communication and cooperation among regulators, communication and technology company executives, and academic leaders in the communication space.
Lisa has a Juris Doctor degree from Stetson University College of Law and trained in cyber security strategy at Georgetown University. In that field, her firm’s practice is highly collaborative with technical experts and focuses on data privacy law and cybersecurity strategy.
Lisa began her career as an attorney in 1990. She worked for Foley & Lardner and Rudnick & Wolfe on real estate litigation matters, bankruptcy cases, purchase and sale transactions, real estate development projects, and lending matters, including participations and bond financing transactions. In 1996, she founded her own law firm, Shasteen Law, P.A., through which she represented a number of nationally recognized developers, including the predecessor of T-Mobile for whom she managed legal affairs throughout its wireless system buildout within Florida and Texas. Her clients included CEA.
In 1997, Lisa joined CEA and became its Senior Vice President and General Counsel. There, she managed legal affairs world-wide and was on its business development team. While there, she participated in the development and management of several companies, including a company that built and managed broadcast television antenna towers. While there, she participated in the creation and growth of several companies developed based on internet and communication technologies purchased by the firm. She also served as a Director of the International Institute of Communications based in London, England (IIC) and delivered a paper in Kuala Lumpur about the use of technology to change the economic base of a country which was published in the Asian Wall Street Journal.
From her experience at CEA, Lisa saw cybersecurity and data privacy as critical business skills for the future and trained in those fields at Georgetown University. After finishing her studies, in 2015, she joined the board of directors of InfraGard Tampa Bay Members Alliance, Inc. (a public-private partnership with the FBI designed to protect the 16 critical infrastructure sectors of our country). In 2018 she was elected President and Chair of the Board and served in that capacity for two years. Due to her uncommon combination of experience in the real estate field and knowledge of cybersecurity laws, standards, and best practices, as well as her industry connections in both fields she acted also as Facilities Sector Chief, tasked with creating a West Florida team focused on cybersecurity related to facilities and their management.
Lisa is also a business strategist. Her experience spans industries, including but not limited to technology, communications, healthcare, hospitality, business development and real estate development, each of which is highly regulated. She has worked for start-ups, as well as established businesses moving through important transitions, such as mergers, acquisitions, expansion, fundraising, re-branding, cultural transformation, and turn-arounds. In the cybersecurity and privacy field, her work includes regulatory security and privacy risk assessments and legal review, security strategy, cyber and privacy due diligence review for mergers and acquisitions, development and evaluation of security and privacy education and training programs, policy and procedure drafting, including privacy policies and notices, incident response preparation, and breach investigation and response management for both domestic and international companies. She collaborates with technical, insurance and communications firms to develop tailored business strategies. She is also active on the board Threat Warrior, Inc., the developer of an artificial intelligence cybersecurity platform based on unsupervised neural network technology which learns and can work on-premises or in hyper-scaler environments like Google and AWS to respond to threats. It is deployed by small to large enterprises as well as cloud-native companies.
In 2003, Lisa established The Shasteen-Sizemore Co., a Florida licensed real estate brokerage through which she is responsible for residential and commercial sales, including a record-setting transaction for Pinellas County, Florida, involving the sale of a significant collection of hospitality properties on Clearwater Beach. She then represented the seller in the purchase and restoration of the Floridan Palace Hotel and the assemblage of properties associated with it, as well as its sale in 2021. The Floridan is an historic high-rise hotel in downtown Tampa, Florida, which is listed on the local landmark registry and the National Register of Historic Places. The Shasteen-Sizemore Co. serves residential and commercial clients in Florida.
Lisa has advised and sat on the Board of Directors of the Florida Association of Realtors. She also chaired the Realtor/Attorney Committee three times for the Greater Tampa Realtors, (GTR) an association with approximately 20,000 members. There she initiated a relationship with the Bay Area Real Estate Council (BAREC) and created its first Spanish language legal education initiative for Spanish-speaking Realtors. In 2020 she participated as a member of the Bylaws Committee of GTR and as Special Advisor to the association president.
Lisa also acted for several years as a real estate subject matter expert for the State of Florida, participating in the design, analysis and defense of real estate licensure tests and test questions administered to real estate associate, broker and instructor candidates and has acted in the same capacity on a national real estate exam accepted by several states for Pearson Vue. She has authored industry articles and was retained to develop and teach three related courses for St. Petersburg College focused on the fundamental business, legal and financial aspects of real estate.
Lisa is a licensed attorney and member of the Florida Bar spanning over 32 years. She is a member and former Director for the Bay Area Real Estate Council (BAREC), an association of real estate attorneys focused on transactions and supporting real estate industry relationships. She has spoken to BAREC members about real estate matters and cybersecurity-related law affecting facilities and other real estate holdings, as well as property rights related to UAVs (also known as drones).
Lisa regularly advises executives and boards of directors and speaks to industry groups about real estate, business, and technology matters. She is also a popular speaker on the legal liability related to cybersecurity and privacy matters and was invited as an expert presenter at the 2018 Cyber Con regarding the new European General Data Protection Regulation (GDPR). GDPR became effective in 2018, and Lisa’s law firm was one of the first in the world to report on behalf of a clienta data breach to all data protection authorities in countries governed by the GDPR.
As the use of artificial intelligence evolved, it became a focus for Lisa. She is a former board member of ThreatWarrior, Inc., an advanced deep-learning artificial cybersecurity intelligence platform company with a national presence. As board liability for cybersecurity failure has progressed, Lisa became focused on this emerging legal threat. As a member of the Private Directors Association national education task force, she helped educate board members and executives about their duties regarding cybersecurity within their organizations.
Lisa enjoys growing businesses, interior design, investigating advanced technologies and spending time with her family and pets.
3225 S. MacDill Ave.,
Tampa, FL 33629
For general inquiries, please fill in the following contact form. Please do not include information in the form or in any email to our firm that may be considered sensitive or confidential. We will endeavor to respond to your inquiry in 48 hours.