Mark H Francis

  • T 212.513.3572

Mark H. Francis is a New York cybersecurity, data privacy and intellectual property attorney advising clients on a wide array of "tech and data" counseling, transactional and litigation matters.

Counseling. Mr. Francis focuses on data strategy and information governance, cybersecurity, technical controls, cross-border data transfers, and data privacy laws. In that capacity, Mr. Francis advises clients on Federal Trade Commission (FTC) Section 5 requirements (unfair and deceptive practices), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Fair Credit Reporting Act (FCRA), Children's Online Privacy Protection Act (COPPA), California Consumer Privacy Act (CCPA), Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003, state privacy laws, PCI Data Security Standard (DSS), card brand operating regulations, National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO) standards and other related legal and regulatory requirements.

Tech Agreements and Corporate Transactions. Mr. Francis regularly advises clients on data and intellectual property agreements and technology transactions, including master service agreements and statements of work (SOWs), open source and proprietary software licenses, IP/data transfers and licenses, software as a service (SaaS) and cloud computing agreements. He also works with deal teams on data and technology risks and representations in corporate transactions.

Crisis Management and Incident Response. Mr. Francis has counseled dozens of clients on U.S. and global data breaches and other security incident s across a number of industries, including healthcare, financial services, retail, technology, consulting, industrial and telecommunications. He advises clients on internal and forensic investigations, regulatory and individual notifications and interactions with law enforcement and other third parties.

Cybersecurity and Data Privacy Litigation and Regulatory Actions. Mr. Francis represents clients in regulatory and state Attorney General investigations, data breach class actions and PCI assessments.

Intellectual Property Counseling and Litigation. Mr. Francis represents clients in a wide range of intellectual property (IP) litigation in federal courts across the country. His IP matters have often involved complex technologies such as wired and wireless communications, cloud computing, mobile operating systems, virtual machines, web browsers, encryption, image processing and semiconductor devices. He is a registered patent attorney with the U.S. Patent and Trademark Office and assists clients with patent prosecution, as well as copyright and trademark procurement.

Mr. Francis is an International Information System Security Certification Consortium (ISC)2 Certified Information Systems Security Professional (CISSP) and EC-Council Certified Ethical Hacker (CEH). He is also an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional/United States (CIPP/US), IAPP Certified Information Privacy Technologist (CIPT) and IAPP Fellow of Information Privacy (FIP).

In addition, Mr. Francis is an accredited attorney for the preparation, presentation and prosecution of claims for veterans' benefits before the U.S. Department of Veterans Affairs (VA).

Honors & Awards

  • Rising Stars, New York Super Lawyers magazine, 2015-2017
  • Nathan Burkan Memorial Award, Fordham University School of Law, 2006


  • American Bar Association
  • International Association of Privacy Professionals (IAPP), Training Advisory Board, 2017-2018
  • InfraGard, New York Metro InfraGard Members Alliance, Board of Directors, 2018-2019 
  • International Information System Security Certification Consortium (ISC)²
  • EC-Council