Hannah Levin

Partner

Hannah Levin advises clients on data security incident response and state and federal investigations and enforcement actions. Hannah also coordinates breach responses for companies across a variety of sectors, represents clients before the Federal Trade Commission (FTC) and state regulators for privacy, cybersecurity, and consumer protection issues, and counsels on all aspects of privacy and data security compliance. She provides guidance on state and federal regulations, including state data breach laws and notification requirements, the Children’s Online Privacy Protection Act (COPPA), the California Consumer Privacy Act (CCPA), the Federal Trade Commission Act (FTC Act), the Health Insurance Portability and Accountability Act (HIPAA), and the advertising industry’s self-regulatory regimes.

Hannah also helps clients navigate consumer protection issues, including the Restore Online Shoppers’ Confidence Act (ROSCA) and federal and state consumer protection statutes. Hannah also has broad civil and criminal litigation experience and has worked on complex class action and commercial litigation matters, government enforcement actions, and internal corporate investigations. She has represented clients facing liability under a variety of laws, including federal and state consumer protection statutes. Prior to joining Morgan Lewis, Hannah worked at another international law firm.

Show More
  • Counseled clients on hundreds of data breach incidents, including determining and executing notification requirements, and assisting clients with investigative and remedial actions
  • Managed privacy and cybersecurity incidents involving health information, including for healthcare providers and insurance companies
  • Defended retail, insurance, gaming, educational, and advertising technology companies in connection with Federal Trade Commission and/or state attorney general investigations concerning privacy and cybersecurity
  • Successfully resolved numerous US state and multi-state attorney general investigations following data breach incidents
  • Advised financial and insurance companies on compliance with New York Department of Financial Services cybersecurity requirements, including revisions of contracts, cybersecurity programs, and annual certifications
  • Developed cybersecurity programs and cybersecurity training for companies across various industries
  • University of Baltimore School of Law, 2014, J.D.
  • University of Maryland, 2011, B.A.
  • District of Columbia
  • Maryland
  • US Court of Appeals for the Fourth Circuit
  • US District Court for the District of Maryland
  • Clerkship to Judge Lynne A. Battaglia of the Maryland Court of Appeals for the Third Appellate Circuit (2014 - 2015)

Listed, The Best Lawyers in America, Ones to Watch, Administrative / Regulatory Law, Washington, DC (2026)

Listed, The Best Lawyers in America, Ones to Watch, Commercial Litigation, Washington, DC (2026)

Member, International Women’s Cyber Alliance