Bart Huffman is a data strategy, security and privacy attorney in Holland & Knight's Houston office. Huffman has a systems engineering and intellectual property (IP) background, as well as deep experience in privacy and cyber security matters and sophisticated technology transactions. He provides legal advice concerning a wide range of matters, particularly in the transportation, energy, healthcare, financial and other critical infrastructure sectors.

Huffman leads engagements involving data, information systems and/or operational technology in connection with technology service and vendor contracting, ransomware and data breach or other security incident response, domestic and international privacy and cybersecurity compliance projects and programs, large-scale software as a service (SaaS) and other cloud-platform implementations, artificial intelligence (AI) contracting and compliance, business intelligence and data analysis, terrestrial and satellite Wi-Fi networks, software and information systems development and licensing, assessment and allocation of legal and contractual cybersecurity risks, tabletop exercises and governance advice. He often serves as lead "breach coach" for critical infrastructure companies, and he has served as lead outside counsel for investigations, recovery, negotiations, notifications and regulatory compliance in ransomware and other cyber and data security incidents – company-wide or system-specific, third-party or first-party – for approximately 20 years.

Huffman is a registered patent attorney at the U.S. Patent and Trademark Office (USPTO), a Certified Information Privacy Professional – U.S. and Europe (CIPP/US and CIPP/E), and a senior cybersecurity fellow at the Robert Strauss Center for International Security and Law at The University of Texas School of Law in Austin. He also serves as an adjunct professor at The University of Texas School of Law, where he has taught U.S. and European Union (EU) privacy law for a decade.

Huffman regularly supports clients in the negotiation of information technology (IT) transactions and license agreements, as well as compliance with privacy and data protection regulation on a national and international scale, including with respect to laws such as the Texas Data Privacy and Security Act (TDPSA), California Consumer Privacy Act (CCPA), Gramm-Leach Bliley Act (GLBA), Fair Credit Reporting Act (FCRA), Health Insurance Portability and Accountability Act (HIPAA), Children's Online Privacy Protection Act (COPPA) and the EU General Data Protection Regulation (GDPR). He is also experienced in matters involving the Payment Card Industry Data Security Standard (PCI DSS) and other payment systems privacy and security issues.

Huffman counsels clients as to the legal aspects of IT systems and governance and IT and operational technology (OT) security matters. He provides analysis and negotiates agreements concerning AI, data enrichment and data analytics, including associated issues of ownership, licensing, implementation and use. As a litigator, he has appeared in federal and state courts across the country, including in precedent-setting online copyright and privacy matters. Among other things, he is conversant in and has counseled leading internet service providers with respect to the Digital Millennium Copyright Act (DMCA), and he has led or participated on both sides of the bench in litigation involving large-scale data breach and/or cybersecurity incident response.