Photograph of Stephanie A. Reiter


  • University of Wisconsin – Madison, B.A. (2007) cum laude, Phi Kappa Phi Honor Society, Phi Alpha Theta History National Honor Society
  • Chicago-Kent College of Law, J.D. (2010) with distinction, Dean’s List, Merit Scholarship


  • Admitted in Illinois Only
  • Practicing under the Supervision of D.C. Bar Members
Stephanie A. Reiter, Associate Washington, D.C.
Phone: +1 202.624.2534
1001 Pennsylvania Avenue NW
Washington, DC 20004-2595

Stephanie Reiter is an associate in the Washington, D.C. office of Crowell & Moring, where she is a member of the firm’s Privacy & Cybersecurity Group, focusing on crisis management, big data, breach, response, and litigation, risk management, and Internet of Things (IoT).

Stephanie focuses her practices on data security, privacy, and cyber liability matters. She advises companies on state, federal, and international privacy issues, including data breaches, data protection and compliance programs, and cybersecurity preparedness and governance.

Stephanie handles data breaches for a wide variety of businesses in retail, health, education, energy, financial, hospitality, and human resources industries. She serves as a first-responder, addressing security incidents involving information exposures, data misuse, data theft, and other privacy violations. In that capacity, she coordinates with clients’ management and information technology staff, as well as forensic vendors to identify and contain the source of data breaches. Stephanie is also experienced in facilitating restoration of normal system operation following a cybersecurity incident, mitigating the reputational harm associated with data breaches, and complying with applicable data breach notification laws to minimize the potential for adverse actions by regulators or litigation.

In the context of data breach preparedness, Stephanie collaborates with clients’ executive management teams, assists in preparing briefings for boards of directors, and works with outside consultants to evaluate and develop action plans to address an entity's enterprise risks and enhance overall cybersecurity. She also crafts comprehensive privacy policies, written information security policies, and breach response plans to meet the unique needs of each client.

Specifically, Stephanie’s experience includes the following:

  • Responding to information security incidents and data breaches.
  • Advising companies on cybersecurity governance.
  • Preparing key cybersecurity regulatory compliance documentation, including breach response plans, privacy policies, and written information security plans.
  • Developing tailored joint breach response plans for companies that work together ad share sensitive data.
  • Defending companies in regulatory investigations and litigation involving data breaches and privacy issues.
  • Assessing cybersecurity governance and compliance issues to facilitate acquisition negotiations.


Admitted to practice: Illinois, U.S. District Court for the Northern District of Illinois

Admitted in Illinois Only; Practicing under the Supervision of D.C. Bar Members.

Professional Activities and Memberships

  • International Association of Privacy Professionals
  • The Sedona Conference, Working Group 11 on Data Security Privacy Liability
  • U.S. Secret Service Chicago Electronic Crimes Task Force
  • Chicago Bar Association, Cyber Law and Data Privacy Committee