Jane Hils Shea

T 513.651.6961
F 513.651.6981
301 East Fourth Street
Great American Tower, Suite 3300
Cincinnati, Ohio 45202

Jane is a technology and data privacy attorney with broad experience assisting companies with data privacy management by assessing their data use and working to identify and address applicable privacy law requirements. She has led FBT’s Privacy and Information Security Practice Area since its creation in 2001 and is a Certified Information Privacy Professional (CIPP-US). She has significant experience working with a diverse group of clients, ranging from Ed Tech and FinTech e-businesses to financial institutions and telecoms with a national footprint, and she provides practical and strategic counseling drawing on her 16 years as corporate counsel to several multi-regional banks.

Clients appreciate her practical guidance in addressing their data privacy and information security obligations and challenges, ranging from negotiation of technology contracts to compliance with U.S. data protection laws, such as the Gramm-Leach-Bliley Act, the Family Education Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), as well as the EU’s General Data Protection Regulation (GDPR). She assists clients with self-certification to the EU-U.S. Privacy Shield Program and with the development of a written information security program, including the policies and processes necessary to implement such a program. She has significant experience assisting clients with data breach response and speaks regularly to industry groups on the privacy and cybersecurity measures businesses can employ to address these ongoing threats.

Jane also regularly handles both construction and permanent real estate financing transactions on properties located throughout the United States. She advises clients on state and federal bank regulatory compliance requirements and counsels clients in e-commerce issues related to payments law, including the payment card industry rules, the NACHA Rules, and consumer credit laws and regulations.


Privacy & Data Security Work

Assisted client with development of information security program including compliance with the EU's GDPR.

Represented multinational information management company in response to data security breach

Negotiated data processing and services contract for banking operations platform

Assisted medical research software manufacturer with obtaining DOC EU-U.S. Safe Harbor Certification

Negotiated Non-Disclosure Agreement concerning use of consumer data for multinational manufacturing company

Commercial Lending

Commercial Loan Transactions

Representing Lenders:

$46,300,000 construction and permanent mortgage loan to finance mixed-use project, including multi-family residential, retail, hotel, and parking garage in Newport, Kentucky

$23,750,000 commercial mortgage loan to ten joint and several borrowers to finance a sale/leaseback transaction of ten stores in nine states for a major drug store chain

$22,000,000 commercial mortgage loan to provide permanent mortgage financing for a medical office complex in Hennepin County, Minnesota

$36,000,000 syndicated term/revolving credit - borrowing base/letter of credit facilities to 16 co-borrowers who operate an auto parts supply business secured by business assets and real estate

$37,500,000 construction loan financing for an apartment/retail complex in San Antonio, Texas 

Highlights & Recognitions

  • AV® Rated, Martindale-Hubbell®

Memberships & Affiliations

  • IAPP Certified Information Privacy Professional-US
  • Privacy by Design Ambassador
  • International Association of Privacy Professionals CIPP-US
  • Cincinnati Bar Association
  • Cincinnati Bar Association CLE Committee
  • Ohio State Bar Association
  • American Bar Association, Consumer Financial Services Committee

FBT Publications

Civic & Charitable Organizations

  • Mercy Neighborhood Ministries, Board Chair, 2007- present; Board Governance Committee, Executive Committee
  • GCCC WE Lead Program, Class IV, Member

Non-FBT Publications and Events

"A Carrot Instead of a Stick: Ohio's Business-friendly Approach to Cyber Security", Article published in the October 2018 edition of Cyber Security Practitioner by DataGuidance.

"Cybersecurity Essentials: What Every SMB Needs to Know", sponsored by the Greater Cincinnati Chamber of Commerce on January 31, 2018.

“General Data Protection Regulation (GDPR) Basics”, Webinar sponsored by Multilaw on January 30, 2018

 “UNHACKABLE: a BBB Event for Small Businesses”, Panel Discussion sponsored by Greater Cincinnati Better Business Bureau on September 30, 2017

"Data Privacy and Security: U.S. Legal Framework and Its Impact on Business", presented at meeting of Infragard on September 14, 2017.

“What prepaid accounts are subject to new prepaid rules? What you need to know to be ready.” Article published in the May 2017 issue of DISCLOSURE by The Iowa Bankers Association.

"Managing the Positives and Pitfalls of Financial Institutions' Use of Cloud Computing", Recent Trends in Privacy and Data Security (Aspatore, 2013)

Association Corporate Counsel, Cincinnati Chapter, Bridging the Pond: Privacy Law Developments, April, 2010

KNET, Key Data Privacy and Identity Theft Trends, November, 2009

Frost Brown Todd Global Personnel Group Seminar, Cross Border Data Transfers, April, 2009

Cincinnati Bar Association, Corporate Law Update, Recent Developments in Data Security Laws and Best Practices to Abate the Risk of Data Breach, November, 2008

Ecora Software, Developments in Privacy & Data Security Law, August, 2008

Information Privacy Protection in Australia, Privacy and Data Security Law Journal, September, 2006

Attitudes Toward Privacy:  A Comparison of India and the United States, Privacy and Data Security Law Journal, May, 2007

Year-End Issuances by Federal Regulators Address a Multitude of Privacy Issues, Privacy and Data Security Law Journal, February, 2008

Global Data Privacy Tool (Multilaw Ltd.)

Contributions on the following privacy law topics:

Privacy Policies
Data Subject's Rights
Data Controller
Data Processing
Fair Processing
Biometric Data
Unsolicited Communications

No Harm, No Recovery - The Present and Future of Data Security Breach Litigation after Pisciotta, Lexis-Nexis CLE, October 2010

Other Contact Info


Cynthia King
T 513.651.6135