C. Andrew Konia


Related Content

  • University of Virginia Darden School of Business, MBA, 1999
  • University of Virginia School of Law, JD, 1999
  • Georgetown University, BS, Foreign Service, magna cum laude, 1993
  • North Carolina
  • Virginia

Member, North Carolina Bar Association

Member, North Carolina Bankers Association

Chairman, Men for Change, Domestic Violence Prevention, 2005-2010

Board of Directors, Oratorio Singers of Charlotte, 2006-2010

Member, The Virginia Bar Association

Andrew’s practice is singularly focused on protecting clients’ businesses and data, anticipating disputes, and strengthening their competitive position in the marketplace.

Data Privacy and Security

As chair of the firm’s data privacy and security team, Andrew leads a nationally recognized team of professionals dedicated to protecting clients’ systems, networks and data, managing information, and responding to cyber incidents.

In his own practice, Andrew assists clients in the development of information governance and data protection programs, and regularly counsels clients on data breach remediation, as well as privacy and security issues in vendor contracts and M&A/private equity transactions. Andrew principally focuses on proactive protective measures that a company can employ in the construction of its policies and critical contracts in order to prevent the occurrence of security breaches, investigations, lawsuits and similar harmful events. He also counsels clients on interpreting and complying with the Payment Card Industry Data Security Standard (PCI/DSS).

Andrew speaks and writes regularly on topics relating to privacy, security and vendor contract management. He was recognized as a “Leading Lawyer” in cyber law by Legal 500 in 2017. He holds the CIPP/US credential as a Certified Information Privacy Professional from the International Association of Privacy Professionals (IAPP).

Supply Chain Management

Andrew also chairs the supply chain management practice, helping clients anticipate and avoid costly disputes and litigation with their vendors and institutional customers. He and his team provide (usually on an alternate fee basis) an individually customized and comprehensive review and evaluation of the client’s suite of contracts, together with suggested recommendations for remedying deficiencies determined during the analysis. Depending on the client’s needs and objectives, he can then undertake a full-scale revision and renegotiation of the relevant agreements, or develop a more targeted approach of focusing only on the essential provisions.

A Business-focused Background

Andrew also has experience in general corporate governance, mergers and acquisitions and private equity. He has counseled companies on a variety of corporate topics and transactions, including entity selection and formation, equity and debt financings (control and non-control), securities compliance, employment matters and technology licensing.

Andrew has a background in consulting and holds an MBA from the Darden School of Business at the University of Virginia. This experience provides him with a keen understanding of the operational, financial and strategic needs of clients, enabling him to take a practical business approach to serving their needs. He has experience representing clients in numerous industries, including a specific emphasis on telecommunications, financial services and manufacturing companies.

In the News

C. Andrew Konia
T: +1 703 712 5071F: +1 704 444 88341750 Tysons Boulevard
Suite 1800
Tysons, VA 22102-4215
T: +1 704 343 2070F: +1 704 444 8834201 North Tryon Street
Suite 3000
Charlotte, NC 28202-2146

Co-led a team that advised a large financial institution on one of the most complex, high-value disclosures of sensitive customer information in history. The investigation involved all 50 U.S. states and over 30 foreign jurisdictions.

Regularly advise client on maintaining the security and integrity of its credit/debit card data and payment systems, as well as compliance with Payment Card Industry and Payment Application Data Security Standards, focusing on ensuring the proper use, storage, transmission, access and monitoring of cardholder data and sensitive authentication data.

Representation of leading prepaid wireless carrier in the drafting and renegotiation of its portfolio of key service provider contracts dealing with the multichannel distribution and billing of airtime, processing of airtime payments, and reporting of key sales and expense metrics.

Advise telecommunications client in connection with its provision of retail and wholesale cloud services, including SaaS and IaaS offerings.

Representation of wireless provider on data privacy, information security and payment processing matters relating to its partnership with a Big Three automobile manufacturer to provide interactive vehicle connectivity services.

Representation of Fortune 100 cable services provider in the drafting and negotiation of contracts relating to the build-out and management of a private cloud computing structure, including successfully managing the software license, maintenance and service level negotiations, as well as the development of key specifications.

Counsel to Fortune 100 wireless telecommunications provider in negotiating with an industry-leading debit card provider to migrate the client's rebate submission and issuance program from a check-based system to a prepaid debit card-based system.

Representation of multiple technology and healthcare companies in connection with various M&A transactions, venture capital investments and private equity financings.

Regularly advise cable provider in the negotiation of complex procurement and critical infrastructure agreements.

Counsel to telecommunications client on various initiatives designed to broaden and enhance the functionality of its enterprise-wide recurring payment processing systems, including analyzing all applicable laws, regulations and standards, and presenting business-friendly legal solutions that enable these systems to function and grow.

Representation of medical device companies in negotiating strategic alliance, linking and intellectual property licensing transactions.

Negotiation of key business and legal terms on behalf of financial services company with its e-commerce and online banking services provider, focusing on consumer electronic billing and payment services, e-bill hosting and distribution services, service level agreements, pricing models, integration of legacy platforms and protocols relating to information security, fraud management and disaster recovery.

Representation of international property and casualty insurance company in negotiating and drafting global information systems outsourcing agreements with ACS Outsourcing Solutions.

Representation of Southeast regional supermarket chain in negotiating and drafting technology, pharmacy and consumer products vendor contracts, including agreements with Western Union, IDT Telecom, Taleo and Accruent.

Negotiation and documentation for leveraged buyout of assets of manufacturing business.

Representation of international industrial thread manufacturing company in negotiating and drafting various supply chain and customer contracts, including agreements with General Electric, Michelin and Kimberly-Clark.

Negotiation and documentation of value added reseller and sales agent agreements for publicly held industrial products company.

Selected for inclusion as a "Leading Lawyer," Cyber law, Virginia, Legal 500 US, 2017-2018

Named to "Legal Elite," Virginia Business, 2011, 2012, 2014

Author, "Cybersecurity Concerns Creep Into M&A Transactions," Law360, August 17, 2015
Speaker, "Cybersecurity: Finding Stability in Uncertainty," Compliance in the Real World — A Practical Roundup of Today’s Top Issues, October 25, 2017
Speaker, "When Compliance Programs Fail: Truth and Consequences," Compliance in the Real World; A Practical Discussion About Today’s Top Issues, McGuireWoods LLP Conference, May 2017
Panelist, "Cybersecurity – How to Protect Your Business," Houston CFO Cybersecurity Roundtable, December 2016
Speaker, "Cross-border Data Transfer from the EU: Data Flow within the New Framework," The Data Privacy and Security Puzzle: Do You Have All the Pieces?, November 2016
Co-speaker, "Cyber Threats and Related Legal Exposures to Community Banks," Community Bank Cyber-Law Forum, November 2013
Moderator, Tysons Data Privacy and Security Forum, McGuireWoods LLP, June 2013
Co-presenter, EU Data Privacy and Security Conference, Client Seminar, Telecommunications Industry, June 2013
Speaker, "The Tangled Web of Data Privacy & Security in Education," North Carolina Bar Association, Education Law Section Annual Meeting, May 2013
Co-presenter, "Data Privacy & Security for Power Utilities," Client Seminar, Energy Industry, February 2013
Co-presenter, "Data Privacy & Security Forum," Client Seminar, Automotive Industry, January 2013
Speaker, "Data Privacy & Security Issues Facing The Nonprofit Entity," 10th Annual Nonprofit Seminar: Regulatory and Legal Challenges Facing Nonprofits, September and October 2012
Speaker, "The Value (and Risks) of Information: No Business is Safe from Data Security and Privacy Risks," Virginia CLE 42nd Annual Advanced Business Law Conference: Retooling for the Rebound, October 2012
Speaker, "Data Security for CFOs," Led Education Roundtable, September 2012
Speaker, "Challenges, Threats and Best Practices Relating to Data Protection," Client Seminar, September 2012
Presenter, "The Life & Times of a Supply Chain Transaction," Association of Corporate Counsel, National Chapter, April 2012
Co-presenter, "Data Privacy & Security: Update," Client Seminar, Defense Industry, April 2012
Co-presenter, "Data Privacy & Security: Update," Client Seminar, Telecommunications Industry, March 2012
Co-presenter, "Data Security & Privacy," Client Seminar, Telecommunications Industry, January 2012
Co-presenter, "Data Security and Privacy," Charlotte ACC, November 2011
Presenter, "Information Security & Data Integrity," Internet Summit 2008, November 2008
Presenter, "Managing Your Vendor Contracts: A Class for Non-Lawyers," Client Seminar, Food & Beverage Industry, October 2008
Massive Cyberattack Developing Worldwide, Password Protected, June 27, 2017
ALERT: Beware of W-2 Scam!, Password Protected, February 16, 2017