Atty. Eric Setterlund
Eric Setterlund serves as a co-chair of Bradley’s Cybersecurity and Privacy Practice Group. Eric has extensive experience with matters related to privacy, security protections and regulatory compliance.
Profile Summary
About Eric Setterlund at a glance
Eric Setterlund is a securities attorney based in Chattanooga, Tennessee, practicing at Bradley Arant Boult Cummings LLP. Educated at The University of Memphis (J.D., 2011). Recognitions include Best Lawyers in America — Privacy and Data Security Law (2026). Serves clients in Chattanooga, TN and the surrounding metropolitan area.
Want to Get Service From This Attorney?
Sign up free and choose one of the two methods below.
Have a legal question? Sign up free, submit it through the Ask the Attorney module and receive a focused answer from a specialist.
- Free to ask a question
- Answers from specialist attorneys
- Optional private / anonymous question
Request an online video meeting or an in-person consultation at the attorney's office. Pick a time that works for you and share the details securely.
- Online video meeting
- In-person at the attorney's office
- Secure messaging and payment
About
- Eric Setterlund serves as a co-chair of Bradley’s Cybersecurity and Privacy Practice Group
- Eric has extensive experience with matters related to privacy, security protections and regulatory compliance
- Prior to joining the firm, Eric served as chief privacy officer and privacy and data counsel for BlueCross BlueShield of Tennessee
- He draws upon his real-world business and program management experience to provide his clients practical advice for complex regulatory and transactional matters
- Eric has a strong understanding of the day-to-day management and maintenance of an enterprise privacy program, including the development and implementation of required policies, procedures, and customer notices
- He has years of experience guiding clients through significant changes in the regulatory landscape of state, federal, and international privacy and data use laws, including HIPAA, 42 C.F.R
- Part 2, ONC Information Blocking Rules, CMS Interoperability mandates, CCPA/CPRA, GDPR, PIPEDA, COPPA, CAN-SPAM, FCRA, TCPA, CPA, UCPA, CTDPA, VCDPA, FTC rules, data breach notification laws, and other U.S. and international privacy and data requirements
- In addition to his extensive program management experience, Eric has assisted clients with a variety of other compliance and transactional matters
- He has broad experience in structuring and negotiating complex technology transactions and data sharing arrangements in the healthcare space, such as drafting and negotiating master services agreements (MSAs), software license agreements, software as a service (SaaS) agreements, professional services agreements, and data use agreements and advising clients on strategic outsourcing and offshoring initiatives
- He also has assisted clients with the development of new products and services to ensure compliance with privacy laws, including helping clients with emerging technologies, such as artificial intelligence (AI), and other digitization and customer outreach efforts
- Eric has significant experience helping clients prepare for privacy and security risk assessments and third-party audits
- Eric has helped numerous public and private clients across all industries investigate and respond to data breaches or significant cybersecurity events, including helping companies notify customers, the media, and state and federal regulators
- He has helped clients develop and implement response plans and test their cybersecurity readiness to mitigate risk associated with future incidents
- Eric also has successfully defended and represented clients in numerous investigations and complaints brought by federal and state regulators, including the Department of Health & Human Services’ Office of Civil Rights for alleged violations of HIPAA
- In addition, Eric is a member of Bradley’s Class Action Litigation team, focusing on privacy- and data breach-related class action matters
- He has experience across all phases of civil litigation, including initial investigation, developing case strategy, drafting dispositive motions, working with experts, preparing for trial, and handling high-stakes appeals
- Eric is designated as an ANSI Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals
Practice Areas Explained
Eric Setterlund's Areas of Practice
Each practice area below reflects the types of cases Eric Setterlund handles, with a brief overview of what that area of law covers.
Eric Setterlund is one of 58,852 securities attorneys indexed nationally. Browse securities attorneys in Tennessee →
Jurisdictional Context
Why local counsel matters in Tennessee
Practicing law in Tennessee. Legal matters in Tennessee are governed by state-specific rules of civil and criminal procedure, statutes of limitations, and substantive law. Cases originating in Chattanooga are typically filed in the local municipal court or the appropriate Tennessee state district court, depending on subject matter and amount in controversy. An attorney licensed in Tennessee brings working knowledge of local procedural deadlines, judicial practices in this venue, and the substantive law that applies to cases brought here. Out-of-state attorneys generally cannot represent clients in Tennessee courts without local counsel or pro hac vice admission.
Looking for additional Tennessee attorneys? Browse all attorneys in Chattanooga or all attorneys in Tennessee.
Frequently Asked
Common questions about Eric Setterlund
Where is Eric Setterlund's law office located?
What practice areas does Eric Setterlund handle?
Where did Eric Setterlund go to law school?
How can I contact Eric Setterlund for a consultation?
What awards or recognition has Eric Setterlund received?
Practice Areas
Education
Awards
Reviews
No reviews yet.