Steve Cosentino


Steve lives and breathes technology, utilizing his experience in intellectual property and corporate finance to help companies navigate the cyber landscape.

technology, finance and law, Steve negotiates technology transactions in the software, mobile, health care and FinTech industries. His primary focus is on technology related transactions and compliance, with an emphasis on software licensing and services, banking technology, data center services, outsourcing, data privacy, e-commerce, advertising, cloud computing and cybersecurity. He navigates complex mergers and acquisitions, guides corporate transactions, and facilitates complex technology and intellectual property collaborations.

Steve counsels clients on crisis management, data breach response and compliance with U.S. and international privacy and data security laws including the Children's Online Privacy Protection Act (COPPA), the Telephone Consumer Protection Act (TCPA), CAN SPAM, the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Protection Act (CCPA), the EU-U.S. Privacy Shield and the FTC Act. Steve is a Certified Information Privacy Professional (CIPP) through the International Association of Privacy Professionals.

He developed a comprehensive program to audit the data practices of companies transacting business on the Internet and provides complete services for e-commerce and software licensing transactions. He also offers a comprehensive social networking compliance program for businesses.

Steve chairs the Firm's Intellectual Property and Technology Division and co-chairs the Firm's Data Security, Privacy and Information Governance team.



Lead technology counsel for clinical decision support system for major pharmaceutical company 

Represented Truman Medical Center—a two-hospital, 600-bed health care system with multiple outpatient and behavioral health clinics and the primary teaching hospital in Jackson County and Kansas City, Missouri—in a large transaction engaging Cerner to provide and operate TMC's health information technology services 

Lead technology counsel for major critical facilities management engagement between data center client and a Fortune 500 technology company 

Lead technology and intellectual property counsel for acquisition of health care consulting company by a Fortune 500 technology and outsourcing company 

Served as lead technology counsel to represent the Unified Government and the Board of Public Utilities in their efforts to be selected by Google from more than 1,100 other municipal applicants to become the first U.S. city to have "Google Fiber" - providing internet connections of 1 gigabit per second to local homes, businesses and schools 

Lead technology counsel for eHealthAlign and Kansas Health Information Network, two regional Health Information Exchanges 

Lead counsel for the University of Missouri System in the development of the Tiger Institute, a strategic alliance with Cerner Corporation dedicated to transforming health care delivery for Missourians 

Teamed with the Banking and Financial Service group to provide banks with deep vendor management and technology agreement negotiation experience including core systems, mobile payment systems, online banking, compliance and fraud opposite major vendors such as Fiserv/Open Solutions, FIS and Finastra 

Represented clients in connection with mergers and acquisitions due diligence investigations, data protection addenda, open source licenses, software licenses, software as a service (SaaS), reseller and distribution agreements, sweepstakes compliance, online marketing campaigns, social networking, joint development agreements and intellectual property licensing 

Guided clients through private and governmental technology investigations including open source audits, CARU and FTC compliance audits, and licensing audits



Listed in the 2010-2020 editions of The Best Lawyers in America© for Technology Law.

Listed in the 2012-2019 editions of Missouri & Kansas Super Lawyers® for Intellectual Property, previously being listed as a Rising Star in the publication.

Named a Rising Star in 2011 by KC Business magazine.

Named to the Kansas City Business Journal's "Best of the Bar" in 2009.



Greater Kansas City Sports Commission & Foundation, Board of Directors

UMKC Law Foundation, Board of Directors, Past President

KCMBA Communications Committee, Co-Chair

International Association of Privacy Professionals ("IAPP"), Member

Stinson Tech Lawyer Shark Pod - Investing in the KC Techweek Pure Pitch Rally



Steve speaks to various groups on software, data security, FinTech, e-commerce and internet privacy-related topics. He frequently incorporates unique presentation styles such as the simulation of a data security incident at the Heartland GRC event in Kansas City. Steve has spoken before trade groups on intellectual property protection, copyright law, fair use, open source code and technology commercialization. He has presented the following programs: 

  • CCPA Compliance Webinar Series – Part 3, December 2019
  • CCPA Compliance Webinar Series – Part 2, November  2019
  • CCPA Compliance Webinar Series – Part 1, September 2019
  • ACC's Privacy Law Insights for Effective Risk Management, July 2019
  • Data Breach Panel Discussion, July 2019
  • Data Security & Privacy Law Update, Denver, CO, June 2019
  • 2019 Business Law Update, St. Louis, MO, April 2019
  • "The Changing Landscape for Banks, Regulators and Vendors in Data Security and Privacy, Kansas City and Minneapolis, April 2019
  • "In-House Counsel Network Event Series 1: GDPR," Minnesota Asian Pacific American Bar Association, Minneapolis, Minnesota, February 2019
  • "Data Privacy Considerations When Using Artificial Intelligence (AI) in Online Advertising," Association of Corporate Counsel, Phoenix, Arizona, November 2018 
  • "Legal Ethics and Social Media," National Rural Electric Cooperative Association G&T Legal Seminar, Nashville, Tennessee, November 2018 
  • "Website Accessibility – The Slow and Steady March to ADA Compliance," GKCBLN Disability and Inclusion Summit, April 2018 
  • "GDPR – Getting Ready for May 2018," SLS Business Law Update, February 2018
  • "Cybersecurity – Remediation and Response," Gilmore Bell Annual CLE, February 2018
  • "Data Privacy and Data Security," Bloch School Executive MBA Program, November 2017
  • "Digital Health Business Series," BioKansas, October 2017
  • "Emerging Technology Risk," Heartland GRC Roundtable, October 2017
  • "Key Legal Issues in a Disruptive Technology Environment," Insurance Licensing Services of America Podcast, August 2017. 
  • "Big Data – Ethics, Strategy and Risk Considerations," Heartland GRC, January 2017
  • "Best Practices for Reviewing Software Purchases," Lorman Education Services, December 2016
  • "Fintech – Embracing the Disruption," Colorado Independent Bankers Association, November 2016
  • "Regulator Expectations: Due Diligence, Risk and Contract Management," Western Independent Bankers Association, October 2016
  • "Data Protection," Heartland GRC Roundtable – Panelist, May 2016.
  • "Embracing the Disruption" SLS FinTech Seminar – Presenter, May 2016
  • "Innovation and the Future of Prepaid: EMV Compliance and the Market: A Look at the Current State of Chip Technology," The Power of Prepaid Conference – Moderator, Washington D.C., April 2016
  • Sedona Conference Working Group 11 – Data Security Compendium – Panelist, Scottsdale, AZ, December 2015 
  • "It Vendor Negotiation Strategies," Missouri Bankers Association Conference, Columbia, MO, October 2015 
  • "Data Privacy and Security," Midwest Servicing Conference, Overland Park, KS, September 2015 
  • "Third Party Vendor Management Best Practices," EPCOR Payments Conference, Columbus Ohio, May 2015 
  • "Data Security Incident Response Plans," SLS Business Law Update, Kansas City – February 2015, Wichita – April 2015 



Steve is a frequent contributor to the firm’s e-alerts, writing numerous articles on e-commerce topics, particularly in the area of electronic privacy. He serves on the editorial board of the KCMBA Counselor magazine, frequently writing articles for the publication. He has contributes to the Sedona Conference Working Group 11 – Data Security and Privacy Liability.

  • "Employee Biometric Privacy Claims Escape Arbitration," April 2019
  • "Financial Institution Letter Shows FDIC is Serious About Tech Contracts," April 2019
  • "Financial Institutions' Consumer Data Exposed in Web Platform Vulnerability," August 2018
  • "California Passes Strict Privacy Law Raising the Bar for Many U.S. Businesses," July 2018
  • "Colorado Enacts New Privacy and Cybersecurity Legislation," June 2018
  • "GDPR 2018 – Will You be Ready?" March 2018
  • "Voice Recordings, Interconnected Apps and Parental Consent: An Update on COPPA Privacy Compliance," January 2018
  • "Healthcare Privacy" – Medical Alley Association, January 2018
  • "Two Copyright To-Dos Before Year End," November 2017
  • "Children's Privacy Online: The Interplay Between Mobile Applications and the Children's Online Privacy Protection Act," May 2016
  • "EU Strikes Down the Safe Harbor Framework for Transatlantic Data Transfers: What You Should Know and What to Do Next," October 2015
  • "Outsourcing Your Bank's Network" Western Independent Banker – Technology Issue, September/October 2015 
  • "Women Who Mean Justice – A Look at Three KCMBA Members in the LGBT Legal Community" KC Counselor, October 2015
  • "To Avoid Liability, Consider Fair Use Before Sending A DMCA Takedown Notice," September 2015
  • "Federal Regulators Expand Authority Over Data Security Issues," April 2015