Privacy & Cybersecurity Services
- Data Security Incident Response & Breach Management – Oversee the work of technical teams and assess legal impacts of data breaches and other cybersecurity incidents, undertake post-breach notifications, and address disputes with consumers, vendors, investors, insurers, business partners, and regulators that grow out of data security incidents.
- Policy Development – Develop legally sufficient and organizationally functional privacy and data security related policies, including the Written Information Security Program (WISP) required under Massachusetts law, implementing the requirements of the California Consumer Privacy Act (CCPA) and policies related to compliance of U.S. organizations with the European Union’s General Data Protection Regulation (GDPR).
- Incident Response Planning – Establish procedures, policies and practices for responding to, remediating and surviving a cyber attack, and integrating cybersecurity into business continuity plans.
- Cross-Border Data Transfers – Assist with the development of legal means to share data across international borders, particularly with European Union nations under Privacy Shield, model clauses, consent, and data localization.
- Security Risk Assessments – Work with technical experts to determine the most cost effective ways to decrease an organization’s digital risk profile.
- Privacy/Cybersecurity Compliance – Analyze and revise policies, develop training programs, asses the effectiveness of the compliance regime’s impact on employee conduct, and investigate potential violations of the policies and applicable laws.
- Contract Negotiation & Review – Assess, draft and negotiate privacy and cybersecurity related provisions, including clauses on limitation of liabilities and indemnification, which are critical components in vendor agreements and other contracts under a range of legal regimes, including the GDPR, HIPAA, GLBA, and the Mass. Data Security Regulation (201 C.M.R. 17.00).
- Litigation – Represent clients in range of court proceedings and arbitrations involving business disputes and employment matters, many of which involve technology agreements, privacy and data security, post-data breach business-to-business disputes, theft of trade secrets, post-employment restrictions (non-compete and non-solicitation agreements) and matters involving unfair business practices and other business torts.
- Digital Forensics – Provide assistance in a broad range of litigations and arbitrations that involve the collection and/or use of digital forensic evidence.
- E-Discovery Strategy & Management – Undertake all aspects of the e-discovery process for a variety of commercial litigations, arbitrations, administrative enforcement actions, and internal investigations.
In addition to work as an advocate in commercial arbitrations, serves as a neutral through the commercial disputes panel of the American Arbitration Association (AAA). He has conducted arbitration hearings as a member of three arbitrator panels and as a single arbitrator in disputes involving technology services agreements, patent royalties, attorney contingency fee agreements, investment fund limited partnership agreements, software development agreements, and claims under the Uniform Trade Secrets Act.
Legal Services Management
Assist small and medium sized companies manage their use of outside legal service providers. Playing a role much like a general counsel, work with client to identify appropriate outside counsel and legal service related vendors and manage their work to effectively and efficiently obtain outstanding results.