Experience
Conducted Privacy Assessment and Advanced Compliance Efforts for Animal Health and Nutrition Clients
Advised multiple clients in the animal health and nutrition space in developing and updating privacy programs to address compliance with the ever-changing regulatory landscape – from state-specific to international cross-border requirements. Conducted reviews and assessments, and drafted and implemented policies and procedures tailored to industry-specific and client needs.
Advised Nonprofit Founder on Congressional Testimony
Advised the founder of a public interest-focused privacy nonprofit on the preparation of testimony that was presented before the House Energy and Commerce Committee regarding protections for children in existing privacy laws and the American Data Privacy and Protection Act, a federal omnibus privacy bill.
Counsel to Expert Witness in Multistate Data Breach Settlement
Advised an expert witness for U.K.-based insurance companies in a case brought in the U.K. courts by the insurers in connection with a multistate data breach enforcement action where the personal information of millions of consumers was exposed. Counsel was provided in regard to U.S. law concerning Section 5 of the Federal Trade Commission Act, the data breach and data security statutes of the 40 states whose attorneys general filed complaints, and the potential insurability of penalties in each of the states. The settlement reached in the case was due in large part to the insurability analysis, which was key during negotiations.
Created Governance Documents for National Institute of Corrections
Drafted governance documents and intergovernmental agreements relating to criminal justice information sharing among local justice and community health stakeholders adopted by the National Institute of Corrections in its revision of the Guidelines for Developing a Criminal Justice Coordinating Committee.
Advised Menswear Retailer in SMS Program Launch, Compliance
Advised a major American menswear retailer in launch a transactional SMS program allowing them to communicate via text message with customers who have opted-in. Armstrong Teasdale navigated a strict regulatory environment by identifying regulatory requirements for SMS programs, evaluating internal business processes to streamline compliance, and drafting the requisite consent language. The program required significant cross-collaboration to meet the expected deadlines.
Launch of New Social Media Network
Supervised and provided legal guidance for the successful launch of a new social media network that focuses on giveaways and user/company promotion and advertising.
Obtained Early Dismissal for Health Care Provider on Multiple Claims
On behalf of health care provider, obtained early dismissal of fraud, conspiracy, and Computer Fraud and Abuse Act claims brought by former IT vendor, and negotiated favorable settlement of breach of contract claim.
Information Sharing Agreement for Criminal Justice Council
Coordinated with a multi-agency Criminal Justice Coordinating Council to draft an information-sharing agreement. Regulatory limitations on sharing certain types of protected data were balanced with the agencies' need to facilitate a free flow of information in the interest of public health and safety.
Secured Motion to Dismiss for Hospital in Protected Health Information, Termination Case
Prevailed on a contested motion to dismiss in favor of hospital client. Plaintiff alleged employment termination in part, due to our client’s allegedly inappropriate and unauthorized disclosure of protected health information. Plaintiff asserted a claim alleging breach of fiduciary duty of confidentiality, seeking both economic losses and punitive damages. Relying in part on HIPAA regulations, we filed a motion to dismiss and a motion to strike the punitive damages claims, and after oral argument, the judge granted the motion.
Dismissals Lead to Favorable Settlement
Obtained the dismissal with prejudice of multiple claims brought by one financial institution against another arising out of a data breach led by fraudsters, facilitating a favorable settlement of the sole remaining claim.
GDPR Compliance Program Implementation for Aviation Service Company
Facilitate the design, build-out and implementation of the client's GDPR compliance program.
Data Privacy, Antitrust and HIPAA Breach
Investigated and resolved matters involving violations of the Health Insurance Portability and Accountability Act (HIPAA), protected health information data breaches, and Office for Civil Rights (OCR) reporting and investigations, including the inadvertent misdirection of more than 1,500 patients’ protected health information and the intentional disclosure by an employee of protected health information.
Data Privacy Compliance for Multinational Manufacturer
Represented multinational manufacturer in undertaking compliance with GDPR, including update of privacy policies, negotiation of data privacy addenda, and development of an international data transfer mechanism.
GDPR Compliance Program for University
Helped facilitate the design and implementation of all facets of international university’s General Data Protection Regulation (GDPR) program.
Dismissal of $1 Billion Class Action Claim
Successfully defended the operator of a commercial website against a putative class action involving alleged interception of an online customer's personal information, including credit card information, and disclosure of that information to third parties without the customer's consent. The plaintiff argued that this information, which was stored in a browser file before being sent to the website, was not yet a communication to website and that the interception and transmission of that information via JavaScript commands was illegal under the Wiretap Act. The court agreed with the website operator's arguments and dismissed the action. Plaintiff's counsel was seeking over $1 billion in damages, making this a significant victory.
