Data Governance Research for Consumer Rewards Program

Researched discrete data governance issues for an organization’s consumer rewards program. Analyzed issues at the intersection of state and federal gift certificate and consumer rewards laws.

GDPR Training for Multinational Nonprofit

Delivered GDPR training to a multinational nonprofit concerning the encryption of sensitive personal information including arrest records, convictions and victim health information.

Counsel to Expert Witness in Multistate Data Breach Settlement

Advised an expert witness for U.K.-based insurance companies in a case brought in the U.K. courts by the insurers in connection with a multistate data breach enforcement action where the personal information of millions of consumers was exposed. Counsel was provided in regard to U.S. law concerning Section 5 of the Federal Trade Commission Act, the data breach and data security statutes of the 40 states whose attorneys general filed complaints, and the potential insurability of penalties in each of the states. The settlement reached in the case was due in large part to the insurability analysis, which was key during negotiations.

Created Governance Documents for National Institute of Corrections

Drafted governance documents and intergovernmental agreements relating to criminal justice information sharing among local justice and community health stakeholders adopted by the National Institute of Corrections in its revision of the Guidelines for Developing a Criminal Justice Coordinating Committee.

Advised Menswear Retailer in SMS Program Launch, Compliance

Advised a major American menswear retailer in launch a transactional SMS program allowing them to communicate via text message with customers who have opted-in. Armstrong Teasdale navigated a strict regulatory environment by identifying regulatory requirements for SMS programs, evaluating internal business processes to streamline compliance, and drafting the requisite consent language. The program required significant cross-collaboration to meet the expected deadlines.

Data Handling within a SaaS Platform and Related Agreements for Nonprofit

Represented a nonprofit administering a nationwide health care platform by developing their privacy and security compliance, inbound licensing and technology service agreements with local health centers.

Guided Multinational Technology Provider in Data Handling Review

Counseled technology services company serving the financial and health sectors on the use of AI/ML, as well as the proper use of potentially regulated data, as well as assist in response to data incident across five countries.

Privacy Compliance and Data Protection Agreements for Retail Data Analytics Firm

Provided strategic and operational support to data management client in the context of the EU GDPR and concerns over the impact of the CCPA and other state privacy laws.

Information Sharing Agreement for Criminal Justice Council

Coordinated with a multi-agency Criminal Justice Coordinating Council to draft an information-sharing agreement. Regulatory limitations on sharing certain types of protected data were balanced with the agencies' need to facilitate a free flow of information in the interest of public health and safety.

IP Portfolio Development for Cybersecurity Startup

Developed and grew intellectual property portfolio for startup company in the cybersecurity space. Identified key values for the company and prepared and prosecuted patents protecting and building on the value for the client. Obtained the first patent for the company within one year of receiving disclosure to help startup quickly obtain funding and continue strategic growth.

Advised Clients Across Sectors on Data Protection and Cookie Policies

Advised on data protection and cookie policies and related documents for companies in various sectors.

Advised Large Commercial Organisations on Data Policies and Procedures

Advised a number of large commercial organisations on their data collection, storage, processing and retention policies and procedures.

Advised on Brexit Transition, Invalidation of U.S. Privacy Shield

Advised commercial clients on the steps they need to take to deal with Brexit once the transition period expires, as well as on the implications of the invalidation of the U.S. Privacy Shield.

Advised on Data Protection Compliance and Data Flow

Advised various clients on their data protection compliance arrangements and data flow.

Advised Well-Known U.K. Institution on Data Protection, Compliance

Advised a well-known U.K. institution on data protection implementation and compliance.

Data Processing, Sharing Agreement Advice

Advised various businesses and sub-processors on data processing and data sharing agreements.

Data Subject Access Request Management

Advised organisations on how to handle data subject access requests.

ICO Complaints on Behalf of Various Clients

Handled Information Commissioner’s Office (ICO) complaints on behalf of various clients.

Interpretation of and Guidance on Compliance with Data Protection and Privacy Regulations

Provided practical, commercial advice on the interpretation of the data protection and privacy regulations to ensure that a company’s compliance with the law does not restrict its operations unnecessarily.

Advised Leading International Business in Issues Related to a U.K. Social Media Campaign

Advised a leading international business concerning issues arising out of its proposed U.K. social media campaign.

Data Warehousing System and Related Documents for Leading Behavioral Health Non-Profit

Assisted a leading non-profit behavioral health care organization in operationalizing its data warehouse, which included the drafting of the Data Use Agreement and all related policies and policies. This model is being used as the framework nationwide.

Diligence Reviews and Data Privacy Negotiations

Led diligence and deal negotiation on relevant provisions in corporate acquisitions, corporate venture, and private equity clients with respect to the privacy and security posture of target firms.

Trade Secret, Cybersecurity Protection for Real Estate Technology Industry Client

Represented leading commercial real estate industry platform and cloud service provider in transactions and disputes including the protection of trade secrets and cybersecurity breaches.

Secured Motion to Dismiss for Hospital in Protected Health Information, Termination Case

Prevailed on a contested motion to dismiss in favor of hospital client. Plaintiff alleged employment termination in part, due to our client’s allegedly inappropriate and unauthorized disclosure of protected health information. Plaintiff asserted a claim alleging breach of fiduciary duty of confidentiality, seeking both economic losses and punitive damages. Relying in part on HIPAA regulations, we filed a motion to dismiss and a motion to strike the punitive damages claims, and after oral argument, the judge granted the motion.

Expansion of Vulnerability Disclosure Program (VDP)

Assisted a client in creating user privacy policies and agreements surrounding the client’s vulnerability disclosure program. Helped the client expand that program to other entities in contract with the client.

Data Privacy Assessment for Customer Data Platform Company

Led a data privacy assessment and tracking tool implementation project for a leading cloud-based customer data platform company focusing on GDPR and California Consumer Privacy Act (CCPA) compliance. Provided drafting and negotiation assistance for a variety of commercial contracts including Master Service Agreements and Data Protection Agreements.

GDPR Compliance Program Implementation for Aviation Service Company

Facilitate the design, build-out and implementation of the client's GDPR compliance program.

Data Privacy, Antitrust and HIPAA Breach

Investigated and resolved matters involving violations of the Health Insurance Portability and Accountability Act (HIPAA), protected health information data breaches, and Office for Civil Rights (OCR) reporting and investigations, including the inadvertent misdirection of more than 1,500 patients’ protected health information and the intentional disclosure by an employee of protected health information.

Counsel to Worldwide Leader in the Payments Technology Industry

Counseled worldwide leader in the payments technology industry across a variety of practice areas in connection with technology development and licensing, and payment processing service offerings.

Data Privacy Compliance for Multinational Manufacturer

Represented multinational manufacturer in undertaking compliance with GDPR, including update of privacy policies, negotiation of data privacy addenda, and development of an international data transfer mechanism.

Contact Us
  • Worldwide
  • Boston, MA
  • Denver, CO
  • Dublin, Ireland
  • Edwardsville, IL
  • Jefferson City, MO
  • Kansas City, MO
  • Las Vegas, NV
  • London, England
  • Miami, FL
  • New York, NY
  • Orange County, CA
  • Philadelphia, PA
  • Princeton, NJ
  • Salt Lake City, UT
  • St. Louis, MO
  • Washington, D.C.
  • Wilmington, DE
abstract image of world map
Boston, MA
800 Boylston St.
30th Floor
Boston, MA 02199
Google Maps
Boston, Massachusetts
Denver, CO
4643 S. Ulster St.
Suite 800
Denver, CO 80237
Google Maps
Denver, Colorado
Dublin, Ireland
Fitzwilliam Hall, Fitzwilliam Place
Dublin 2, Ireland
Google Maps
Edwardsville, IL
115 N. Second St.
Edwardsville, IL 62025
Google Maps
Edwardsville, Illinois
Jefferson City, MO
101 E. High St.
First Floor
Jefferson City, MO 65101
Google Maps
Jefferson City, Missouri
Kansas City, MO
2345 Grand Blvd.
Suite 1500
Kansas City, MO 64108
Google Maps
Kansas City, Missouri
Las Vegas, NV
7160 Rafael Rivera Way
Suite 320
Las Vegas, NV 89113
Google Maps
Las Vegas, Nevada
London, England
Royal College of Surgeons of England
38-43 Lincoln’s Inn Fields
London, WC2A 3PE
Google Maps
Miami, FL
355 Alhambra Circle
Suite 1250
Coral Gables, FL 33134
Google Maps
Photo of Miami, Florida
New York, NY
7 Times Square, 44th Floor
New York, NY 10036
Google Maps
New York City skyline
Orange County, CA
19800 MacArthur Boulevard
Suite 300
Irvine, CA 92612
Google Maps
Philadelphia, PA
2005 Market Street
29th Floor, One Commerce Square
Philadelphia, PA 19103
Google Maps
Philadelphia, Pennsylvania
Princeton, NJ
100 Overlook Center
Second Floor
Princeton, NJ 08540
Google Maps
Princeton, New Jersey
Salt Lake City, UT
222 South Main St.
Suite 1830
Salt Lake City, UT 84101
Google Maps
Salt Lake City, Utah
St. Louis, MO
7700 Forsyth Blvd.
Suite 1800
St. Louis, MO 63105
Google Maps
St. Louis, Missouri
Washington, D.C.
1050 Connecticut Avenue NW
Suite 500
Washington, DC 20036
Google Maps
Photo of Washington, D.C. with the Capitol in the foreground and Washington Monument in the background.
Wilmington, DE
1007 North Market Street
Wilmington, DE 19801
Google Maps
Wilmington, Delaware