Experience

GDPR Compliance Program Implementation for Aviation Service Company

Facilitate the design, build-out and implementation of the client's GDPR compliance program.

Data Privacy, Antitrust and HIPAA Breach

Investigated and resolved matters involving violations of the Health Insurance Portability and Accountability Act (HIPAA), protected health information data breaches, and Office for Civil Rights (OCR) reporting and investigations, including the inadvertent misdirection of more than 1,500 patients’ protected health information and the intentional disclosure by an employee of protected health information.

Data Privacy Compliance for Multinational Manufacturer

Represented multinational manufacturer in undertaking compliance with GDPR, including update of privacy policies, negotiation of data privacy addenda, and development of an international data transfer mechanism.

GDPR Compliance Program for University

Helped facilitate the design and implementation of all facets of international university’s General Data Protection Regulation (GDPR) program.

Dismissal of $1 Billion Class Action Claim

Successfully defended the operator of a commercial website against a putative class action involving alleged interception of an online customer's personal information, including credit card information, and disclosure of that information to third parties without the customer's consent. The plaintiff argued that this information, which was stored in a browser file before being sent to the website, was not yet a communication to website and that the interception and transmission of that information via JavaScript commands was illegal under the Wiretap Act. The court agreed with the website operator's arguments and dismissed the action. Plaintiff's counsel was seeking over $1 billion in damages, making this a significant victory.