Cozen O’Connor: Privacy & Data Security

Privacy & Data Security

Featured Publication:

Ethical Issues with Remote Work During COVID-19 [Alert]

Bill Gericke and Deb Winokur discuss lawyers and law firm's ethical obligations when working remotely and outsourcing work.


In today’s digitally expanding and tech-controlled world, the issues of privacy and data security are rife with legal implications. Companies must rise to meet the many challenges posed by a modern digital marketplace, including protecting personal information, securing proprietary data, stopping cyberattacks, and managing electronic files. Addressing privacy and data security matters demands mastery across a wide range of industries, the risks associated with those industries, and the legal specifications of those industries. As data breaches drive news cycles and government agencies race to compound already complex and ever-evolving regulations, these are not should-dos. These are must-dos.

Cozen O’Connor has built a multidisciplinary team of highly skilled and highly regarded attorneys who focus on all aspects of privacy and data security litigation and counseling. We help companies protect data, comply with regulations, and respond to investigations and litigation. We also leverage Cozen O’Connor’s experience and capabilities in dealing with industry-specific legal challenges to assist clients. 

Assisting Clients in the Event of Data and Security Breaches and Litigation

One incident of data loss, breach, or cyberattack can undermine years of good will and leave clients with daunting financial, legal, and reputational challenges. When disaster strikes, companies need a true crisis manager at the helm.

In the event of a data privacy or security breach, our attorneys routinely conduct immediate forensic and recovery operations, send notifications, arrange for customer outreach, communicate with government officials, protect clients from liability, and craft public messages. Our experience extends far and wide into the fields of Healthcare, Energy, Financial Services, Transportation, Insurance, Technology and Manufacturing. We also counsel clients on investigations by the Federal Trade Commission (FTC), by the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR), and under the Sarbanes-Oxley Act. 

Our litigators have successfully represented clients in privacy and data-related litigation in individual, multiparty and class action cases in a multitude of judicial jurisdictions as well as in front of federal regulatory agencies, such as the FTC. Additionally, our State Attorneys General Practice Group is conveniently ready to respond to state investigations, regardless of the breadth or depth.

Leading the Way in Policy and Compliance

In addition to litigating complex cases in this ever-evolving landscape of data and privacy law, Cozen O’Connor is at the forefront of changes in these fields. We counsel clients in connection with complying with Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act, the Electronic Communications Privacy Act (ECPA), the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, the Children’s Online Privacy Protection Act (COPPA), and the Fair Credit Reporting Act (FCRA). We also advise on international data transfers and assisting U.S. companies on compliance with the EU General Data Protection Regulation (GDPR).

Cozen O’Connor’s Washington D.C.-based government affairs group closely monitors potential changes in state and federal policy regarding data privacy and electronic information security so that our Public Strategies bipartisan lobbying group can help shape the newest laws and policies. A leader in policy reform, Cozen O’Connor works with clients to ensure policy compliance in this ever-changing regulatory landscape and also routinely represents clients before regulators and legislators.

Risk Management

Our group also has extensive experience in the fast growing and ever-evolving cyber risk market. As a long-time leader in the insurance bar, Cozen O’Connor attorneys have helped develop first and third-party cyber/tech/privacy policies, errors and omissions insurance, and cybercrime policy language. We also advise on coverage under all first-party and third-party lines of insurance, including cyber and technology, and have been involved in managing some of the largest consumer data breaches on behalf of our insurer clients.




Ethical Issues with Remote Work During COVID-19 [Alert]

March 30, 2020

Bill Gericke and Deb Winokur discuss lawyers and law firm's ethical obligations when working remotely and outsourcing work.

Cybersecurity Challenges for Companies in the Wake of the COVID-19 Crisis [Alert]

March 26, 2020

Matt Siegel gives companies seven tips they should keep in mind as their employees try to do from home what they would have otherwise done at the office.

Avoiding Online Scams in the Time of Coronavirus [Alert]

March 12, 2020

Trevor McGuinness discusses ways to avoid email scammers and hackers who may use the coronavirus as a way of accessing computers and personal information.

International Data Transfers and APEC Rules

February 13, 2020

Brian Kint published an article to Bloomberg Law discussing one of APEC's initiatives, the APEC Privacy Framework, a principles-based privacy standard first approved by the APEC economies in 2004 and reworked in 2015.

Recent AG and FTC Enforcement Actions Provide Guidance on Data Security Best Practices [Infographic]

February 10, 2020

More and more companies are experiencing crippling data breaches. We analyzed recent state Attorney General and FTC enforcement actions to identify eight data security best practices that companies can adopt to mitigate the likelihood of a breach which can be found in this infographic.

State Attorney Activism and Enforcement Trends

February 03, 2020

Ann-Marie Luciano, Chris Allen, and Bryan Mosca published an article in Bloomberg Law on February 3, 2020, sharing their observations on trends in state Attorney General activity in 2019, and the enforcement priorities they expect to see AGs focus on in 2020.

Google Partners with Ascension To Store and Analyze Millions of Patient Health Records [Cyber Law Monitor Blog]

November 19, 2019

Google has confirmed that it is working with Ascension, one of the nation’s largest health systems in a project that will involve the health data of millions of Americans.  Google and Ascension have partnered in a project to store and analyze patient data with the intended goal of using Google’s...

New York AG Files Lawsuit Against Dunkin’ Donuts For Attacks On Customer Accounts [Cyber Law Monitor Blog]

October 14, 2019

On September 26, 2019, New York Attorney General Letitia James filed a lawsuit against Dunkin’ Brands, Inc., the franchisor of Dunkin’ Donuts (“Dunkin’”). The lawsuit involves security issues surrounding Dunkin’s stored value cards, which customers can use to purchase Dunkin’ food and...

Privacy Primer: Family Educational Rights and Privacy Act (FERPA) [Cyber Law Monitor Blog]

September 04, 2019

FERPA is a U.S. law, passed in 1974, that protects the privacy of student educational records.  FERPA applies to all schools, from elementary schools to postsecondary education institutions, that receive federal funds under a program of the U.S. Department of Education.  FERPA and the regulations...

Is Privacy Dead in the World of the Internet of Things? [Legaltech News]

August 26, 2019

Brian Kint contributed an article to Legaltech news discussing his thoughts on privacy policies and how it affects our world today.

Ninth Circuit Finds Article III Standing For Procedural Violation Of Biometric Privacy Law [Cyber Law Monitor Blog]

August 23, 2019

The Ninth Circuit Court of Appeals has written the latest chapter of the ongoing saga of Article III standing for violations of the Illinois Biometric Information Privacy Act (“BIPA”).  BIPA requires, among other things, that before collecting a person’s biometric information, a company must...

Year To Date Changes To State Data Breach Notification Laws [Cyber Law Monitor Blog]

July 19, 2019

With so much attention being paid to the impending California Consumer Privacy Act, it can be easy to forget that other states have privacy and data security laws too.  And those laws change routinely, with potentially significant impacts on businesses.  Here is a quick rundown of changes to state...

'Spokeo' Standing Analysis After 'Rosenbach v. Six Flags' [The Legal Intelligencer]

July 18, 2019

Brian Kint published an article to The Legal Intelligencer in which he talks about two cases, one from the U.S. Supreme Court (Spokeo v. Robins, 136 S.Ct. 1540 (2016)) and one from the Illinois Supreme Court (Rosenbach v. Six Flags Entertainment, — N.E.3d —, 2019 IL 123186 (2019)).

Privacy Primer: Gramm-Leach-Bliley Act (GLBA) [Cyber Law Monitor Blog]

July 15, 2019

GLBA, sometimes called the Financial Services Modernization Act of 1999, is a U.S. banking law that has important privacy and data security requirements for institutions that are subject to the law.  The law applies to “any institution the business of which is engaging in financial...

Case Update: Wakefield v. ViSalus, Inc. [Cyber Law Monitor Blog]

June 26, 2019

A couple of months ago, I wrote about how a jury found multilevel marketing company ViSalus, Inc. responsible for making over 1.8 million robocalls in violation of the Telephone Consumer Protection Act.  Given the TCPA’s minimum statutory damages of $500 per call, ViSalus was looking at a minimum of...

Senate Bill Seeks to Protect Health Information Gathered from Wearable Devices [Cyber Law Monitor Blog]

June 25, 2019

I wear a fitness tracker.  I rarely take it off.  Throughout the course of the day, it collects a bevy of information about me: my heart rate, my exercise habits, the length and quality of my sleep.  When aggregated and observed over time, this information certainly reveals quite a bit of insight...

5 Ways Your Company’s Privacy Policy Could Be Insufficient [Corporate Compliance Insights]

June 24, 2019

Brian Kint explains how ill-crafted privacy policies can put a company and its customers’ data at significant risk and gives readers five of the top ways privacy policies are deficient.

Pennsylvania County Faces Up To $67 Million In Damages For Distribution Of Criminal Record Information [Cyber Law Monitor Blog]

May 30, 2019

A suburban Philadelphia county is facing a judgment of up to $67 million after a Pennsylvania federal jury found that it violated the Pennsylvania Criminal History Record Information Act. Pennsylvania’s Criminal History Record Information Act (“CHRIA”) governs the dissemination of records held by...

The Value Of Quickly Disclosing A Data Breach [Cyber Law Monitor Blog]

May 09, 2019

One of the first questions a company must answer after it discovers and remediates a data breach is, “What do we tell our customers?”  Companies may delay publicly announcing a data breach out of fear that doing so will harm their reputation with customers, leading to a loss of business.  They may...

Jury Verdict in TCPA Case Puts Over $925 Million In Damages On The Table [Cyber Law Monitor Blog]

April 18, 2019

On April 12, 2019, an Oregon federal jury returned a Friday evening verdict in a Telephone Consumer Protection Act (TCPA) class action that could put the defendant on the hook for $925 million in damages. The TCPA makes it unlawful to make a telephone call to any cell phone or residential...

5 Ways in Which Your Company’s Privacy Policy is Insufficient [Cyber Law Monitor Blog]

April 05, 2019

Well thought-out internal privacy policies and procedures are an essential part of any company’s information management program.  These internal policies should not be confused with a company’s external privacy notice, which informs the company’s customers as to how it may process, store, and...

U.S. Supreme Court Refuses to Search Google Settlement Agreement for Fairness [Cyber Law Monitor Blog]

March 22, 2019

The U.S. Supreme Court on Wednesday remanded a class action against Google so that the lower courts could determine whether any of the named plaintiffs have standing under Spokeo, Inc. v. Robbins. The underlying suit alleged violations of the Stored Communications Act (“SCA”).  The SCA...

Third Circuit Affirms Dismissal of FACTA Suit on Standing Grounds [Cyber Law Monitor Blog]

March 12, 2019

A three-judge panel of the Third Circuit recently affirmed a district court ruling that dismissed a suit for violation of the Fair and Accurate Credit Transaction Act of 2003 (FACTA) for lack of Article III standing.  The plaintiff, Ahmed Kamal, alleged that receipts he received from J. Crew showed...

Congress Holds Hearings on Privacy and Data Protection [Cyber Law Monitor Blog]

March 05, 2019

With all of the hubbub swirling around Capitol Hill last week with the Michael Cohen hearings, you can’t be blamed if you missed the fact that two important congressional hearings on privacy and data protection took place as well, one in the House and one in the Senate. First, on February 26,...

FTC Announces Record Settlement for Children’s Privacy Violations [Cyber Law Monitor Blog]

March 01, 2019

On February 27, the FTC announced that the operators of the video social networking application, now known as TikTok, agreed to pay $5.7 million to settle allegations that it violated the Children’s Online Privacy Protection Act (COPPA). According to the FTC, this is the largest civil...

Is it Time to Rethink Notice and Choice as a Fair Information Privacy Practice? [Cyber Law Monitor Blog]

February 13, 2019

Since the 1970’s, fair information practices (FIPs) or fair information privacy practices (FIPPs) have formed the framework around which organizations structure their policies on data collection, use, disclosure, and retention.  The cornerstone of individual privacy rights under the FIPs is notice...

Privacy Primer: The Children’s Online Privacy Protection Act (COPPA) [Cyber Law Monitor Blog]

February 04, 2019

COPPA is a U.S. law enacted by Congress in 1998 to address concerns regarding the online collection and disclosure of children’s personal information. Children (defined by COPPA as individuals under the age of 13) may not appreciate the significance of sharing their personal information online....

Illinois Supreme Court Sheds Light on the Importance of Strict Compliance with State's Biometric Information Privacy Act [Cyber Law Monitor Blog]

January 29, 2019

On January 25, 2019, in Rosenbach v. Six Flags Entm’t Corp., the Illinois Supreme Court held that an individual is an “aggrieved” party under the Illinois Biometric Information Privacy Act (“BIPA”) and may seek damages absent an allegation of harm beyond a violation of the rights conferred by the...

Setting Priorities [Best's Review]

March 01, 2017

Michael Handler of the Global Insurance Department discusses the state of insurance for present-day data breach claims in Best's Review.

The FDA’s New Guidance on Cybersecurity Risks for Medical Devices [Corporate Counsel]

March 03, 2016

Jillian Thornton Flax and Abby Sacunas, both members of Cozen O'Connor's Products Liability practice, discuss the FDA's new guidance on cybersecurity risks for medical devices in Corporate Counsel.

Protecting Your Company From Privacy Breaches Begins Now [The Legal Intelligencer]

August 05, 2015

Jason Bonk and Calli Jo Padilla discuss the importance of implementing, enforcing and training on policies reflecting the best practices to protect companies against the increasing threat of cyberhacking and privacy breaches.

Ashley Madison and the Illusion of Online Privacy [Avvo Naked Law Blog]

July 23, 2015

Jennifer Brandt discusses the Ashley Madison hacking scandal and explains how before using a website, posting on social media, or sending an email, consider the ramifications, and consider whether the private information you are providing is really secure.

Employer Liability in the Age of Cybersecurity [The Legal Intelligencer]

June 30, 2015

David Walton and Leigh Ann Benson discuss the importance of employers preventing cybersecurity incidents and what the outcome of the Supreme Court case Spokeo v. Robins would mean for class actions brought by their employees.

Big Data's Potential Disparate Impact Problem [Law360]

August 21, 2014

David Walton, vice chair of Cozen O'Connor's Labor & Employment department, authored an article for Law360 titled, ''Big Data's Potential Disparate Impact Problem.'' David argues that big data analytics may soon become ''the backbone for all personnel decisions.'' However, he cautions employers to ensure that protected categories are treated fairly, as ''Blind reliance on big data can lead to major disparate impact issues.''

The New Frontier in an Age-Old Problem [Intellectual Property Magazine]

July 01, 2014

In an article published in Intellectual Property magazine, Chanel Lattimer, associate in Cozen O'Connor's Intellectual Property department, discusses the increase in counterfeit apps and app stores.

Big Data – What It Is And Why You Should Care [Cozen O'Connor Whitepaper]

April 28, 2014

In a series of articles originally published by InsideCounsel Magazine, David J. Walton discusses the concept of big data and explores its impact on the way we conduct business

You thought ESI was complicated — Now add big data [InsideCounsel]

April 25, 2014

David Walton, vice chair of Cozen O’Connor’s Labor & Employment department, authored an article for InsideCounsel titled, “You Thought ESI was complicated – Now add big data.” Walton discusses the difficulties lawyers can face when dealing with electronically saved information and how they are increasingly more difficult with the addition of big data

How lawyers and law firms operate in a Big Data world [InsideCounsel]

April 11, 2014

David Walton, vice chair of Cozen O’Connor’s Labor & Employment department, authored an article for InsideCounsel, in which he discusses the ways, “big data has sparked a revolution in how corporate America conducts research, identifies customers, advertises itself, and pursues profits.”

Zombie Killers: How Microsoft Uses IP to Fight Cybercrime [Intellectual Property Magazine]

April 07, 2014

Camille Miller, co-chair of the Intellectual Property Department, and Chanel Lattimer, associate in the Intellectual Property Department, discuss how Microsoft has received mixed reactions in their efforts to fight online fraud.

Big Data raises big legal issues [InsideCounsel]

March 28, 2014

As companies realize the benefits of big data on their research & development, marketing, sales, branding, and revenue growth, they will increasingly have to reckon with its risks. Utilizing and monetizing big data raises enormous legal questions and potential liabilities. The most salient of these legal issues, at least in the near term, revolve around privacy, regulatory compliance, and duty to intervene.

Technology: How exactly are businesses using big data? [InsideCounsel]

March 14, 2014

Today, almost every large company collects data about its customers — reams and reams of raw, unstructured data. And they aren’t storing it for posterity. They are using it to do what businesses always try to do: Sell more widgets. More specifically, companies are using big data to identify new customers, advertise more effectively, and develop new products and services.

PlayStation Problems: No Defense in Sony’s Cyberattack Suits [Global Insurance Alert]

March 13, 2014

On February 21, 2014, a New York state trial court judge ruled that Zurich American Insurance Company has no duty to defend the Sony Corporation in lawsuits relating to a 2011 cyberattack on its PlayStation network. This decision is among the first in the country to address coverage issues for large scale data security breaches. Judge Jeffrey Oing rendered an immediate decision after hearing oral argument, recognizing the issue’s importance and the likelihood of an appeal.

Technology: All databases are not created equal, and counsel should know the difference [InsideCounsel]

March 07, 2014

In an article titled “Technology: All databases are not created equal and counsel should know the difference,” Dave Walton, vice chair of Cozen O’Connor’s Labor & Employment Department and co-chair of the firm’s E-Discovery Task Force, discusses big data analytics and the history of data management and analysis to aid in understanding and interpreting these analytics.

Technology: Why Big Data is a Big Deal for Lawyers [InsideCounsel]

February 14, 2014

Yahoo CEO Marissa Mayer said that “big data” will have a bigger impact than the Internet. Consider how the Internet completely changed our lives. It’s hard to imagine anything, let alone the vague concept of “big data,” having that type of impact.Yet, if you have read any article the past year on a legal technology issue, you have undoubtedly heard about big data. There’s still a lot of confusion about big data, its power, its potential, and what it means for lawyers. This article is the first in a series that will explore these issues and illustrate why big data really is (and will continue to be) a big deal for the legal profession.

Facebook v. Typosquatters: Statutory Damages Under Anticybersquatting Consumer [Intellectual Property Alert]

May 14, 2013

Magistrate Judge Westmore recommended that the U.S. District Court for Northern California award Facebook $2.8 million in damages from typosquatters under the Anticybersquatting Consumer Protection Act (ACPA). Facebook v. Cyber2Media, Inc. et al., Case No. 4:11-cv-03619, (N.D.Ca., April 30, 2013).

Check the White Pages for Personal Information: Massachusetts Decision Highlights the Expansion of Consumer Privacy Litigation [Cyber & Technology Alert]

March 26, 2013

Last week, in Tyler v. Michaels Stores, Inc., the Supreme Judicial Court of Massachusetts responded to certified questions presented by the district court and interpreted a Massachusetts statute to reflect the state’s interest in protecting consumer privacy. No. SJC-11145, 2013 Mass. LEXIS 40 (Mass. Mar. 11, 2013). In particular, the court held that a consumer’s zip code constitutes personal identification information, and that a consumer can bring an action under the relevant statute absent a claim of identify fraud.

Highlights of the Omnibus HIPAA/HITECH Final Rule [Cozen O'Connor Whitepaper]

March 07, 2013

On January 25, 2013, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) published the long-awaited omnibus final regulation governing health data privacy, security and enforcement (Omnibus Rule). The Omnibus Rule is a group of regulations that finalizes four sets of proposed or interim final rules, including changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules mandated by the Health Information Technology for Economic and Clinical Health (HITECH) Act and proposed in 2010; changes to the interim final breach notification rule; modifications to the interim final enforcement rule; and implementation of changes to the Genetic Information Nondiscrimination Act of 2008 (GINA). The Omnibus Rule goes into effect on March 26, 2013, and compliance is required by September 23, 2013. As expected, the Omnibus Rule did not finalize the May 31, 2011 proposed regulation regarding accounting for disclosures.

Utilities Sector To Be a Focus of Executive Order Directing Development of Critical Infrastructure Cybersecurity Framework [Energy, Environmental and Utilities Alert]

February 20, 2013

Little more than a week after reports of cyber attacks targeted at the Department of Energy, The New York Times and The Wall Street Journal, President Obama declared in his State of the Union address that these forms of attacks on the nation’s critical infrastructure are rapidly growing and present “real threats to our security and our economy.”

First Circuit Court of Appeals Holds Bank’s Online Security Measures “Commercially Unreasonable” in Landmark Decision [Global Insurance Group Alert]

July 20, 2012

First Circuit Court of Appeals Holds Bank’s Online Security Measures “Commercially Unreasonable” in Landmark Decision - Global Insurance Group Alert - In a landmark decision, the 1st Circuit Court of Appeals held in PATCO Construction Company, Inc. v. People's United Bank, No. 11-2031 (1st Cir. July 3, 2012) that People's United Bank (d/b/a Ocean Bank) was required to reimburse its customer, PATCO Construction Co., for approximately $580,000 that had been stolen from PATCO's bank account...

Cyber Liability Insurance: The Value of an Educated Broker in the Age of E-Commerce

December 01, 2011

Recent media reports of cyber intrusions, data thefts and computer system malfunctions involving large, high-profile companies such as Sony PlayStation, Citigroup and Lockheed’s Security Vendor, RSA, have led a rapidly growing number of companies to consider the necessity of insurance coverage for technology and cyber privacy risks.

Understanding Your Cyber-Risk Policy [National Underwriter]

September 01, 2011

Increasing reports of cyber intrusions, data theft and computer-system malfunctions have led a rapidly growing number of companies to purchase insurance coverage to protect themselves from technology and cyber-privacy risks. As our technology-driven economy continues to evolve and businesses become more reliant on electronic communication and data storage, they are developing a heightened awareness that an unauthorized intrusion could endanger their tangible and intangible assets (including intellectual property) and, in many cases, their reputation and ability to conduct business.

The Dos and Don'ts of Navigating the Cloud: a Business Guide for Cloud Computing [Corporate Counsel]

December 21, 2010

The Dos and Don'ts of Navigating the Cloud: a Business Guide for Cloud Computing - Corporate Counsel -

Cyber - Identity Theft: Our Children At Risk [Insurance Coverage Alert!]

August 24, 2010

Cyber - Identity Theft: Our Children At Risk - Insurance Coverage Alert! - Interviewing for your first job as a teenager is as exciting as it is intimidating. The interview proceeds flawlessly, and you start to count the dollar signs as you await the job offer. But, imagine your surprise when you are informed that you did not get the job because your background check revealed that you are more than $75,000 in debt and five years behind in child support payments for your 11-year-old child—a terrifying thought considering you are only 16 years old.

A New Era in HIPAA Enforcement: Connecticut Attorney General Files First HITECH Act Suit [Health Law Alert!]

January 18, 2010

A New Era in HIPAA Enforcement: Connecticut Attorney General Files First HITECH Act Suit - Health Law Alert! - Connecticut Attorney General Richard Blumenthal has filed a lawsuit against Health Net of Connecticut, Inc. for violations of the Health Insurance Portability and Accountability Act (“HIPAA”) following Health Net’s loss of protected health information (“PHI”) and other personally identifiable information.

The American Recovery and Reinvestment Act of 2009: Sweeping Changes to HIPAA Put Business Associates in the Spotlight [Health Law Alert!]

March 03, 2009

The American Recovery and Reinvestment Act of 2009: Sweeping Changes to HIPAA Put Business Associates in the Spotlight - Health Law Alert! - On February 17, 2009, President Obama signed into law the Health Information Technology for Economic and Clinical Health Act (“HITECH” or the “Act”), as part of the American Recovery and Reinvestment Act of 2009. The Act made
sweeping changes to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Privacy and Security Rules promulgated under HIPAA. This Alert focuses
primarily on Subtitle D of HITECH, which includes important

HHS' First Resolution Agreement for Alleged HIPAA Violations and What it Means for You [Health Law Alert!]

October 01, 2008

HHS' First Resolution Agreement for Alleged HIPAA Violations and What it Means for You - Health Law Alert! - The Department of Health and Human Services
(“HHS”) has entered into its first resolution
agreement with a covered entity to settle alleged
violations of the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy and security rules.1 According to HHS, the resolution agreement with Providence Health & Services (“Providence”), a Seattle-based not-for-profit health system, addresses a series

Events & Seminars

Past Events

Insurance and Reinsurance Symposium

March 12, 2020 - Philadelphia, PA

NetDiligence Cyber Claims Study

November 06, 2019 - Webinar

NetDiligence Cyber Risk Summit

October 17, 2019 - Santa Monica, California

Smart Talk: Cyber Security

September 17, 2019 - Philadelphia, PA

Health Law 2019

December 05, 2018 - Philadelphia, PA

Healthcare Technology and Privacy in an Evolving Era

January 18, 2018 - Washington D.C.

ACC Greater Philadelphia Paralegal/Legal Assistant Forum

October 07, 2016 - Philadelphia, PA

PREX16: Conference on Preservation Excellence

September 14, 2016 - Portland, OR

PBI 22nd Annual Health Law Institute

March 15, 2016 - Philadelphia, PA

ACI 2016 Risk Management Conference

January 13, 2016 - Nashville, TN

Security Briefing: Mobile Cyber Security

October 07, 2015 - Haverford, PA

PREX15: Conference on Preservation Excellence

September 16, 2015 - Portland, OR

May 2015 PACT Cybersecurity Series Event

May 07, 2015 - West Conshohocken, PA

IAPP Data Protection Intensive

April 15, 2015 - London

Above the Law: Converge Conference

March 18, 2015 - New York, NY

PACT Cybersecurity Series Event

February 26, 2015 - West Conshohocken, PA

Using Big Data In Litigation

October 16, 2014 - Webcast

2014 NetDiligence Cyber Privacy Forum West

October 08, 2014 - Santa Monica, CA

PACT Cybersecurity Series Event: Cyber Actors

October 01, 2014 - Philadelphia, PA

PACT Industry Event

January 15, 2014 - Philadelphia, PA

Social Media and Employment Law

December 03, 2013 - Philadelphia, PA

New Jersey Law Journal In-House Counsel CLE Seminar

November 22, 2013 - Florham Park, NJ

Cozen O'Connor's 2013 New York Litigation Seminar

February 12, 2013 - New York, NY

LEA: 2012 Loss Executives Annual Meeting

January 19, 2012 - Tampa, FL

HIPAA/HITECH Proposed Rule Discussion

September 20, 2010 - Philadelphia

In The News

Following Data Breach, In-House Counsel Should Review Company Email Policies

March 10, 2020

Brian Kint was quoted in Corporate Counsel discussing the information that hackers can access through email addresses.

HR and IT Should Team Up to Fight Cyberattacks

February 21, 2020

Brian Kint was quoted in HR Magazine discussing different ways to avoid cyberattacks and the types of companies at risk.

More Than Minor Changes? Assessing the Latest CCPA Updates

February 14, 2020

Brian Kint was quoted in a Compliance Week article discussing the revisions that were made to the proposed regulations implementing the California Consumer Privacy Act (CCPA).

How a Popular Privacy App Plans to Turn a Buck

February 11, 2020

Brian Kint was quoted in Protocol news discussing the privacy app, Jumbo.

Recent AG and FTC Enforcement Actions Provide Guidance on Data Security Best Practices

January 08, 2020

Ann-Marie Luciano and Jawaria Gilani published an article in the January 8 edition of CyberSecurity Law Report setting out practical steps companies can take to reduce the likelihood of a data breach.

4 Times E-Discovery Made the News in 2019

December 30, 2019

Joseph Tate was featured in a Legaltech news article that discussed four places where e-discovery made the news in 2019.

The Next Legal Challenge: Getting Law Firms to Use Analytics

November 22, 2019

David Walton was interviewed by Knowledge@Wharton, the Wharton School's online journal of business research and analysis, on the use of data analytics in the legal profession.

Google’s Antitrust Case Underscores Tough Sell for ‘Cooling-Off' Discovery Requests

November 06, 2019

Joseph Tate was quoted in Legaltech news discussing Google's petition for a protective order against a Texas Attorney General, who is leading a multistate antitrust investigation against the company.

Cozen O'Connor Sponsors NetDiligence Ninth Annual Cyber Claims Study

October 16, 2019

Cozen O’Connor sponsored the NetDiligence ninth annual Cyber Claims Study.

How In-House Lawyers Can Help Health Care Institutions Fight Costly Data Breaches

September 04, 2019

Greg Fliszar discussed with how health care providers are handling the rising number of serious data breaches that affect patients.

138 Cozen O’Connor Attorneys Named to the Best Lawyers in America

August 28, 2019

Best Lawyers selected 138 Cozen O’Connor lawyers from 21 of the firm’s national offices for inclusion in the 2020 edition of The Best Lawyers in America.

How To Keep Your Private Information Safe Following Massive Data Breach

July 30, 2019

Brian Kint discusses the latest breach of private information including the 100 million credit card holders who have been compromised.

Matthew Siegel Named to the Rutgers University Cybersecurity Certificate Program Advisory Board

June 14, 2019

Matthew Siegel, a member of Cozen O’Connor’s Privacy & Data Security practice, was named to the Rutgers University Cybersecurity Certificate Program Advisory Board.

Quest, Labcorp Breach Highlights Limits of HIPAA's Vendor Oversight

June 13, 2019

Ryan Blaney discussed with Legal Tech News Quest and Labcorp's recent data breach and where the responsibility falls.

Greg Fliszar & Ryan Blaney Discuss HIPAA on

December 19, 2015

Greg Fliszar and Ryan Blaney, members of Cozen O’Connor’s Health Law practice, discuss best practices for the Health Insurance Portability and Accountability Act (HIPAA) on

David Walton Discusses Communication Strategies and Data Preservation in Legal Tech News

November 01, 2015

David Walton, co-chair of Cozen O’Connor’s Privacy, Data & Cybersecurity Industry Team, discusses his take on communications strategies and data preservation at the firm in Legal Tech News.

Michael Schmidt Discusses DOL Rule That May Impact Working Outside of the Office in SHRM

June 19, 2015

Michael Schmidt discusses a potential rule by the Wage and Hour Division of the Department of Labor that will focus on the use of technology, including portable electronic devices, by employees away from work and outside of scheduled work hours.

Greg Fliszar Quoted in Healthline on the Increase of Health Data Theft

April 14, 2015

Greg Fliszar, of the firm's health law practice, is quoted on the topic of breaches of medical data, and how the number of affected patients is on the rise.


Matthew J. Siegel


(215) 665-3703

Brian Kint, CIPP/E, CIPP/US


(215) 665-2771

Gregory M. Fliszar


(215) 665-4737

David J. Walton

Chair, Cyber Solutions & Data Strategies

(215) 665-5547


Related Practice Areas

Related Blogs

Cyber Law Monitor

Following current trends in cyber, privacy, and data security law.

Keep up-to-date with the latest news from Cozen O'Connor

Enter your City or Zip.

Probably shouldn't change this:
Sign up to receive alerts, publications, and event / webinar invites.

By submitting your contact information, you are giving Cozen O'Connor consent to contact you via email.