Presentations
Moderator, "Advanced Data Breach Case Studies," Health Privacy + Security Intensive Day, Privacy + Security Forum 2017, Washington, D.C.
10.04.17
Privacy and security professionals, lawyers, technologists, policymakers, and academics connected and collaborated in a rigorous learning environment during this three-day event at George Washington University’s Marvin Center in Washington, D.C.
This session examined the revised Breach Notification rule and looked at some case studies where reasonable minds may definitely disagree on whether they qualify as "breaches," considering different approaches to interpreting the regulation. Topics included:
- What constitutes a "use" or "disclosure"? For example, is the transmission of unencrypted information a "provision of access" to unauthorized persons?
- What does it mean for information to be "compromised"? Does it have to be used in some manner?
- How do you weigh the four required breach risk assessment factors? Can strong mitigation outweigh the other factors?
Related Articles
2025
Feature
Financial Services
New Administration Outlook: Helping You Navigate Post-Election Uncertainty in 2025 and Beyond Read More External Link03.25.25
Publications
Artificial Intelligence
Co-author, "Privacy Law Issues for Developers and Deployers of Generative Artificial Intelligence," LexisNexis Read More External Link02.27.25
Webinars
Privacy & Security
"Securing Americans' Sensitive Data: Understanding the DOJ's New Final Rule," Davis Wright Tremaine Webinar Read More