Alan is a cybersecurity and data privacy attorney who works with companies to develop new and innovative ways to share, use and safeguard the information they control. This includes working to develop internal programs which comply with applicable security and privacy regulations; drafting data use, transference and data use or sharing agreements; ensuring that data subject privacy notices on websites and applications that collect consumer information comply with all applicable regulations; and working with companies to implement processes and procedures to comply with information requests from data subjects.
Alan also works with companies seeking to merge publicly available information with information voluntarily provided by data subjects to develop new and useful insights to help provide that drive better products and services for these organizations, while also to their customers and develop strategy around managing the privacy issues raised by this practice.
The specific regulations he addresses most frequently are federal laws such as DFARS/CMMC, Sarbanes Oxley, HIPAA, and FERPA; international laws such as Europe’s GDPR or PEPIDA; U.S. state laws such as California’s CCPA/CPRA, Colorado’s CPA, and Virginia’s VCDPA; and the laws involving regulators such as New York Department of Financial Services, Department of Defense and the Office of Human Rights.
When security and privacy practices fail, Alan also helps with an organization’s incident response. He routinely works with forensic consultants to help identify, scope, mitigate and remediate the effects of a breach and with negotiators to address ransom demands; provides opinions and draft notices to affected individuals and customers; represents clients appearing before regulators; and handles claims where the incident involves a breach of a contractual duty concerning how the data was intended to be managed.
With a Bachelor of Science in Computers and his legal background, Alan understands both the technology and legal requirements associated with security and privacy incidents, communicates these issues to the relevant stakeholders and achieves a fast resolution to any dispute.
Areas of focus: Cybersecurity, data privacy agreements, breach coaching, development of policies and procedures to help organizations make the most of the information they control.
Alan works with organizations to develop information governance policies. This includes preparing organizations for a potential regulatory or legal action, developing policies to safeguard important business transactions, and helping organizations comply with government and industry standards in developing best practices to manage and retain documents. Alan also assists organizations with information management relating to the development of document management strategies and retention policies and the development of disaster recovery plans.
Alan is experienced in all phases of the electronic discovery process. He and his group, which includes forensically trained IT professionals, routinely help organizations with the identification and preservation of potentially relevant content; its collection; review and finally production to the requesting party. He is a pioneer in the use of predictive coding to cost effectively and quickly identify responsive documents for early case assessment and review purposes and has been lecturing and writing in this area for the last four years. He has developed sampling methods used to test key word searches and to validate coding decisions.
Pharmaceutical and Medical Device Defense
In the tort arena, Alan focuses his practice primarily on litigation involving technology and pharmaceutical products. He has defended manufacturers of chemical or pharmaceutical products in products liability claims brought as class actions, multi-district litigation and statewide consolidations or as individual suits involving cancer, cardiac and pulmonary defects, birth defects and other systemic injuries. He has also acted as national counsel, local counsel, and science counsel for numerous companies.