Data Privacy

Almost daily there are news stories about data breaches. Sometimes it's as simple as a lost laptop or as flagrant as an intentional invasion of a computer network by organized criminals. In other cases it's a simple case of negligent handling of sensitive, proprietary information by those charged with its possession. As our society becomes more and more "digitized," it's reasonable to expect that data breaches will become part of daily life.

At The McCormack Firm, we have the ability, experience and critical relationships necessary to provide solutions to a host of issues related to data privacy and breaches, both before and after an event may have occurred.

Companies who possess personally identifiable information have numerous responsibilities under both state and federal law. Whether you're a small company in Massachusetts, a large company operating in numerous states, or a multi-national corporation, there are laws that pertain to your possession or ownership of that data. Let the McCormack Firm help you to assess which laws apply to you and how to achieve compliance.

Compliance doesn't equal security, but in many cases, effective security can achieve compliance. We have critical relationships to assist you to achieve your goals. Did you use a lawyer when you retained your Information Technology service provider? Does that relationship increase or decrease your potential liability?

The Massachusetts Data Privacy Law (MGL 93H - 201 CMR 17) applies to ALL Massachusetts businesses, regardless of size. From small local convenience stores to vast multi-nationals such as Fidelity Investments, all companies are required to have a written policy called a Written Information Security Program (WISP) if they own, license, possess, or maintain "personal information" of a Massachusetts resident.

HIPAA regulations, Gramm-Leach-Bliley Act, COPPA (children's online privacy protection act) and other pending federal legislation may apply to your company. We provide general business counseling in relation to the privacy laws that pertain to your organization.

Besides assistance in the development of legal compliance, The McCormack Firm will facilitate the introduction to other risk management tools, including loss prevention techniques and risk transfer options. We can assess the applicability of current insurance coverage and, through established strategic relationships, assist in obtaining appropriate "data breach" insurance coverage if necessary.

Further attention must be given to third party and vendor contracts. Much of existing and pending legislation requires companies to take certain specific measures when retaining third party vendor services. In this context, outsourced responsibility can lead to costly liability. Our team will review all contracts with an eye toward determining the extent of potential liability under these agreements. Further, we will assist in the review of procedures regarding the authority to execute such agreements and review of their content to eliminate any unnecessary assumed liability.

Consider this: Loss of data, whether through negligence or as a result of criminal action can result in the imposition of fines and penalties many times more costly than the relatively inexpensive cost of prevention prior to and reaction after the fact of a breach.

For further information about our services, please feel free to contact us at 617.951.2929 or on the web at www.mccormackfirm.com

You can also subscribe to the Massachusetts Data Privacy Law Blog at www.massdataprivacy.com authored by Attorney John Lacey. This critically acclaimed blog covers the world of data privacy, data breaches and legislation concerned with the digital world.

Contact Info

The McCormack Firm, LLC
Attorneys at Law

One International Place, 7th Floor
Boston, MA 02110

Phone: 617-951-2929
Fax: 617-951-2672

What's New

  • Attorney Robert La Hait recently obtained the dismissal of a 93A action against a major worker's compensation carrier in the Suffolk Superior Court, arguing, among other things, that the insurer could not be liable for unfair and deceptive practices under Massachusetts General Laws chapter 93A based upon actions by the insurer that were governed and controlled by Massachusetts General Laws chapter 152.
  • McCormack Firm partner Stephen Rosenberg will be a featured speaker at "The Year of Disclosure: New Retirement Plan Regulations and Legislation Impacting 401(k) and 403(b) Plans," presented by the New England Employee Benefits Council. Attorney Rosenberg will be addressing regulatory initiatives affecting the definition of "fiduciary" for purposes of ERISA governed plans. More information on the March 9, 2012 event, along with registration information, can be found
    by clicking here.
  • Joseph Aronson is now providing mediation and arbitration services. To schedule a mediation or arbitration, please call (617) 951-2929 or email mediations@mccormackfirm.com.
  • Stephen Rosenberg, the head of the firm's ERISA and insurance coverage practice groups, has a new article in the Journal of Pension Benefits, published by Aspen. The article, published in Volume 19.2 of the periodical, is titled "Structural Impediments to Breach of Fiduciary Duty Claims," and continues Attorney Rosenberg's series of columns for the Journal on ERISA litigation issues.
  • Stephen Rosenberg, in conjunction with co-counsel Mitchell Ross of Boston's Sweder and Ross, defeated a motion to dismiss in an ERISA case brought on behalf of a former corporate officer seeking to recover under deferred compensation agreements, commonly known as "top hat" plans. In denying the motion to dismiss, the court allowed claims for breach of fiduciary duty and denial of benefits under ERISA, as well as potential state law causes of action, to proceed.
  • The McCormack Firm's ERISA litigation group, led by partner Stephen Rosenberg, defeated multiple motions filed by a private company and certain present or former officers seeking to dismiss a breach of fiduciary duty lawsuit brought by several current and former employees of the defendant, in which the plaintiffs allege they were underpaid for the stock held in an Employee Stock Ownership Plan, commonly known as an "ESOP." The court rejected challenges based on ERISA's statute of limitations and on the impact of a release. Associates Nadine Bailey and Of Counsel Caroline Fiore of The McCormack Firm were also heavily involved in obtaining the favorable result for the firm's clients.
  • The Boston ERISA and Insurance Litigation Blog, authored and published by McCormack Firm partner Stephen Rosenberg, has been selected as one of LexisNexis' Top Insurance Law Blogs for 2011. This is the third year in a row Mr. Rosenberg's blog has been honored by LexisNexis. True to its name, the blog covers developments in the law governing ERISA and insurance disputes, and includes detailed commentary on major pieces of litigation in these fields. Clicking on this link will bring you to LexisNexis' announcement of the award, and clicking here will bring you to the Boston ERISA and Insurance Litigation Blog. http://www.lexisnexis.com/community/insurancelaw/blogs/topblogs/archive/2011/11/11/the-winners-the-insurance-law-community-top-blogs-for-2011.aspx http://www.bostonerisalaw.com
  • On November 3, 2011, Attorney John Lacey was guest speaker at the Boston Bar Association's "Brown Bag Lunch" Series where he discussed pending Federal legislation in the area of data privacy and data breach notification. The event was well attended and well received by members of the Bar. For more information, please see https://www.bostonbar.org/membership/events/event-details?ID=8110
  • On October 26, 2011, the United States Court of Appeals For the First Circuit issued its written opinion affirming a defense verdict obtained by Robert La Hait on behalf of Stonebridge Life Insurance Company. The preceding jury trial had involved a dispute over whether the plaintiff was entitled to the death benefits payable under three accidental death policies as a result of the named insured's death. After three days of trial, including testimony by experts for each side, the jury found in favor of Stonebridge.
  • On May 10, 2011, Attorney John Lacey was a guest on Legal Talk Network's program, Lawyer2Lawyer hosted by Craig Williams and Bob Ambrogi. The Topic was the recent massive data breach at Sony Corporation.
    Listen to the show here…

What's New

Personal Injury

Insurance Presentation

Quoted in the News

Pension Webinar

ERISA Seminar

Product Liability

Non-Smoking Condominium Building

Collapsing Wall

Domestic Violence

Read More >>

LexisNexis Martindale-HubbellAttorney Advertising. This web site is designed for general information only. The information presented at this site should not be construed to be formal legal advice nor the formation of a lawyer/client relationship.[ Site Map ]