S. Keith Moulsdale

S. Keith Moulsdale

PARTNER
BALTIMORE
T: 410.347.8721
F: 410.223.3721

Mr. Moulsdale is co-chair of the firm’s Cyber Security, Data Management & Privacy group.  His practice focuses on licensing, IP, data security, privacy and other e-commerce and technology-related legal issues that organizations face, both in the U.S. and internationally.  He regularly counsels a wide range of organizations – including financial institutions, software vendors, and trade associations – in connection with their most significant data security concerns, including:  data security breach attempts; cross-functional assessment, containment and response efforts; mitigation strategies; information security policies; and compliance with statutory notification requirements.  

In addition, Mr. Moulsdale regularly represents software and technology companies that develop and distribute products and services that mitigate data security risks, as well as cybersecurity forensic companies.

Mr. Moulsdale is a member of Whiteford's LGBTQ+ & Allies Employee Resource Group.

Recognitions

  • Chambers USA, Intellectual Property, Maryland (2020-Present)
  • The Best Lawyers in America®, Privacy and Data Security Law (2017–Present), Technology Law (2023-present), Litigation-Intellectual Property (2024-Present), Technology Law  "Lawyer of the Year" (2024)
  • DistinguishedSM: Martindale-Hubbell® Peer Review Ratings™ (2016–2020)
  • Maryland Super Lawyers®, Technology Transactions, Intellectual Property, International (2012–2014, 2025)
  • Baltimore SmartCEO Magazine, "Baltimore's Legal Elite" (2006)
  • Baltimore Business Journal, "Who's Who In Law" (2000, 2003)
  • The Daily Record Innovator of the Year - Judge (2003)
 

Memberships & Activities

  • Member, Advisory Board, Cyber Incubator, UMBC
  • Member, Board of Directors, Cybersecurity Association of Maryland 2017-2023)
  • Member, Maryland Cybersecurity Council; Law, Policy and Legislation Subcommittee
  • Affiliate Professor of Cybersecurity Law in the MBA Program at Loyola University Maryland
  • Chair: IP Committee of MSBA Business Section (2000-2002) (Vice-Chair 1998-2000)
  • Appointed by Governor Glendenning to Governor's Task Force on e-Commerce (1999)
  • Board Member, Anne Arundel Tech Council (now known as Chesapeake Regional Tech Council) (2003-2007)
  • Advisory Committee Member, Chesapeake Innovation Center (2003-2006)
  • At Whiteford: Co-Chair, Clean Energy Technology Group; Co-Chair, Cybersecurity, Data Management & Privacy Group; Co-founder, past-Chair and current member of Technology & IP Section
  • Chambers and Partners Designation

IP, Technology & Software Protection, Licensing, E-Commerce

Representative matters include advice and counsel to:

  • A mobile switching center system developer in purchasing and sales, an including international resale arrangement with a Fortune 100 Company
  • A developer in drafting and negotiating license and ASP leases for a complex scanning system, including a license to one of world's top-five media companies
  • A developer of a cashless, Internet-based payment processing system
  • A licensee of exclusive, worldwide distribution rights in an intelligent data system from a Fortune 500 company
  • A digital wireless carrier in outsourcing arrangements, including 411 service, telemarketing & negotiation of international roaming agreements
  • Various distance learning providers in negotiating licenses and delivery systems
  • A wide range of clients with respect to numerous other tech-related legal issues, including privacy policies and compliance, file-sharing, music and video downloading, publishing, software development certification programs, electronic commerce, cyber-security, OS license compliance programs and other IP issues
 

Open Source and SaaS

Representative clients include:

  • Numerous open source vendors, including: 
    • dbms vendor MySQL AB through $1 billion sale to Sun Microsystems
    • Hypervisor vendor XenSource through $500 million sale to Citrix Systems; 
    • Network monitoring and systems management vendor Zenoss Inc.; 
    • Nonprofit owner of the Joomla! brands (Open Source Matters, Inc.)
  • ASP, SaaS and Cloud Computing providers in development and negotiation of alliance, SLA, subscriber, user, file sharing, reseller and other agreements
 

Cyber Security and Information Privacy

Representative matters include advice and counsel to cyber security software developers, cloud-based service providers, and other organizations, including in connection with:

  • compliance and mitigation strategies;
  • licensing, IP, open source, government contracting and corporate issues
  • security breach attempts (including via internal theft, phishing, SQL injection attacks, brute-force attacks and ransomware); 
  • cross-functional assessment, containment and response efforts; 
  • information security policies, including WISPs, incident response plans, disaster recovery policies, clean desk policies, and BYOD policies; 
  • statutory notification requirements
  • review and analysis of data security- and privacy-related aspects of insurance policies


Representative clients include:

  • a large, national trade association in connection with the defacement of its website and related data theft claimed by an international hacktivist collective
  • a financial institution in connection with a ransomware incident
  • an electronic payments trade association in connection with a serious phishing scam that used its famous brand to lure email recipients into downloading Zeus malware that infected 13 million computers worldwide.  
  • an organization whose former IT director exfiltrated the personally identifiable health information of thousands of customers
  • the developer of unique tools which encrypt and shred data
 

Clean Energy Technology

Representative clients include:

  • A manufacturer of regenerative electric propulsion system for sailboats
  • A startup of first-ever, online electric energy marketplace for consumers
  • A U.S. biodiesel processor seeking West African jatropha sources
  • A processor converting of municipal solid waste to fuel
  • The exclusive South American licensee of liquid fuel conditioning technology that improves combustion efficiency and reduces fuel consumption, without loss of power
  • Owner and operator of plants that recycle human food waste into dried animal feed
  • Licensor of technology used to manufacture, fabricate and assemble portable solar generators sold in Sub-Saharan Africa
  • Owner of a system that optimizes the reheating cycle of electric water heaters by matching that use with small surges in power availability on the regional electric grid
 

International

  • Drafted or negotiated license, distribution, development, manufacturing or other agreements in connection with assets or companies in many countries, including Australia, Barbados, Brazil, Canada, China, Ethiopia, Finland, France, Germany, Ghana, Hungary, India, Iraq, Israel, Italy, Japan, Kenya, Marshall Islands, Mexico, Norway, Singapore, South Africa, South Korea, Sweden, Switzerland, and United Kingdom
  • Seconded to Ghana, West Africa for 3.5 years
INSIGHTS

Protenus, Cyber Risk and Liability Trends in the Healthcare Realm  (March 2023)

Insurance Roundtable of Baltimore, Fowler Seminar, Privacy and Data Security - A Sea of Change (October 2022)

Columbia University Pre-College Program, Law at the Cutting Edge of Technology (August 2022)

Cybersecurity Association of Maryland, Inc., Communicating through a Crisis (March 2022)

Maryland State Bar Association Labor & Employment Law Newsletter, Privacy Implications of Vaccine Credentialing Systems (Winter 2022)

Bowie State University Cyber Day, Cyberspace Social Media: The Law, The Tech and The Human Element, Panel (October 2021)

Law Society of Ontario Annual Program, Cybersecurity: What You Need to Know, COVID and Beyond, Virtual Panel (March 2021)

bwtech@UMBC, Webinar: Ransomware 101 (December 2020)

NAPHSIS 2019 Identity & Security Conference - Legal Aspects of Data Sharing (November 2019)

Nonprofit Risk Management Center’s 2019 Risk Summit - Cyber Liability: Forming and Facilitating an Incident Response Team; Cyber Survivor – Surviving and Thriving in the Wake of a Data Breach Claim (October 2019)

Diocesan Fiscal Management Conference’s Annual Meeting - Navigating a Sea of Data Privacy + Security Risk (October 2019)

ASAE Annual Meeting & Exposition - A Primer for Understanding Your Association's Cyber Risk (August 2019)

Cybersecurity Association of Maryland, Inc. Maryland Cyber Breakfast Club - Risk Mitigation Strategies for Cybersecurity Product and Service Providers (June 2019)

Veterans Institute for Procurement - IP Risks and Protection When Doing Business Outside of the USA (June 2019)

bwtech@UMBC: European Privacy Invasion (GDPR) One Year In, California Privacy Takeover (CCPA) Six Months Out (May 2019)

Association of Commercial Financial Attorneys Continuing Legal Education Weekend - Navigating a Sea of Data Privacy + Security Risk (May 2019)

bwtech Executive Workshop for Int'l CyberSecurity Companies - What are the TOP Things a Foreign Company Should Know When Establishing a Business in the US? (April 2019)

ID Agent Webinar - Canadian-U.S. Legal Landscape (February 2019)

Edwards Project Solutions’ Cyberbytes Series - Cyber Realities In Corporate America Panel (January 2019)

bwtech@UMBC Cybertini, Baltimore, MD - Cybersecurity Issues in Healthcare (October 2018) (moderator)

Financial Executives International, Hunt Valley, MD - What Executives Need to Know About Cyber Security (June 2018) (speaker)

LeadingAge Maryland Finance & Strategy Symposium, Frederick, MD - What You Don't Know CAN Hurt You - Cybersecurity for Senior Living (November 2017) (presenter)

Association of Corporate Counsel, Baltimore, MD - Balancing Privacy Law Compliance with Safeguards Against Insider Data Security Threats, (May 2017) (presenter)

Panthera Technologies Seminar, Owings Mills, MD - The Roadmap to Sustained Security & Compliance: Overcoming the Challenges of Getting Started, (May 2017) (presenter)

ASAE’s 2017 Marketing, Membership & Communications Conference, Washington, D.C. - “Surviving and Thriving a Cyber Security Breach: A Guide for Membership, Marketing and Communication Association Executives” (May 2017) (presenter)

ASAE Law Symposium, Washington, D.C. – Compliance + Mitigation in a Sea of Data Security Risk (Oct. 2016) (panelist)

Katz Abosch Government Contracting Symposium, Arundel Preserve - Creating Marketplace Diversification with your Technology Service Offerings (Nov. 2016) (panelist with Spencer Wilcox and Dan Larkin)

CRTC Commercial Cyber Event – Insider Threats (Nov. 2016) (panelist with Mike Miller and Shawn Thompson)

Cyber Maryland, Baltimore - Good, Bad or Wacky? Recent Changes in Global Privacy & Security Laws (with Howard Feldman) (Oct. 2016)

CRTC Commercial Cyber Forum, Baltimore – Insider Threats (Nov. 2016)

BrightTALK Webinar - Privacy v. Security: Balancing Vulnerability Awareness & Incident Prevention (Oct. 2016) with Tim Vogel of Xtium and Kevin Lancaster of ID Agent

ALM cyberSecure, New York, NY – The Dark Web: A Black Market for Exploiting your Stolen Data (Sept. 2016) (moderator)

Risk Summit, Chicago, IL - Solving The Puzzle: How To Prepare For And Respond To Data Security Threats (Sept. 2016)

Retail Solution Providers Association, Grapevine, TX - Compliance + Mitigation in a Sea of Data Security Risk (Aug. 2016)

ASAE Association Law for Non-Lawyers, webinar – Data Security Breach Response Best Practices (May 2016)

Association Trends Finance Live, Washington, DC – Data Security Risk Management: How to Prepare for and Respond to Data Security Threats (May 2016)

Private Client Presentation – Panama Papers (April 2016)

Cybersecurity Association of Maryland + Chesapeake Regional Tech Council , Baltimore, MD – Identifying, Quantifying, Insuring & Mitigating Cyber Risk (April 2016) (with PSA Insurance, Ernst & Young LLP, and NFP Property & Casualty)

ASAE law Symposium, Washington, D.C. - Data Security Breach Response: Best Practices (Oct. 2015) (with DataStreet)

Association Trends Finance Live, Washington, D.C. – How to Find a Silver Lining in an AMS Cloud Contract (Sept. 2015)

ASAE Annual Meeting, Detroit, MI – Help! I’ve Been Hacked! (August 2015)

Association Trends, Webinar – Negotiating Association Software Contracts: Effective Business and Legal Strategies (May 2015)

Percona Live, Santa Clara, CA – Data Security - Emerging Legal Trends (April 2015)

Private Client Presentations, New York + Baltimore - GPL + LGPL Presentations for Executive Management (August 2014; Nov. 2014; April 2015)

Ft. Meade Alliance Industry Day, Baltimore – Commercial Cyber Discussion (March 2015) (with Exelon) (moderator)

bwtech@UMBC, Baltimore - The Startup Yellow Brick Road: Going from Service to Product Company (Feb. 2015) (moderator)

Private Presentations for Accounting Firms, Baltimore - Cyber Security for Accountants – (2014)

Association Execs, Webinar – Protecting Your Association’s IP (Dec. 2014) (with Jeff Glassie)

ASAE Law Symposium, Washington, D.C. - The Impact of Data Breaches, Cloud Computing, Tech. Contracts + Cyber Insurance (Oct. 2014) (with Spotkick)

PSA Insurance, Hunt Valley, MD – Understanding, Preparing for & Responding to Cyber Threats (Sept. 2014) (with Tangible Security)

Association Trends Finance LIVE: Technology Initiatives in Nonprofits, Washington, D.C. – Could this be You? (Sept. 2014)

NYSE Governance Services, Washington, D.C. – Thought Leadership Roundtable on Cyber Security (May 2014)

ASAE Tech Conference, Washington, D.C. -  Understanding, Preparing for, and Responding to Legal Risks that Cyber Threats Pose to Associations and Nonprofit Organizations (Nov. 2013) (with APhA and Howard Feldman)

Corporate Board Member: The Board IT Challenge, Atlanta – Battling Cyber Crime: Do you Know your Enemy? (Oct. 2013)

ASAE Law Symposium, Washington, D.C. – Cybersecurity Threats + Legal Risks (Sept. 2013) (with NACHA and Howard Feldman)

Association Trends Finance Live, Washington, D.C. – An Update on Legal Issues in Technology (Sept. 2013) 

bwtech@UMBC, Baltimore – Cybersecurity Threat Info. Sharing Executive Order (May 2013) (with NIST and others) (moderator)

Association of Corporate Counsel, Baltimore – Practical Lessons learned: An Overview of Cyber Law & Information Governance (Feb. 2012) (with Feldman)

Corporate Board Member: The Board IT Challenge, Chicago – An Overview of Cloud Computing Risks (Oct. 2012)

Cyber Maryland, Baltimore – Demystifying Cyber Policy: What Every Executive Should Know (Oct. 2012) (panel)

Whiteford Blog - Are Associations and Nonprofit Organizations the Next Big Target for Cyber Attacks? (Sept. 2012)

Cyber Security Summit, Baltimore Business Journal (2011)

International Information Privacy Compliance, eZ Systems Conference, Skein, Norway (2006)

Managing Success in a Post-9/11 World, techcenter@UMBC (2004)

Understanding Open Source & Its Business Implications, Greater Baltimore Tech Council (2004)

U.S. & Int'l IP Protection Strategies, Loyola College Exec. MBA Program (2005, 2004, 2003, 2002 & 2001)

Issues in Technology Contracting, Maryland Judicial Institute for Judges Assigned to Business & Technology Case Management Program (2003)

Whose Design Is it Anyway?, Whitmore Lunch & Learn Series (2003) & AIGA Seminar (2002)

Assessing & Managing Your IP Risk, Marsh/Whiteford Seminar (2002)

Open Source Software Licensing, U. Balt. School of Law (2002)

Maryland IP Law Update, U. Balt. School of Law (2001)

Emerging Privacy Laws (2001); Facets of Law as Applied to Technology, Loyola College Exec. MBA Program (2000 & 1999)

IP Issues in the Workplace, Lorman Seminar on Covenants Not to Compete (2000)

International IP & Technology Transfer Strategies, Ukraine Technopark Managers Course, Loyola College Int'l Technology Research Institute (2000)

Practical Legal Issues in e-Commerce, MICPEL Seminar (2000) (also, co-chair)

Facing E-Commerce Head On; International E-Commerce: Order Out of Chaos, IP Licensing Skills Workshop, Whiteford Technology and IP Legal Issues Workshop (1999)

Trademarks, Digital Signatures & Privacy Issues on the Internet, MSBA Annual Meeting, (1999)

Electronic Commerce and the New Millennium - Current Issues From a Practitioner's Perspective, U. of Baltimore School of Law IP Law Society (1999)

Strategies for Protection of U.S. IP; Webpage Do's & Don'ts; Fundamentals of Trademark Law, Whiteford Technology and IP Legal Issues Workshop (1998)

Electronic Commerce, MICPEL (1998)

IP Issues in the Workplace, Whiteford Employment Law Seminar (1998)

Computer Software Copyright Infringement Analysis and Resolution, IP Committee of MSBA Business Section (1998)

Selected Internet Domain Name and Jurisdiction Issues, IP Committee of MSBA Business Section (1997)

U.S. Trademark Registration Practice, full-day lecture to Chinese IP Lawyers and Judges (1996)

UCITA Spells Controversy, The Business Monthly (2001) and The Maryland Bar Journal (2000)

Kids Say The Darnedest Things, The Advocate, (1999)

Businesses May Get Burned By New Online Law, Baltimore Business Journal (1999)

The New Millennium: Don't Let It Bug Your Practice, TortSource (1999) and Bar Bulletin (1999)

Who's Minding The Store?; Protecting Your Company's Trade Secrets, The Business Monthly (1998)

The Internet: Spamming, Framing and Free Speech, The Maryland Bar Journal (1998)

ARTICLES

Client Alert: Maryland Adopts Groundbreaking Online Data Privacy Act of 2024: What You Need to Know

On May 9, 2024, Governor Wes Moore signed into law the Maryland Online Data Privacy Act of 2024 (“MODPA”). MODPA will take effect on October 1, 2025, but will not apply to personal data processing activities occurring before April 1, 2026. MODPA is the latest in a series of state data privacy laws that impose comprehensive obligations on businesses that collect, process, or sell personal data of consumers and otherwise meet certain jurisdictional thresholds.  

Client Alert: New Laws Prohibit Certain Data Transfers to China, Russia, Iran, and other Foreign Adversaries of the U.S.

In addition to its well-publicized move to prohibit more than 150 million Americans from posting embarrassing dance videos of themselves on TikTok (at least while it is Chinese-owned), the U.S. federal government recently adopted two significant federal data transfer prohibitions: (1) the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (“PADFA”); and (2) an Executive Order entitled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” Any organization that currently shares, or is considering sharing, sensitive personally identifiable information with anyone in China, Russia, Iran or any other “foreign adversaries” of the United States should determine whether these new prohibitions require them to change their data transfer activities.

Client Alert: New Jersey Privacy Law

On January 16, 2024, New Jersey became the fourteenth state to enact comprehensive privacy legislation after the passage of the New Jersey Data Privacy Act (“NJDPA”), adding to the growing national focus on consumer personal data protections, albeit at the state level. 

Client Alert: Is Your Credit Union Ready to Comply with Updated NCUA Cyber Incident Notification Requirements?

Under final regulations updated on March 1, 2023 and effective as of September 1, 2023, the National Credit Union Administration (“NCUA”) imposed stringent new cyber incident reporting requirements on federally chartered corporate credit unions and federally insured, state-chartered corporate credit unions (“FICUs”). FICUs that experience a cyber incident that rises to the level of a “reportable cyber incident” must now notify the NCUA (a) as soon as possible; and (b) no later than 72 hours after the FICU reasonably believes that it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.

Client Alert: State Privacy Laws and Nonprofit Organizations

The U.S. data privacy regulatory framework is complex and is becoming more so with each passing day. On July 18, 2023, Oregon became the eleventh state to enact comprehensive privacy legislation, joining five other states (Iowa, Indiana, Montana, Tennessee, and Texas) that have passed “comprehensive” privacy legislation this year.

Client Alert: Proposed FTC Updates Provide a Roadmap to the Use of Endorsements and Testimonials in Advertising

The Federal Trade Commission (“FTC”) is poised to issue updated Guides Concerning the Use of Endorsements and Testimonials in Advertising (the “Guides”) following a comment period on the proposed changes. This alert provides an overview of the proposed updates, which will impact all businesses that engage in any form of advertising and especially those advertising through social media and other online advertising channels.

Client Alert: Texas and Tennessee Join the Cacophony of State Data Privacy Laws 

On June 18, 2023, Texas became the eleventh state to enact comprehensive privacy legislation after the recent passage of the Texas Data Privacy and Security Act (“TDPSA”). Texas now joins Tennessee as the latest entry into an increasingly complex web of state privacy laws. On May 11, Gov. Bill Lee signed into law the Tennessee Information Protection Act (“TIPA”), which itself follows recent enactments of data privacy laws in Iowa, Indiana, Florida, and Montana.  
 

Client Alert: Maryland Considers Adoption of Biometric Data Privacy Act

If your organization collects or uses, or is thinking about collecting or using, biometric data, such as fingerprints, DNA scans, retinal scans or voice prints obtained from customers, employees or others, the Maryland Biometric Data Privacy Act (the “Biometric Act”) currently under consideration by the Maryland General Assembly should be of keen interest to you. If adopted, House Bill 33  (“HB 33”) (and its companion, Senate Bill 169), would regulate “private entities’” which collect or possess biometric data and subject those who violate those regulations to investigations and claims brought by the Maryland Attorney General or private litigants.

Client Alert: Virginia Privacy Law Takes Effect January 1, 2023

With the passage of the Virginia Consumer Data Protection Act (Va. Code Ann. §§ 59.1-575 to 59.1-585) (“VCDPA”) on March 2, 2021, Virginia residents now have certain rights regarding their personal information, while business entities conducting business in Virginia may have new and additional data collection and protection obligations, if they meet certain jurisdictional thresholds.  
 
VCDPA will become effective on January 1, 2023.  As a result, organizations conducting business in Virginia may need to review their data collection and processing obligations for applicability of the VCDPA, and in preparation for the VCDPA taking effect.
 
This brief article is intended to highlight certain key requirements of the VCDPA.

Client Alert: The Do’s and Don’ts of Online Customer Reviews

If you operate a mobile app or any other online platform that features consumer reviews, there are important rules you need to know when it comes to procuring, organizing, or editing consumer reviews of your products or services.

The risks are real.  Any actions you take that have the effect of distorting or misrepresenting consumer reviews may give rise to allegations of potentially deceptive conduct and enforcement actions by the Federal Trade Commission (“FTC”) under Section 5 of the FTC Act.

As a matter of general guidelines, a few key principles emerge from Section 5 of the FTC Act.  Namely, companies (1) should be transparent about their review-related practices and (2) should treat consumer reviews in a way that truly reflects the feedback received from legitimate customers, presenting a true and holistic picture of the consumers’ experiences and interactions with the companies’ goods or services.

While these guiding principles may seem straightforward enough, many companies have engaged in practices that are, in fact, illegal. It’s important to know that, if adopted, these practices can give rise to significant liabilities.  This brief article is intended to highlight, and help you avoid, some common pitfalls.


Client Alert: Baltimore City Bans Facial Recognition Technology

On September 8, 2021, an ordinance prohibiting  use of facial recognition technology in Baltimore City took effect.  The law, City of Baltimore Ordinance 21-038: Surveillance Technology in Baltimore, was passed by the Baltimore City Council in June and signed by Mayor Brandon Scott on August 9.  In passing the law, Baltimore joins a small number of local jurisdictions – including Portland, Oregon and New York City – and states – including Illinois, Texas and Washington – in regulating the use of certain biometric technology.

Client Alert - The Colorado Privacy Act: Both Bark and Bite

Europe began the trend, California followed suit shortly after, and now the flood gates have opened.  Colorado is the third state that is on the brink of enacting a strict and extensive privacy law that has significant implications for a wide variety of organizations that control or process personal data.

Client Alert: Executive Order on Cybersecurity – What Government Contractors Need to Know

In the wake of the Colonial Pipeline Hack, on May 12, 2021, the Biden Administration issued an Executive Order (EO) on Improving the Nation’s Cybersecurity. The Government is proposing broad changes to the Federal Acquisition Regulation (FAR) and Department of Defense FAR Supplement (DFARS) in two areas. What do government contractors need to know?

Client Alert: Washington DC Increases Breach Response Requirements and Focuses on Data Security

A recent amendment to the District of Columbia’s data breach notification law (the “D.C. Breach Law”) highlights the nation’s increased focus on data security standards. Generally, the changes to the D.C. Breach Law fall into three categories: (1) expanding what is considered a reportable incident; (2) expanding the notification requirements for breaches; and (3) emphasizing proactive data security measures.

Client Alert: Guidance Issued for Ed Tech Companies and Schools during the COVID-19 Crisis

The Children’s Online Privacy Protection Act (“COPPA”) generally requires that operators of commercial websites and online services take certain steps to protect online privacy and safety of children under the age of 13.  Those steps include COPPA’s requirement that companies covered by COPPA provide notice of their data collection and use practices and obtain verifiable parental consent before collecting certain data and that they maintain reasonable data security safeguards.

Client Alert: OCR Issues Guidance About Sharing Patient Information and Telehealth Communications during Pandemic

The Office of Civil Rights (“OCR”) recently issued bulletins with important guidance for health care providers during the COVID-19 pandemic. 

The OCR has recognized that, during the COVID-19 national emergency, health care providers may seek to communicate with patients, and provide so-called “telehealth” services, through remote communications technologies.  Some of these technologies, and the manner in which they are used by HIPAA-covered healthcare providers, may not fully comply with the requirements of the HIPAA Rules.  However, in light of the national emergency, the OCR said that it will not impose penalties against covered health care providers for the lack of a HIPAA business associate agreement (“BAA”) with video communication vendors, or any other noncompliance with the HIPAA Rules that relates to the good faith provision of telehealth services during the COVID-19 nationwide public health crisis.

Client Alert: COVID-19 Cyber Scams: Protect Your Organization

With everyone’s attentions devoted to the COVID-19 crisis and the disruptions it has caused to the normal rhythms of business and personal affairs, it should come as no surprise that criminals and scammers are seeking to take advantage of the situation.

Defend Trade Secrets Act (DTSA) Signed into Law, May 11, 2016

On May 11, 2016, President Obama signed into law the Defend Trade Secrets Act (DTSA) creating a cause of action under federal law for trade secret misappropriation which previously had been governed by state common law and each state’s adoption of the Uniform Trade Secrets Act.   The law took effect immediately upon signing.

European High Court Invalidates Safe Harbor for Transfer of Personal Data

On October 6, 2015, the European Court of Justice — the highest court in Europe — invalidated an international privacy agreement between the United States and the European Union, known as the US-EU Safe Harbor.  The US-EU Safe Harbor allowed companies engaged in international business activities to transfer personal data from the European Union to the U.S. in compliance with the European Union Data Protection Directive (“EU Data Directive”).

Cyberattacks Are Equal Opportunity Threats

You may think that most cyberattacks happen to for-profit businesses and government agencies. But don’t be lulled into a false sense of security; when it comes to collecting and storing valuable data, many trade associations and nonprofits could give a like-sized corporation a run for its money.


Data Protection & Privacy Laws 2012

Data privacy laws in much of the world apply regardless of industry, source or region. In contrast, the US features an alphabet soup of sector-specific federal data privacy laws. For example, the German-Leach-Bliley Act (GLBA) applies to financial institutions, the Health Insurance Portability and Accountability Act (HIPAA) applies to healthcare institutions, the Children's Online Privacy Protection Act (COPPA) applies to online businesses collecting information from children under age 13, the Family Educational Rights and Privacy Act (FERPA) and Protection of Pupil Rights Amendment (PPRA) apply to student records, the Driver Privacy Protection Act (DPPA) applies to motor vehicle records, and the Fair Credit Reporting Act (FCRA) applies to data collected by consumer reporting agencies. Stir in 50 US state and territorial data security laws governing data breach notice, security and destruction, and you get a complex thicket of data privacy and security laws.


Are Associations and Nonprofit Organizations the Next Big Target for Cyber Attacks?

Like most people in our tech-inundated world, you might be a bit numb to seemingly daily reports that yet another organization has been hacked.  But, as an executive or employee of a nonprofit organization or association, you may have taken notice and some comfort in the fact that the lion’s share of those attacks appear to have been perpetrated on for-profit businesses and government agencies, like Sony, Citibank, Lockheed Martin, ADP, the FBI and the CIA.


"Don't be evil"? Security breaches catch even the best-intentioned companies off guard

As Google and Facebook and countless others have discovered, most netizens tend to be pretty blasé about privacy – until all of a sudden they aren’t. While we all love the detailed photo views on Google Maps, the revelation that Google’s camera cars were also sweeping WiFi networks as they captured those images was met with outrage.  And, Facebook users seemed to carelessly love that app’s ability to track down long-lost friends, until last week it pulled friends’ phone numbers into a handy online directory “for you”.


PRESENTATIONS

36 Whiteford Attorneys Named Super Lawyers and Rising Stars

Whiteford, Taylor & Preston is pleased to announce that thirty-six of its attorneys are listed among the 2024 Super Lawyers and Rising Stars in Delaware, District of Columbia, Maryland, New York, Pennsylvania and Virginia.

A Record 87 Whiteford Attorneys Listed in Best Lawyers in America 2024, Ten Selected as “Ones to Watch”

87 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2024 (copyright 2023 by Woodward/White, Inc., of Aiken S.C.). New practice areas of recognition include CleanTech Law and Entertainment and Sports Law. The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington offices. Client comments are posted on the Best Lawyers website, at bestlawfirms.com.

Chambers Honors Whiteford in 14 Practice Areas

Whiteford is pleased to announce that Chambers and Partners has once again ranked the firm highly in its 2023 list of leading firms and business lawyers.

73 Whiteford Attorneys Listed in Best Lawyers in America 2023, Six Selected as “Lawyer of the Year”

73 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2023 (copyright 2022 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington, D.C. offices. Client comments are posted on the U.S. News & Best Lawyers web site, at bestlawfirms.com.

Chambers Honors Whiteford in 14 Practice Areas

Whiteford, Taylor & Preston is pleased to announce that Chambers and Partners has once again ranked the firm highly in its 2022 list of leading firms and business lawyers. This year’s recognition includes 29 attorneys in 14 practice areas at the National and State level.

75 Whiteford Attorneys Listed in Best Lawyers in America 2022, Eight Named “Ones to Watch”

A record 75 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2022 (copyright 2021 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington offices. Client comments are posted on the U.S. News & Best Lawyers web site, at bestlawfirms.com.

Chambers Honors Whiteford in 11 Practice Areas

Whiteford, Taylor & Preston is pleased to announce that Chambers and Partners has once again ranked the firm highly in its 2021 list of leading firms and business lawyers. This year’s recognition includes 25 attorneys in 11 practice areas in 3 states and the District of Columbia.

71 Whiteford Attorneys Listed in Best Lawyers in America 2021, Six Named “Lawyer of the Year”

A record 71 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2021 (copyright 2020 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Delaware, Maryland, Pennsylvania, Virginia and Washington offices. Client comments are posted on the U.S. News & Best Lawyers web site, at bestlawfirms.com.

Chambers Honors Whiteford in 10 Practice Areas

Whiteford, Taylor & Preston is pleased to announce that Chambers and Partners has once again ranked the firm highly in its 2020 list of leading firms and business lawyers. This year’s recognition includes 23 attorneys in 10 practice areas in 3 states and the District of Columbia.

57 WTP Attorneys Listed in Best Lawyers in America 2019, Four Named "Lawyer of the Year"

57 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2019 (copyright 2018 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Delaware, Maryland, Virginia and Washington offices. Client comments are posted on the U.S. News & Best Lawyers web site.

Countdown to GDPR

Whiteford attorneys quoted in ASAE's Associations Now article.

59 WTP Attorneys Listed in Best Lawyers in America 2018, Two Named "Lawyer of the Year"

59 lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2018 (copyright 2017 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Maryland, Washington and Virginia offices. Client comments are posted on the U.S. News & Best Lawyers web site, at bestlawfirms.com.

In addition, two lawyers were selected as “Lawyer of the Year” for their particular areas of practice.


59 Whiteford, Taylor & Preston Attorneys Listed in Best Lawyers in America, 2017, Eight Named as "Lawyers of the Year"

Fifty-nine lawyers from Whiteford, Taylor & Preston have been selected by their peers for inclusion in The Best Lawyers in America® 2017 (copyright 2016 by Woodward/White, Inc., of Aiken S.C.). The lawyers selected are based in the firm’s Maryland, Washington and Virginia offices.

In addition, eight lawyers were selected as “Lawyers of the Year” for their particular areas of practice. 


Cyber Alert: Anthem Data Breach: Self-Insured Plans

On February 4, Anthem, Inc., the second largest health insurer in the U.S., reported that hackers breached one of its IT systems and stole personal information relating to consumers and employees.  Described as “very sophisticated,” the attack involved the records of an estimated 80 million people.  While information accessed apparently did not involve medical information or credit card numbers, it did include such personally identifiable information as names, social security numbers, and income data. 


Fifty-Four Whiteford Attorneys Named Super Lawyers and Rising Stars in Maryland

Whiteford, Taylor & Preston is pleased to announce that 54 of its Maryland-based attorneys are listed among the 2014 Super Lawyers and Rising Stars.

The firm is particularly proud of the young lawyers who are recognized as “Rising Stars” and the three partners who received special recognition -- Edward Buxbaum and Dwight Stone in the Top 100, and Mary Claire Chesshire in the Top 50 Women.


Sixty-Four Whiteford Attorneys Named Super Lawyers and Rising Stars in Maryland, Delaware, Virginia

Whiteford, Taylor & Preston is pleased to announce that 64 of its attorneys are listed among the 2013 Super Lawyers and Rising Stars in three states.

The firm is particularly proud of the young lawyers who are recognized as “Rising Stars”; the four partners who are listed in the Top 100 in Maryland – Edward Buxbaum, Edwin Fee, William Ryan, and Dwight Stone; and the 16 who are named for the first time this year.


Forty-Six Whiteford, Taylor & Preston Attorneys Named Super Lawyers and Rising Stars in Maryland; Five in Maryland Listed in “Top 100”

Whiteford, Taylor & Preston is pleased to announce that 46 of its attorneys are listed among the 2012 Maryland Super Lawyers and Rising Stars.

The firm is particularly proud of the five who are listed in the Top 100 in Maryland – Edward Buxbaum, Edwin Fee, Paul Nussbaum, William Ryan, and Dwight Stone. Selection of the Top 100 lawyers in a jurisdiction is strictly based on the highest scores in the Super Lawyer judging process, and Whiteford is one of the two firms with the most names on the list.

6 Whiteford, Taylor & Preston Attorneys Named Among Baltimore's Legal Elite

Whiteford, Taylor & Preston LLP (WTP) is delighted to announce that Baltimore SmartCEO Magazine (SmartCEO) has selected six WTP attorneys for its list of Baltimore's Legal Elite.   

"We're honored that our attorneys have been recognized for their skills, knowledge, and client dedication.  While we've always known how fortunate we are to have them as part of the Whiteford family, we're very pleased to have this type of outside recognition," explained Martin Fletcher, a member of the firm's Management Committee.


WTP Announced As Sustaining Sponsor of the Chesapeake Innovation Center

Whiteford, Taylor & Preston has become a Sustaining Sponsor of the Chesapeake Innovation Center LLC (CIC), the nation's first incubator focusing on homeland security technologies. Sustaining Sponsorsdonate a minimum initial contribution of $25,000 and an annual contribution of$5,000 to help fund new business formation in Anne Arundel County, Maryland.


WTP Names Five New Partners

Whiteford, Taylor & Preston L.L.P. is pleased to announce Pamela M. Conover, S. Keith Moulsdale, Dwight W. Stone, II, Brent C. Strickland and Steven E. Tiller have been elected partners. (All five new partners practice in the firm’s Baltimore office.)