On Demand

Data Security Incident Response: Mitigating Escalating Risks

(130 reviews)

Produced on April 08, 2020

$ 89 Business, Corporate, & Securities and Privacy & Cybersecurity In Stock
Get started now

$299 / year - Access to this Course and 1,500+ Lawline courses


Course Information

Time 1h
Difficulty Intermediate

Course Description

As massive data breaches make headlines and many states are enacting more stringent data privacy and security laws, in-house counsel and other attorneys need to be aware of the cyber-security threats to companies’ data and their legal obligations under international, federal, and state law. This presentation will discuss data security incident trends, the legal landscape of the state, federal, and international data privacy and security laws, recent regulatory enforcement actions, and best practices in mitigating risks from data breach incidents.

Learning Objectives:
  1. Examine the latest cyber attack trends
  2. Discuss the evolving threat landscape, including new lines of attack, the role of ransomware, and vulnerabilities
  3. Review the legal landscape of state, federal, and international data privacy and security laws
  4. Assess the costs of cyber-attack fallout, from physical damage to assets and intellectual property losses to legal fees and remediation expenses
  5. Identify the steps organizations can take to better manage these cyber-security risks and mitigate the impact of a cyber-attack 

Credit Information

After completing this course, Lawline will report your attendance information to {{ accredMasterState.state.name }}. Please ensure your license number is filled out in your profile to ensure timely reporting. For more information, see our {{ accredMasterState.state.name }} CLE Requirements page . After completing this course, {{ accredMasterState.state.name }} attorneys self-report their attendance and CLE compliance. For more information on how to report your CLE courses, see our {{ accredMasterState.state.name }} CLE Requirements FAQ .


Sara Goldstein


Sara Goldstein focuses her practice on legal issues related to privacy and data protection. As the former vice president and general counsel of a large provider of release of information and disclosure management services, Sara was responsible for overseeing all of the company’s legal and compliance-related matters. This experience gives her a depth of knowledge regarding her clients’ needs, bringing a business-oriented perspective to her practice and allowing her to provide legal guidance that is realistic and practical for her clients. 

Sara has authored a variety of industry-related articles in publications such as the Journal of the American Health Information Management Association(AHIMA), The Group Practice JournalCompliance Today and RACMonitor.com. She has been invited to speak to organizations across the country about release of information, compliance with federal and state medical privacy laws, and breach prevention. She is also an adjunct professor of law at Drexel University, where she teaches a course on HIPAA and patient privacy.

Eric A. Packel

Baker Hostetler

Eric Packel focuses his practice on privacy, data security and technology issues. As part of the firm's Digital Assets and Data Management group, he applies his analytical skills and knowledge of healthcare privacy compliance and regulations, as well as U.S. state laws and the GDPR, to assist clients in the evolving sector of data privacy. Eric has significant experience counseling corporations, healthcare providers and other entities on compliance with data breach notification laws, as well as assisting with data incidents. He has worked with the Cyber Crime division of the Federal Bureau of Investigation (FBI), the U.S. Secret Service, local law enforcement and prominent forensics experts in data incident investigations, and often counsels clients on appropriate strategies to respond to regulatory investigations following breach incidents. Leveraging his computer knowledge from his background as an information technology professional and as a Microsoft Certified Systems Engineer, Eric understands and assists clients in the various unique technical issues that arise related to privacy and data security incidents and subsequent forensic investigations. 

Select Experience

  • Handled numerous breach incidents and suspected incidents nationwide for a large global insurance carrier, including breaches relating to the carrier's own companies as well as its vendors. Advised the client on strategies for initial investigations and working with law enforcement. Developed appropriate strategies for response to each incident and counseled the client on its legal obligations pursuant to applicable state statutes and Health Insurance Portability and Accountability Act/Health Insurance Technology for Economic and Clinical Health (HIPAA/HITECH).
  • Represented a corporate services company when malicious software (malware) compromised access to the company's servers, exposing the financial and personal information of thousands of individuals in all 50 states and numerous foreign countries. Led a team in investigating the scope of the incident, developing breach response strategy, drafting notifications to affected individuals and preparing notifications to numerous regulatory agencies.


Melissa H.

Content very helpful

Gal G.

Great class.

Austin K.

Male presenter needed to mute his line.

Walter L.

As an older lawyer, it is helpful to learn some hints on things beyond my knowledge.

Load More