Kenneth N. Rashbaum

Kenneth N. Rashbaum advises multinational corporations, financial services organizations and life sciences organizations in the areas of privacy, cybersecurity, e-discovery for litigation and regulatory proceedings and information management. He counsels these entities on information governance and its compliance with federal, state, and non-U.S. laws and the interface of e-commerce and legal and regulatory liabilities in areas such as cybersecurity and breach response. Ken has vast experience in preparation and negotiation of technology contracts, including service level agreements and license agreements relating to compliance with data protection and privacy laws in the U.S. and other countries. He also leads information security and data breach response assessments, investigations and remediation initiatives; prepares policies for social media legal and regulatory compliance; and represents technology and life sciences organizations in federal and state investigations and audits, and in litigation.

Ken also serves as special e-discovery counsel for complex litigation and in matters in which electronic evidence from beyond the U.S. is required. He has been recognized internationally as a thought leader in electronic discovery and disclosure, and has served as national e-discovery counsel for multinational pharmaceutical corporations and global e-discovery counsel in products liability and IP litigation. Ken was appointed to the faculty of the Federal Judicial Center for its September 2010 session and the Georgetown Advanced E-Discovery Institute (November 2009 and December 2012 sessions) to lead sessions on international e-discovery issues and challenges. In 2019, he served as a special consultant to the New Jersey Assembly assisting in the preparation of a bill that, if passed, would become New Jersey’s first comprehensive privacy and cybersecurity law. Ken has also testified as a cybersecurity and privacy expert before the New Jersey Homeland Security and State Preparedness Committee.

In his capacity as a nationally known expert on data privacy, Ken counsels healthcare organizations on compliance with federal, state and judicial standards governing protected health information. He has served as HIPAA and privacy counsel to major hospital systems, health plans, physicians’ groups, cloud computing providers and health information application developers; advised academic hospital systems on protocols for implementation of electronic health records; and provided counsel on risk management issues in access, uses and disclosures of electronic patient information.

Ken is an Adjunct Professor of Law at Fordham University School of Law and had been a member of the Adjunct Faculty at the Maurice A. Deane School of Law at Hofstra University from 2013 – 2015.

Prior to joining Barton, Ken was a senior litigation partner in the New York office of Sedgwick LLP (formerly Sedgwick, Detert, Moran & Arnold) where he was the Founding Co-Chair of the E-Discovery, Compliance and Data Management and HIPAA Practice Groups.

Industry Experience:

Art, Fashion, Beauty, and Design
Banking and Finance
Finance
Healthcare
Media and Publishing
Real Estate
Technology

Honors:

Selected to Super Lawyers, 2018 to present
Team In Training, Leukemia and Lymphoma Society, Boston Marathon 2014
Past Member, Charter Revision Commission, South Orange, New Jersey

Memberships:

American Bar Association: Policy and Government Affairs Officer of the International Section
International Association of Privacy Professionals

Education:

J.D., Hofstra University School of Law
B.A., State University of New York at New Paltz, summa cum laude

Admissions:

New York State
U.S. District Courts: Southern, Eastern, Northern and Western Districts of New York
U.S. Court of Appeals, Second Circuit

Practices:

Cybersecurity, Data Privacy, GDPR Compliance
Regulatory Investigations and Enforcement
White Collar Defense

Presentations:

“Pandemics and Logistics – Meeting the International Supply Chain Challenges of the COVID-19 Crisis.” American Bar Association Section of International Law. Webinar. (April 21, 2020).
“GDPR & CCPA Are Fueling High Demand for On-Point RegTech Solutions.” Thomson Reuters Panel, LegalWeek 2020. New York, New York. (February 4, 2020).
“Real Estate Owners, Developers and Operators: Is Your Tenant and Property Information Secure?” EisnerAmper Seminar. New York, New York. (June 19, 2019).
“Business in 2019 is Global and the Only Constant is Change: The Legal & Regulatory Landscape of Transactions Across Borders.” DiscoverBetterLaw Seminar. New York, New York. (June 10, 2019).
“A Resilient Privacy Program in Today’s Climate.” Crowe Risk Consulting Group New Jersey Roundtable. Upper Montclair, New Jersey. (May 8, 2019).
“21st Century Business Technologies and Legal Guidance to Facilitate Them: Blockchain, Smart Contracts, Artificial Intelligence and Machine Learning.” 2019 Primerus International Convocation. Miami, Florida. (May 3, 2019).
Section Council Policy Deliberations. ABA International Section Annual Meeting. Washington, D.C. (April 8-11, 2019).
“Connecting Bridges and Borders: Company Collaboration in Today’s Competitive Market” Conference. Budapest, Hungary. (October 16, 2018).
“General Data Protection Regulation: A Corporate Counsel’s Guide to Advising their Clients on GDPR.” Global Cyber Institute Webinar. (June 8, 2018).
“Don’t Stop at HIPAA.” Esentire Webinar. May 31, 2018).
“GDPR: A European Privacy Conundrum or a Business Opportunity for US Companies?” Clear Law Institute Webinar Series. (January 8, 2018).
“Cybersecurity Regulations for Financial Services.” Investment Adviser Association Webinar Series. (April 20, 2017).
“Cybersecurity 2.0: What Can Boards Do Besides Lose Sleep?” National Association of Corporate Directors, New Jersey Chapter. (February 2017).
“Managing Information Risk in an Evolving Regulatory World.” Legal Tech New York. (February 2017).
“Episode 9: Pokemon Sun and Moon Leaks.” Fordham Intellectual Property, Media & Entertainment Law Journal Podcast. (November 2016).
“Technology and the Law: Adapting and Providing Value, a Conversation with Kenneth Rashbaum.” Legal Marketing Studio Podcast. (October 31, 2016).
“Defending and Enhancing Operational Integrity in Today’s Cybersecurity Landscape.” Minolta Konica All Covered Cybersecurity Program. Microsoft Event Center, New York, NY. (October 26, 2016).
“Complex Litigation Of Cyber Security Issues.” NJICLE Cyber Security Law Conference. New Brunswick, NJ. (June 14, 2016).
“Advanced Cybersecurity Law.” Pennsylvania Bar Institute. Philadelphia, PA. (June 1, 2016).
“Cross-Border Discovery and Information Management Times Are A-Changing.” Ing3nious Southeast eDiscovery and Information Governance Retreat. Atlanta, GA. (May 22-23 2016).
“Managing Vendor and Business Partner Cybersecurity Risks and Liabilities” Clear Law Institute. Philadelphia, PA. (April 26, 2016).
“What Happened to the US/EU Safe Harbor? The Tension Between Privacy and Business Efficiency for Multinational Companies.” LegalTech 2016. (February 4, 2016).
“Game Changer: Effects of the EU Safe Harbor Decision.” LegalTech 2016. (February 3, 2016).
“Cyber Security and Social Security.” New Jersey Society of CPAs. (January 7, 2016).
“Cyber Security in Health Law: Protecting Patients and Providers.” New York Law Journal Webinar. (October 20, 2015).
“Cyber Fraud: Fight Back!” REBNY. New York, NY. (April 23, 2015).
“eDiscovery Speaker Series: Responding to Government Investigations.” Driven Inc. Speaker Series. New York, NY. (April 22, 2015).
“Department Store Issues.” Federal Bar Association’s Fashion Law Conference. New York, NY. (March 20, 2015).
“Aligning the Values and Costs of Litigation Services.” Managing Litigation as a Business. Houston, TX. (February 18, 2015).
“The New Normal: Revisiting the Transatlantic Relationship.” International Bar Association Conference. New York, NY. (January 29, 2015).
“Ethics Challenges in Management of IP Litigation.” Managing Litigation as a Business. Phoenix, AZ. (January 22, 2015).
“Lock Out Cyber Crime: A Cybersecurity Workshop.” Barton LLP and CSA2. New York, NY. (January 13, 2015).
“Exploring the Security of the Internet of Things: Trust Comes First.” Internet of Things Innovation Summit. CLSA. New York, NY. (December 12, 2014).
“Do You Know Where Your Data Is: A Cybersecurity Workshop.” Barton LLP and CSA2. New York, NY. (December 8, 2014).
“Healthcare Regulatory and Litigation Readiness.” RVM Education Center. New York, NY. (September 18, 2014).
“HIPAA & Secure Information Governance – Myths, Realities & Practical Solutions.” Webinar. (September 2014).
“Knowledge Group: Cyber Insurance – What You Need to Know in 2014.” Webinar. (July 2014).
“Do the Right Thing in Cyber-Space: Ethics in the Digital Age.” Chicago Bar Association. Chicago, IL. (September 2013).
“Cyber-Security: Legal Obligations, Precautions and Best Practices.” ABA Section of International Law-Israel Bar Association Joint Conference. Eilat, Israel. (May 2013).
“First Do No Harm: Preserving and Admitting Foreign ESI.” Georgetown Advanced e-Discovery Institute. (December 2012).
“Silicon Alley South: Cyber-Compliance and Risk Management For the Burgeoning Technology Sector in South and Central America.” American Bar Association Section of International Law, Fall Meeting. (October 2012).
“Where Are Your Data Tonight? Social Media and Economic Espionage.” American Bar Association Section of International Law, Spring Meeting. (April 2012).
“Privilege In Electronic Communications.” New York City Bar Association. (February 2012).
“Customs Stations On The Life Sciences Information Highway: Trans-Border Privacy and Data Protection.” New York State Bar Association-Ontario Bar Association Meeting. Toronto, Ontario. (March 2012).
“The Crossroads of Incident Response Planning and Data Breach Notification Obligations.” Master’s Conference. Washington, D.C. (October 2011).
“A Perfect (Electrical) Storm: The Electronic Health Record in Litigation and Oversight Proceedings.” AHRM-NY. (December 2010).

In the Media:

Quoted in “Any Discrepancy in ED Chart Hurts All Med/Mal Defendants.” ED Legal Letter. (February 2020).
“Information Security In The Real Estate Environment.” Mondaq.com. (July 1, 2019).
Quoted in “New York State Is Pushing ‘One of the Strictest’ Privacy Bills in the Nation.” Gizmodo.com. (June 4, 2019).
Quoted in “New York Could Soon Pass Its Own GDPR-Inspired Data Security Law.” CyberScoop. (May 29, 2019).
Quoted in “The GDPR Revolution – What Smart Companies Should Be Doing To Get Ready.” Forbes.com. (May 23, 2018).
Quoted in “Does GDPR Matter if You’re Based in the U.S.?” Brink, a Marsh Publication. (May 22, 2018).
Quoted in “Did EP Override Safety Prompt for No Apparent Reason? It’s a Hurdle for Defense.” ED Legal Letter. (March 2018).
Quoted in “Uber Likely to Face a Barrage of State Legal Action After Breach.” The Wall Street Journal. (December 1, 2017).
Quoted in “FINRA Penalties Show Growing Regulatory Focus on Cyber.” Wall Street Journal Pro. (February 6, 2017).
Quoted in “What Happens When an OSJ Doesn’t Safeguard the Cloud?” Financial Planning. (November 16, 2016).
Quoted in “Common registration practices cause big problems with HIPAA.” Hospital Access Management. Volume 35, No. 3. (March 2016).
Quoted in “Apple Might Be Forced To Reveal & Share iPhone Unlocking Code Widely.” Techdirt. (March 9, 2016).
Quoted in “Experts Weigh in on the Shifting EU U.S. Data Transfer Paradigm.” Legaltech News. (February 5, 2016).
Quoted in “Privacy Shield is here, now orgs., lawmakers must take action.” SC Magazine. (February 4, 2016).
Quoted in “Data breach, class action lawsuit prompt Georgia IT policy review.” Statescoop. (November 25, 2015).
Quoted in “Safe Harbor Ruling May Hamper US Law Enforcement Overseas.” The Hill. (October 11, 2015).
“U.S. Legal Holds Across Borders: A Legal Conundrum.” Cited in U.S. District Court decision of Lunkednheimer Co. v. Tyco Flow Control Pac. Party Ltd. 2015, Footnote 19. (February 12, 2015).
“Business Cyber Security with Ken Rashbaum.” (Dave Goodwin). The Growing Entrepreneur. (October 2014).
“The Trouble with Electronic Records.” (Dan Goldberg). Capital. (August 2014).
“Facebook's Controversial Emotion Study May Raise FTC's Ire.” (Allison Grande). Law360. (July 2014).
“SEC’s The New Sheriff In Town On Cybersecurity.” (Allison Grande). Law360. (June 2014).
“Retailers Face Pitfalls In Effort To Share Cyberthreat Info.” (Allison Grande). Law360. (June 2014)

Attorney Articles:

Co-author, “Understanding Electronic Medical Records: Reliability and Integrity as Critical Components of Medical Practice Valuation, Profitability, and Compliance.” The CPA Journal. (June 2019).
“Growing Demand for Mediation of Data Breach Disputes.” Law360. (July 17, 2017).
“Shifting sands: The data breach litigation landscape in 2017.” Thomson Reuters’ Westlaw Journal. June 30, 2017.
“Cybersecurity for Law Firms: Business Imperatives Update 2017.” New York Law Journal. (March 6, 2017).
“Get Ready for More Cyber Litigation.” Today’s General Counsel. Volume 14, Number 1 (February/March 2017).
“Data Breach Litigation Wave in 2017.” Today’s General Counsel. Volume 13, Number 6. (Dec/Jan 2017).
“Foreign Acquisitions of U.S. Companies: State Cybersecurity and Privacy Laws Expand the Scope of Due Diligence by a Geometric Factor.” Co-Authored with George H. Wang, Partner, Barton LLP. Lexis Practice Advisor® & Law 360. (October 2016).
“Cyber Security Counsel For The Board: Good Business And Self-Protection.” Financier Worldwide Magazine. (June 2016).
“The Law Requires It, But Customers Demand It: Cybersecurity and Privacy are Good Business.” Financier Worldwide. (April 2016).
“European Court of Justice rules U.S. – EU ‘safe harbor program’ invalid.” Westlaw Journal Computer and Internet. Volume 33, Issues 11. (November 6, 2015).
“Litigation Wave Coming: Cybersecurity Breaches Are the Trigger.” Today’s General Counsel. Volume 12, Number 4. (August 2015).
“Cybersecurity Risks to CPA Firms.” (Yigal Rechtman, CPA – co-author). CPA Journal. (May 2015).
“Data breaches: Response and risk-mitigation requirements.” Westlaw Journal Computer and Internet. Vol. 32, Issue 24 (May 7, 2015).
“HIPAA Security Rule – Demystified.” (Yigal Rechtman, CPA – co-author). CPA Journal. (April 2015).
“Close the Side Doors to Hackers: Assess Supply Chain and Vendor Cyber Security Safeguards to Protect Your Business.” (Art Krulish, co-author). Fashion Mannuscript. (April 2015).
“Net Neutrality Vote Introduces A New Player In The Privacy Game: The FCC.” Thomson Reuters Legal Solutions Blog. (March 19, 2015).
“Cybersecurity: Business Imperative for Law Firms.” (Liberty McAteer and Jason Tenenbaum, co-authors). New York Law Journal. Vol. 252, Issue No. 111, (December 10, 2014).
“Outrun the Lions: A Practical Framework for Analysis of Legal Issues in the Evolution of Cloud Computing.” (Borden, Bennett B. and Beaumont, Theresa H., co-authors). Ave Maria Law Review. 12 Ave Maria L. Rev. 71 (2014).
“The Cloud and the Small Law Firm: Business, Ethics and Privilege Considerations: A Report of the Small Law Firm Committee of the New York City Bar.” (Ashwini Jayaratnam, David Caplan, Tudor Capusan and William Aronin, co-authors). New York City Bar Association. (October, 2013).
“Trial Practice Management” chapter, eDiscovery for Corporate Counsel.” (Hon, Paul W. Grimm, USDJ (D-Md.) and Jason M. Tenenbaum, co-authors). Thomson Reuters West. (2013).
“Admissibility of Non-U.S. Electronic Evidence.” (Knouff, Matthew F. and Murray, Dominique, co-authors). Richmond Journal of Law and Technology, VXIII Rich. J. L. & Tech 10. (2012).
“U.S. Legal Holds Across Borders: A Legal Conundrum?” (Knouff, Matthew F. and Albert, Melinda C., co-authors). North Carolina Journal of Law and Technology. Vol. 13, Issue 1, (Fall 2011).
“EHR Templates: Time Savers Or Patient Safety Risk?” Medical Economics. (October 2011).
“Managing the Unmanageable: E-Discovery and Electronic Health Information.” American Bar Association EDDE Journal. Vol. 1, Issue 4, (Autumn, 2010).
“The Sedona Framework For Analysis of Cross-Border Discovery Conflicts: A Practical Guide To Navigating The Competing Currents Of International Data Privacy And Discovery.” The Sedona Conference®. Working Group 6 (Co-Editor-In-Chief). (August 2008)

Practice Areas

Alternative Dispute Resolution Law

Computers and Software Law

Health Care Law

Health Care Compliance Law

Health Insurance Portability and Accountability Act (HIPAA) Law

Litigation

Trial Practice Law

Privacy Law

Social Media Law

Cybersecurity and Data Protection

Kenneth N. Rashbaum

Kenneth N. Rashbaum

Barton LLP