Heather Egan Sussman

Heather Egan Sussman

McDermott Will & Emery

Contact  |  View Bio  |  RSS

Latest Publications


Should We Hack Back?

“No,” says U.S. Assistant Attorney General Leslie R. Caldwell. At the most recent Cybersecurity Law Institute held at Georgetown University Law Center in late May, the head of the U.S. Department of Justice’s (DOJ) Criminal...more

6/5/2015 - Corporate Counsel Cyber Attacks Cyber Crimes Cybersecurity Data Breach Data Protection DOJ Hackers Popular Young Lawyers

Update on State Breach Notification Laws - May 2015

In the first few months of 2015, a number of states have introduced data breach notification bills and proposed legislative amendments designed to enhance consumer protection in response to increasingly high profile data...more

5/7/2015 - Legislative Agendas Pending Legislation Proposed Amendments Proposed Legislation

DOJ Guidance for Victims of Cybercrime: The Dos and Do Nots of Cyber Preparedness

On April 29, 2015, the Cybersecurity Unit in the Computer Crime and Intellectual Property Section (CCIPS) of the U.S. Department of Justice released a best practices document (Document) for victims of cyber incidents. The...more

5/6/2015 - Best Practices Cyber Crimes Cybersecurity DOJ

Update on State Breach Notification Laws

In the first few months of 2015, a number of states have introduced data breach notification bills and proposed legislative amendments designed to enhance consumer protection in response to increasingly high profile data...more

4/15/2015 - Breach Notification Rule Data Breach Pending Legislation Popular Proposed Legislation

Employers with Group Health Plans: Have You Notified State Regulators of the Breach?

Data security breaches affecting large segments of the U.S. population continue to dominate the news. Over the past few years, there has been considerable confusion among employers with group health plans regarding the...more

2/20/2015 - Breach Notification Rule Covered Entities Cybersecurity Data Breach Data Breach Plans Data Protection Employer Group Health Plans ERISA HIPAA Third-Party Service Provider

Secure Sockets Layer (SSL) 3.0 Encryption Declared “No Longer Acceptable” to Protect Data

On Friday, February 13, 2015, the Payment Cards Industry (PCI) Security Standards Council (Council) posted a bulletin to its website, becoming the first regulatory body to publicly pronounce that Secure Socket Layers (SSL)...more

2/18/2015 - Credit Cards Data Protection Encryption OpenSSL PCI-DSS Standard

The White House Calls for Action Where Congress Has Failed to Deliver - An In-Depth Analysis of President Obama’s January 2015...

In This Issue: - The President’s Plan for Securing Cyberspace - The President’s Plan for Safeguarding American Consumers and Families - Conclusion - Excerpt from The President’s Plan for Securing...more

2/13/2015 - Breach Notification Rule Cybersecurity Data Breach Data Protection Obama Administration Personal Data Notification and Protection Act

In with the New: 2015 Privacy, Advertising and Digital Media Predictions – Part III

Part III of our 2015 predictions series comes from Of Digital Interest editor and McDermott partner, Heather Sussman, who predicts that states will be active with privacy and data security legislation during 2015....more

1/16/2015 - Cybersecurity Data Protection Identity Theft New Legislation Pending Legislation Privacy Laws Student Privacy

Privacy and Data Protection: 2014 Year in Review

In 2014, regulators around the globe issued guidelines, legislation and penalties in an effort to enhance security and control within the ever-shifting field of privacy and data protection. The Federal Trade Commission...more

12/11/2014 - Africa Anti-Spam Legislation Canada China Cybersecurity Data Protection EU EU Data Protection Laws FTC Latin America Legislative Agendas

International News: Focus on Compliance

In This Issue - Welcome to the final issue of International News for 2014. As regulatory oversight of companies—from Sarbanes Oxley and the Dodd-Frank Act to the Foreign Corrupt Practices Act and the UK Bribery...more

12/3/2014 - Chief Compliance Officers China COMESA Compliance Disclosure Requirements Dodd-Frank EU FCPA Germany Internal Investigations Non-Compete Agreements Sarbanes-Oxley Tax Evasion UK Bribery Act

Wearable Technologies Are Here To Stay: Here’s How the Workplace Can Prepare

More than a decade ago, “dual use” devices (i.e., one device used for both work and personal reasons) began creeping into workplaces around the globe. Some employees insisted on bringing fancy new smart phones from home to...more

9/10/2014 - Bring Your Own Device Corporate Counsel Employee Rights Human Resources Professionals NLRA NLRB Technology Wearable Technology

New Data Disposal Law in Delaware Requires Action by Impacted Businesses

While the federal government continues its inaction on data security bills pending in Congress, some U.S. states have been busy at work on this issue over the summer. A new Delaware law H.B. 295, signed into law on July 1,...more

8/28/2014 - Compliance Data Protection Enforcement Enforcement Actions FCRA HIPAA Popular

Supreme Court Prohibits Warrantless Mobile Phone Searches, Underscores Individual Right to Privacy

The Supreme Court of the United States released a unanimous decision last week barring law enforcement from searching the mobile phones of individuals placed under arrest without first obtaining a search warrant or the...more

7/3/2014 - Cell Phones Evidence Fourth Amendment Law Enforcement Riley v California SCOTUS Search Warrant

Proposed Ban on Non-Competes in Massachusetts

Proposed legislation introduced by Governor Patrick to eliminate most forms of non-competition agreement in Massachusetts may be enacted before July 31, 2014. This legislation creates significant risks for employers with...more

6/2/2014 - Employment Contract Employment Policies Equity Compensation Hiring & Firing Incentive Compensation Non-Compete Agreements Proposed Legislation

The California AG’s New Guide on CalOPPA – A Summary for Privacy Pros

Last week, the California Attorney General’s Office (AGO) released a series of recommendations entitled Making Your Privacy Practices Public (Guide) designed to help companies meet the requirements of California’s Online...more

5/30/2014 - Attorney Generals CalOPPA Data Protection Data-Sharing Do Not Track Privacy Policy Third-Party

The New Normal: Big Data Comes of Age

On May 1, 2014, the White House released two reports addressing the public policy implications of the proliferation of big data. The first report is by the Executive Office of the President, entitled “Big Data: Seizing...more

5/13/2014 - Barack Obama Big Data Data Breach Data Protection ECPA Healthcare Legislative Agendas Life Sciences Privacy Laws Privacy Policy Public Policy

Have Employees In New York City? Earned Sick Time Act Requires Notice by TODAY, May 1

New York City’s Earned Sick Time Act (Act) requires all Covered Employers to provide all Covered Employees with written notice of the new law by today, May 1, 2014....more

5/1/2014 - Employee Rights Paid Leave Sick Leave

Trendy “Cybersecurity” Versus Traditional “Information Security” Two Sides of the Same Security Coin

Cybersecurity has become a dominant topic of the day. The Snowden revelations, the mega-data breaches of 2013, the pervasiveness of invisible online “tracking” and the proliferation of “ data broker” trading in personal data...more

4/24/2014 - Breach Notification Rule Cybersecurity Cybersecurity Framework Data Breach Data Protection Disclosure Requirements NIST SEC

Take Action to Stop the Bleeding: Follow These Steps

“Heartbleed” has been all over the news, and companies have been scrambling to respond. What sounds like a nasty medical condition is actually a recently discovered flaw in popular encryption software called OpenSSL. It has...more

4/15/2014 - Cybersecurity Data Breach FTC Heartbleed Internet Privacy

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

1/29/2014 - Affordable Care Act Compliance Cybersecurity Data Breach Data Protection EHR Enforcement Enforcement Actions Healthcare HIPAA Neiman Marcus Personally Identifiable Information PHI Privacy Laws Safe Harbors Target

In with the New: 2014 Privacy, Advertising and Digital Media Predictions

Data privacy and security made the headlines practically daily in 2013. Our second annual Privacy and Data Protection 2013 Year in Review topped 65 pages! What privacy, advertising and digital media trends will make...more

1/27/2014 - Advertising CalOPPA COPPA Data Breach Data Protection Digital Media FTC Media Privacy Laws Safe Harbors

To Track or Not to Track

Digital advertising based on tracking users’ interests and related privacy concerns have been the subject of many recent news articles. What does this mean for businesses? Evolving industry practices and new legislation...more

10/22/2013 - CalOPPA Do Not Track Internet Privacy Laws Privacy Policy Websites

Florida Medical Record Disclosure Law Preempted by HIPAA

The U.S. Court of Appeals for the 11th Circuit recently ruled that a Florida law requiring nursing homes to disclose patient records of deceased patients was preempted by the Health Insurance Portability and Accountability...more

5/20/2013 - Disclosure Requirements HIPAA Medical Records Nursing Homes Preemption

FTC Updates Guidelines for Making Proper Disclosures in Digital Advertising

The U.S. Federal Trade Commission (FTC) released updated guidance on how to make online advertising and marketing disclosures “clear and conspicuous” to avoid consumer deception. The guidelines affect the structure and...more


Final Rule Implementing FMLA Amendments Expands Protections for Military Families and Airline Flight Crews

The U.S. Department of Labor recently issued a final rule implementing new expanded rights for families of military members and veterans, and greater access to Family and Medical Leave Act (FMLA) leave for airline flight...more

4/11/2013 - DOL Flight Crews FMLA Military Caregiver Leave Military Service Members NDAA

28 Results
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.