Tuesday, January 1, 2019

Experienced business attorney K. Todd Wallace comments on recent trend in data protection laws, including changes to Louisiana law


Experienced business attorney K. Todd Wallace comments on recent trend in data protection laws, including changes to Louisiana law.

In a legal area with increasing regulatory oversight, companies dealing with personal or sensitive information must keep up with the latest development in data protection.  Although securing customer data and ensuring compliance with protection obligations is obviously critical, another important aspect of data protection is ensuring appropriate response in case of an actual data breach.
A company’s obligations in case of data breach is now regulated by law in all 50 U.S. states and the District of Columbia.  All states and DC now have data breach notification laws on the books, requiring companies to timely notify consumers of the breach.  Furthermore, recent trends continue toward expansion of information covered by these data protection and strengthening of consumer protection.

The newly enacted General Data Protection Regulation (“GDPR”) in Europe is a major development in the field of data protection.  GDPR is one of the most expansive data protection laws in the world.  With the passage of GDPR and increasing public concern over data protection, many U.S. states are now strengthening their own data protection laws.  Data protection laws in California and Vermont are some of the most stringent in the country.  Furthermore, multiple states have amended their data protection laws in 2018, mostly expanding the scope of protected information and clarifying or adding obligations in case of a breach.

For example, Louisiana is one on the states that has amended its laws in 2018 to provide stronger protections.  Act 382 strengthens protection for consumers with personal information in commercial database.  The Act expands the scope of covered information to biometric data, such as fingerprints, voiceprints, retina scan, iris scan, and other biological identifying characteristics.  The Act also requires prompt notice of a breach.  If a database containing such information is breached, the company managing the database must notify the relevant authorities within 60 days.

Act 382 also has a rather wide scope of coverage.  Not only does the act cover companies that conduct business in Louisiana, it also covers entities that license or own computerized data of personal information of Louisiana residents.  Such “Subject Entities” must implement reasonable security procedures and measures to guard against breaches, destruction, use, modification, and disclosure.  Subject Entities must also ensure that personal information is destroyed in a sufficient manner to make the information unreadable or undecipherable.  These changes mean that businesses that fall under the scope of the law must take care to ensure that their data protection practices meet the law’s requirements and that they have a plan in place in case of any breach of personal information.

About K Todd Wallace

K Todd Wallace is an attorney and founding partner of the law firm Wallace Meyaski LLC. He has nearly 20 years of experience in the legal and business professions with established excellence in trial advocacy, negotiation, strategic and initiative planning, employment law compliance, government relations, mergers and acquisitions, and team building.

Website: https://ktoddwallace.com/
Law Firm Website: http://www.walmey.com/our-attorneys/k-todd-wallace/
Twitter: www.twitter.com - Todd Wallace@tarheeltodd94
News: https://hype.news/k-todd-wallace-attorney-in-new-orleans-louisiana-usa/
News: https://attorneygazette.com/kenneth-todd-wallace
Blog at: https://ktoddwallaceblog.blogspot.com/

*** K. Todd Wallace is an attorney at Wallace Meyaski in New Orleans. He has nearly 20 years of experience in the legal and business professions with established excellence in trial advocacy, negotiation, strategic and initiative planning, government relations, mergers and acquisitions, and team building. See http://www.walmey.com/our-attorneys/k-todd-wallace/

Antitrust attorney K. Todd Wallace comments on a recent anti-steering case settlement between Atrium Health and the U.S. Department of Justice


Veteran antitrust attorney K. Todd Wallace comments on a recent anti-steering case settlement between Atrium Health and the U.S. Department of Justice

The U.S. Department of Justice announced that it has reached a settlement with Atrium Health, submitting a proposed settlement for court approval in a case that has been ongoing since 2016.  At issue in the case was Atrium Health’s use of anti-steering provision in its contracts with health insurance companies.  As explained by the DOJ in its press release announcing the settlement, “[t]he Department alleged that Atrium, the dominant hospital system in the Charlotte area, used its market power to restrict health insurers from encouraging consumers to choose healthcare providers that offer better overall value. The restrictions also constrained insurers from providing consumers and employers with information regarding the cost and quality of alternative health benefit plans.”  If approved, the settlement would enjoin Atrium Health from seeking to enforce the anti-steering provision against health insurers and also prohibit including such provision in its contract with insurers in the future.

The settlement represents an interesting development in light of the recent U.S. Supreme Court decision in Ohio v. American Express.  In the American Express case, the Supreme Court held that anti-steering provision in a two sided-market must be evaluated as a whole.  Many legal scholars saw this development as potentially having significant effect on the analysis of how other multiparty-market antitrust cases would be evaluated, such as those involving the health insurance industry.
Interestingly, Second Circuit’s decision in the American Express case, which applied the same reasoning later upheld by the Supreme Court, was the basis for Atrium Health’s supplemental arguments in its 12(c) Motion for Judgment on the Pleadings.  In their opposition, the DOJ argued that American Express was wrongly decided by the Second Circuit, a position that would ultimately be rejected by the Supreme Court.  But more importantly, the DOJ argued that the anti-steering provision at issue harms both the patients and insurers.  The DOJ argued in their opposition briefing that “Plaintiffs also have alleged actual anticompetitive effects on price and output for patients and the insurers who pay for their health care. In Paragraph 14 of the Complaint, Plaintiffs allege that when insurers have steered in spite of CHS’s restrictions, consumers have paid less for health care. And in Paragraph 27 of the Complaint, Plaintiffs allege that ‘[a]s a result of this reduced competition due to CHS’s steering restrictions, individuals and employers in the Charlotte area pay higher prices’ and have less product choice. These are allegations of actual ongoing harm: CHS’s steering restrictions result in Charlotte consumers paying more for health care.”

It appears that the DOJ satisfied the whole market approach as required by American Express, at least at the initial pleading stage.  Although one can only speculate as to what ultimately motivated the parties to settle, it would be reasonable to assume that the dual harm alleged by the DOJ could have played a factor the decision rather than pursue its 12(c) motion to the end.


About K Todd Wallace

K Todd Wallace is an attorney and founding partner of the law firm Wallace Meyaski LLC. He has nearly 20 years of experience in the legal and business professions with established excellence in trial advocacy, negotiation, strategic and initiative planning, employment law compliance, government relations, mergers and acquisitions, and team building.

Website: https://ktoddwallace.com/
Law Firm Website: http://www.walmey.com/our-attorneys/k-todd-wallace/
Twitter: www.twitter.com - Todd Wallace@tarheeltodd94
News: https://hype.news/k-todd-wallace-attorney-in-new-orleans-louisiana-usa/
News: https://attorneygazette.com/kenneth-todd-wallace
Blog at: https://ktoddwallaceblog.blogspot.com/

*** K. Todd Wallace is an attorney at Wallace Meyaski in New Orleans. He has nearly 20 years of experience in the legal and business professions with established excellence in trial advocacy, negotiation, strategic and initiative planning, government relations, mergers and acquisitions, and team building. See http://www.walmey.com/our-attorneys/k-todd-wallace/

Tuesday, November 27, 2018

Business Attorney K. Todd Wallace publishes article on the necessity for companies to have a data breach response plan in place


Business Attorney K. Todd Wallace publishes article on the necessity for companies to have a data breach response plan in place

              In his most recent article, experienced business litigation attorney K. Todd Wallace discusses the critical importance of companies having a data breach response plan in place.

              In a rapidly evolving field with increasing regulatory oversight, companies dealing with personal or sensitive information should be mindful of their legal obligations with respect to data protection.  While securing customer data and ensuring compliance with protection obligation is an obvious area of concern, another important aspect of data protection is having a contingency plan in place in case of an actual data breach.

              A company’s obligations in case of a data breach are now regulated by law in all 50 U.S. states and the District of Columbia.  Those laws effectively require companies to timely notify consumers of the breach.  Furthermore, recent trend continues toward expansion of information covered by these data protection and strengthening of consumer protection.  

              A major development in the field of data protection is the newly enacted General Data Protection Regulation (“GDPR”) in Europe.  While a comprehensive discussion of GDPR is beyond the scope of this article, GDPR is one of the most expansive data protection laws in the world.  With the passage of GDPR and increasing public concern over data protection, many U.S. states are now strengthening their own data protection laws.  For example, data protection laws in California and Vermont are some of the most stringent in the country.  Furthermore, multiple states have amended their data protection laws in 2018, mostly expanding the scope of protected information and clarifying or adding obligations in case of a breach.  

              These regulatory requirements regarding data breach highlight the need for companies to work diligently to create and maintain a data breach response plan.  Companies should work with an experienced attorney in the field of data protection laws to ensure that they are ready and able to deploy a rapid response in accordance with all the applicable legal requirements should the need arise.  Such planning is even more critical for multistate or international operations that may be subject to legal obligations in multiple jurisdictions.  

              Mr. Wallace notes that keeping the response plan up to date and educating management regarding the response plan are just as critical as creating one in the first place.  Because this area of the law is undergoing such rapid changes across multiple jurisdictions, Mr. Wallace stresses the importance of ensuring that there are processes in place to regularly review and update the response plan.  Any change in business operations may trigger the need for a review, such as expansion into new localities or addition of services or operations.  

The article will be published in full on the Blog of Mr. Wallace.



K Todd Wallace is an attorney and founding partner of the law firm Wallace Meyaski LLC. He has nearly 20 years of experience in the legal and business professions with established excellence in trial advocacy, negotiation, strategic and initiative planning, employment law compliance, government relations, mergers and acquisitions, and team building.  

Law Firm Website: http://www.walmey.com/
Facebook page of the Law Firm: https://www.facebook.com/WallaceMeyaski/
Facebook page of Kenneth Todd Wallace, Attorney at Law:
LinkedIn Profile of Kenneth Todd Wallace: https://www.linkedin.com/in/k-todd-wallace-03895358/
Attorney Profile:
Twitter: www.twitter.com - Todd Wallace@tarheeltodd94



*** K. Todd Wallace is an attorney at Wallace Meyaski in New Orleans. He has nearly 20 years of experience in the legal and business professions with established excellence in trial advocacy, negotiation, strategic and initiative planning, government relations, mergers and acquisitions, and team building. See http://www.walmey.com/our-attorneys/k-todd-wallace/