F Paul Greene

August 26, 2024 | New York Law Journal

Paul Greene, partner at Harter Secrest & Emery, discusses the risks inherent in website tracking, including use of tracking pixels, cookies, and other tracking tools, viewed against the backdrop of recent regulatory developments, including the new NYAG guidance.

By F. Paul Greene

8 minute read

February 06, 2024 | New York Law Journal

A recent enforcement trend shows risks of concurrent jurisdiction under HIPAA and beyond.

By F. Paul Greene

8 minute read

June 28, 2023 | New York Law Journal

A discussion of AI strategy in light of developing technologies and regulation including an overview of current legal restrictions in relation to AI; the developing body of guidance on the issue and common-sense considerations that will help organizations draft a rational and defensible AI strategy.

By F. Paul Greene

8 minute read

March 01, 2023 | New York Law Journal

With all the focus on artificial intelligence lately, this article provides a deep dive into incident response preparation and the importance of developing actual intelligence (of actual humans!). Conducting regular table-top drills can help to expand the knowledge of incident responders and strengthen the company's incident response.

By Daniel J. Altieri and F. Paul Greene

8 minute read

June 28, 2021 | New York Law Journal

In the 2021 session, the New York legislature considered no fewer than four major data protection proposals.

By F. Paul Greene

8 minute read

March 31, 2020 | New York Law Journal

A hallmark of U.S. administrative law is that policy decisions are made by the Legislature, with gaps filled in via regulation. Administrative agencies are given discretion and courts show special deference to an agency's area of expertise. In the arena of data protection, this separation of powers is being put to the test and causing confusion for businesses seeking to comply with data protection duties.

By F. Paul Greene

8 minute read

November 25, 2019 | New York Law Journal

It has always been a "happy incident" of our federal system that a "courageous State" may "try novel social and economic experiments without risk to the rest of the country." In relation to data protection laws, however, this has led to an unintended and potentially unworkable level of complexity on the national level.

By F. Paul Greene

8 minute read

July 26, 2019 | New York Law Journal

New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.

By F. Paul Greene

8 minute read

August 03, 2018 | New York Law Journal

The 11th Circuit found the order fatally lacking in detail, noting that it effectively left it up to the District Court to determine whether LabMD's activities to secure patient data for the next 20 years were “reasonable.”

By F. Paul Greene and Daniel J. Altieri

1 minute read

April 12, 2018 | FC&S Insurance

The cybersecurity regulations from the New York State Department of Financial Services (DFS) that went into effect on March 1, 2017 have had wide-reaching…

By F. Paul Greene

7 minute read