Manatt Logo
Menu
  • Industries
    • Manatt Digital and Technology
    • Manatt Energy and Environment
    • Manatt Entertainment
    • Manatt Financial Services
    • Manatt Health
    • Manatt Real Estate
    • Manatt Retail and Consumer Products
  • Services
    • Business Strategy and Consulting
      • Artificial Intelligence
      • Digital and Technology Consulting
      • Digital Health
      • Education
      • Manatt Health
      • Manatt Housing Solutions
      • Manatt Real Estate Advisors
      • Manatt's Recovery Team
      • Name Image Likeness (NIL) in College Athletics
    • Corporate and Finance
      • Blockchain and Cryptocurrency
      • Cannabis and CBD
      • Capital Markets
      • Digital and Technology Transactions
      • Distressed Assets
      • Education
      • Estate Planning and Personal Representation
      • Executive Compensation and Employee Benefits
      • Financial Services Transactions
      • Fintech
      • Games and Esports
      • Global Payments
      • Health Care Transactions
      • Hospitality and Leisure
      • Impact Investing and Community Development
      • Manatt Leasing
      • Mergers and Acquisitions
      • Music
      • Name Image Likeness (NIL) in College Athletics
      • Private Equity and Buyout
      • Real Estate Transactions and Finance
      • Special Purpose Acquisition Companies (SPACs)
      • Tax
      • Venture Capital / Emerging Companies
    • Government and Regulatory
      • Advertising, Marketing and Media
      • California State Government and Regulatory Policy and Government Contracts
      • Digital Health
      • Environment
      • Federal Government Affairs and Public Policy
      • Government Litigation and Administrative Law
      • Insurance
      • Investigations, Compliance and White Collar Defense
      • Land Use
      • Los Angeles Government and Land Use
      • Manatt Energy and Environment
      • Manatt Health
      • National Advertising Division
      • New York City Government, Policy and Government Contracts
      • New York State Government, Regulatory Policy and Government Contracts
    • Litigation
      • Advertising Litigation
      • Antitrust and Competition
      • Appellate
      • Artificial Intelligence
      • Bankruptcy
      • Capabilities to Serve Clients During COVID-19
      • Class Actions
      • Consumer Protection
      • Digital Media Litigation
      • Employment and Labor
      • Entertainment Litigation
      • Environmental Litigation
      • False Claims Act
      • Financial Services Litigation and Enforcement
      • Games and Esports
      • Government Litigation and Administrative Law
      • Health Care Litigation
      • Insurance
      • Intellectual Property Protection and Enforcement
      • Investigations, Compliance and White Collar Defense
      • Music
      • National Advertising Division
      • Privacy and Data Security
      • Private Wealth and Fiduciary Disputes
      • Real Estate Litigation
      • TCPA Compliance and Class Action Defense
      • Technology and Intellectual Property Litigation
      • Trademark and Copyright Litigation
      • Unmanned Aircraft
  • People
  • Insights
    • News
    • Articles
    • Webinars
    • Podcasts
    • Events and Engagements
    • Newsletters
    • White Papers
  • Hot Topics
    • Federal Trade Commission
    • Artificial Intelligence
    • Climate Disclosure Mandates
    • No Surprises Act
    • Women's Reproductive Health
    • Long-Term Care/Long-Term Services and Supports
    • Behavioral Health
    • Drivers of Health
    • Children's Health
    • COVID-19
    • State Privacy Legislative Updates
  • About Us
    • About Manatt
    • Contact Us
    • Management
    • Diversity
    • Women's Initiative
    • Pro Bono
    • Capabilities to Serve Clients During COVID-19
    • Manatt for Entrepreneurs
    • Manatt on Health
  • Careers
  • Offices
  • Manatt on Health
  • Manatt for Entrepreneurs
  • Client Login
Manatt Logo
  • Industries
    • Manatt Digital and Technology
    • Manatt Energy and Environment
    • Manatt Entertainment
    • Manatt Financial Services
    • Manatt Health
    • Manatt Real Estate
    • Manatt Retail and Consumer Products
  • Services
    • Business Strategy and Consulting
      • Artificial Intelligence
      • Digital and Technology Consulting
      • Digital Health
      • Education
      • Manatt Health
      • Manatt Housing Solutions
      • Manatt Real Estate Advisors
      • Manatt's Recovery Team
      • Name Image Likeness (NIL) in College Athletics
    • Corporate and Finance
      • Blockchain and Cryptocurrency
      • Cannabis and CBD
      • Capital Markets
      • Digital and Technology Transactions
      • Distressed Assets
      • Education
      • Estate Planning and Personal Representation
      • Executive Compensation and Employee Benefits
      • Financial Services Transactions
      • Fintech
      • Games and Esports
      • Global Payments
      • Health Care Transactions
      • Hospitality and Leisure
      • Impact Investing and Community Development
      • Manatt Leasing
      • Mergers and Acquisitions
      • Music
      • Name Image Likeness (NIL) in College Athletics
      • Private Equity and Buyout
      • Real Estate Transactions and Finance
      • Special Purpose Acquisition Companies (SPACs)
      • Tax
      • Venture Capital / Emerging Companies
    • Government and Regulatory
      • Advertising, Marketing and Media
      • California State Government and Regulatory Policy and Government Contracts
      • Digital Health
      • Environment
      • Federal Government Affairs and Public Policy
      • Government Litigation and Administrative Law
      • Insurance
      • Investigations, Compliance and White Collar Defense
      • Land Use
      • Los Angeles Government and Land Use
      • Manatt Energy and Environment
      • Manatt Health
      • National Advertising Division
      • New York City Government, Policy and Government Contracts
      • New York State Government, Regulatory Policy and Government Contracts
    • Litigation
      • Advertising Litigation
      • Antitrust and Competition
      • Appellate
      • Artificial Intelligence
      • Bankruptcy
      • Capabilities to Serve Clients During COVID-19
      • Class Actions
      • Consumer Protection
      • Digital Media Litigation
      • Employment and Labor
      • Entertainment Litigation
      • Environmental Litigation
      • False Claims Act
      • Financial Services Litigation and Enforcement
      • Games and Esports
      • Government Litigation and Administrative Law
      • Health Care Litigation
      • Insurance
      • Intellectual Property Protection and Enforcement
      • Investigations, Compliance and White Collar Defense
      • Music
      • National Advertising Division
      • Privacy and Data Security
      • Private Wealth and Fiduciary Disputes
      • Real Estate Litigation
      • TCPA Compliance and Class Action Defense
      • Technology and Intellectual Property Litigation
      • Trademark and Copyright Litigation
      • Unmanned Aircraft
  • People
  • Insights
    • News
    • Articles
    • Webinars
    • Podcasts
    • Events and Engagements
    • Newsletters
    • White Papers
  • Hot Topics
    • Federal Trade Commission
    • Artificial Intelligence
    • Climate Disclosure Mandates
    • No Surprises Act
    • Women's Reproductive Health
    • Long-Term Care/Long-Term Services and Supports
    • Behavioral Health
    • Drivers of Health
    • Children's Health
    • COVID-19
    • State Privacy Legislative Updates
  • About Us
    • About Manatt
    • Contact Us
    • Management
    • Diversity
    • Women's Initiative
    • Pro Bono
    • Capabilities to Serve Clients During COVID-19
    • Manatt for Entrepreneurs
    • Manatt on Health
  • Careers
  • Offices
  • Manatt on Health
  • Manatt for Entrepreneurs
  • Client Login
  • Home
  • People
  • Scott T. Lashway
Language:
  • English
    • English
    • Spanish
    • Portuguese
Share:

Scott T. Lashway

Partner

Privacy and Data Security
Contact
  • slashway@manatt.com
  • Phone: 617.646.1401
  • Download vCard
  • Boston
Bar Admissions
  • Massachusetts

    New York

    Washington, D.C.

Education
  • Boston College Law School, J.D.

    Dickinson College, B.A.

Services
  • Blockchain and Cryptocurrency
  • Education
  • Financial Services Litigation and Enforcement
  • Insurance
  • Investigations, Compliance and White Collar Defense
  • Litigation
  • Manatt for Entrepreneurs
  • Privacy and Data Security
Industries
  • Artificial Intelligence
  • Games and Esports
  • Manatt Digital and Technology
  • Metaverse

Show Full Bio

  • Profile
  • Experience
  • Speaking Engagements
  • Honors & Awards
  • Memberships
  • Publications
Profile

Profile

Scott Lashway is a recognized disputes attorney and advisor and the coleader of Manatt’s privacy and cybersecurity practice. Scott has established himself as one of the nation’s leading advisors in cybersecurity, data privacy, data management, and technology development and use (including artificial intelligence (AI)), and he spends a significant part of his practice as go-to counsel for significant disputes, corporate crises and investigations. Scott founded and opened Manatt’s Boston office, which he leads. 

Focusing much of his practice on the intersections of law, corporate data and technology, Scott advises clients across a variety of industries by deftly guiding them through proactive advisory work and product development, cybersecurity incident response and breach investigations, complex business and class action litigation, and government investigations and enforcement actions. His work on cybersecurity and privacy matters dates back two decades and includes data and intellectual property (IP) theft and misappropriation, unauthorized access and acquisition, and misuse; hacking, ransomware and cyberextortion; and technology disruptions. Scott advises clients on the rapid evolution of data governance, collection and technology development, including AI development and implementation.

Scott is recognized for his depth of knowledge and client service by various publications. One client noted this year, “Scott Lashway is a standout in many ways. His client service skills are the best in the business. He’s always responsive and meets our timelines, even when we have last-minute requests and escalated deadlines. He is incredibly knowledgeable and is able to see the big-picture legal risks that might otherwise require multiple attorneys in a variety of disciplines.”— Legal 500 Cyber Law (including Data Privacy and Data Protection). Scott is ranked in Chambers, is identified as a leading cybersecurity incident response attorney globally by the Incident Response Forum, is recognized as a Client Service All-Star by BTI Consulting and is identified as one of the 500 “Leading Litigators in America” by Lawdragon.

While Scott represents clients in a wide range of industries, he focuses significantly on the health care, financial services, technology and media/adtech sectors. For years, Scott has advised clients at the forefront of technology implementation and development as well as new data uses, which uniquely qualifies him to navigate complex and unprecedented data and privacy issues in AI and related technology development. Scott’s greatest accomplishments for his clients are those that avoid headlines and are rarely—if ever—heard of.
Examples of Scott’s representations include:

  • Advising various clients on federal and various state wiretapping statutes related to website pixels, cookies, tracking technologies and chatbots—for example, defending a healthtech provider in federal court litigation regarding alleged wiretapping violations through the deployment of social media pixels on its website, defending a national retailer in litigation regarding alleged wiretapping violations involving the deployment of a leading chatbot on its website, and advising health care companies on complying with recent U.S. Department of Health and Human Services guidance as to the application of the Health Insurance Portability and Accountability Act’s (HIPAA) Privacy Rule to website tracking technology.
  • Serving as lead counsel for a leading children’s hospital and successfully defended allegations in a purported class action alleging patient data was inappropriately accessed in violation of privacy and security disclosures. The case pursued a novel legal theory that a HIPAA Privacy Notice served as a contractual basis to pursue actual and implied breaches of contract, which the court summarily rejected after significant oral argument.
  • Serving as lead counsel for a global financial institution and asset manager in breach of contract and fraud litigation involving more than ten consolidated actions over a significant asset.
  • Representing a health care analytics company and business associate in investigating and responding to a reported security compromise and reported breach by a vendor (business associate subcontractor).
  • Representing a global data and technology company in a Delaware Chancery Court action brought by a competitor related to data quality and integrity.
  • Representing a global data and technology company in an investigation of, and an incident response to, simultaneous intrusions by multiple nation-state attackers and numerous financially motivated threat actors.
  • Representing a global pharmacy chain in litigation defending allegations related to alleged Telephone Consumer Protection Act violations.
  • For a surgical and medical facility, obtaining dismissal of a purported class action in an issue of first impression in the U.S. Court of Appeals for the Eleventh Circuit concerning Article III standing requirements to plead harm, brought against a health care facility alleging that patient data had been accessed, stolen and posted on the Internet by a well-known threat actor.
  • Leading a team representing a global biotechnology company involved in the strategic development of therapeutics in investigating and defending against a cyberattack by a highly sophisticated, well-resourced threat actor. This matter involved close interaction with various U.S. agencies and law enforcement.
  • Representing a startup multimedia company with an international following against allegations involving data theft and raiding in a state court litigation and proactively pursued claims concerning cyber espionage against former executives and employees.
  • Representing a leading publisher of legal, business and regulatory information as a plaintiff in federal court alleging the unauthorized taking of millions of dollars of protected data scraped through an online portal using a bot, or “data scraper.”
  • On behalf of a global risk intelligence company, obtaining dismissal on matters of first impression of a purported class action alleging violation of state law regarding the alleged display of consumers’ Social Security numbers. Obtaining appellate victories upholding dismissal up to the state’s highest court and establishing jurisdiction of a purported class action in the state’s complex business session.
  • On behalf of a multichannel media company, securing a defense verdict on all counts after a two-week federal court bench trial involving allegations of violations of IP rights and Massachusetts’ consumer protection laws.
  • For a global retail chain, conducting an internal investigation and cyber incident response involving concerns of credit card theft spanning four continents.

Having drafted his first privacy policy in 2001, and having handled his first data-focused investigation in 2002, Scott has advised clients on hundreds of proactive and reactive matters involving U.S. and international privacy and security laws and obligations (civil and criminal), including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA); state privacy laws; HIPAA and state law equivalents; the Biometric Information Privacy Act (BIPA); the New York State Department of Financial Services’ (NYDFS) cybersecurity regulations and the Shield Act; the Computer Fraud and Abuse Act, the Stored Communications Act and state law equivalents (including wiretap statutes); Securities and Exchange Commission and Financial Industry Regulatory Authority (FINRA) security and privacy laws, guidance and obligations; the Gramm-Leach-Bliley Act; the Federal Risk and Authorization Management Program; and state consumer protection statutes, including Massachusetts’ Chapter 93A; as well as compliance with the National Institute of Standards and Technology, SOC 2, ISO, HITRUST and other security frameworks.

Scott routinely counsels industry groups and leading industry participants on data privacy and security trends, serves as a sounding board to many, and has served as a member of Law360’s Cybersecurity & Privacy Editorial Advisory Board and as a member of the advisory council of the New England Legal Foundation. He also volunteers as an advisory member for the Boston Symphony Orchestra. Earlier in his career, Scott worked as senior in-house counsel and head of investigations for a Fortune 100 global financial services company.

Experience

Experience

Cybersecurity, Data Privacy and Technology-Focused Matters

Scott is the co-leader of Manatt’s global privacy and cybersecurity practice. He routinely counsels companies on the full spectrum of cybersecurity and data privacy matters, from proactive preparedness and compliance to reactive investigations, incident responses, breaches, regulatory enforcement matters and litigation, including class actions and business-to-business disputes. In connection with this practice, Scott conducts internal investigations for companies in a wide variety of industries into matters involving unauthorized access of systems and acquisition of data; violations of data security laws and regulations; the theft or misuse of data, intellectual property (including trade secrets), and confidential and proprietary business information; and the theft of or damage to critical electronic infrastructure.

Scott’s representative matters include:

  • A cloud e-commerce platform company, in responding to multiple cybersecurity incidents involving the alleged theft and misuse of credit card data as well as a privacy class action filed in Delaware.
  • A leading biotechnology and therapeutics company, in responding to reports of hacking of its patient technology, requiring investigation and reporting to the FDA.
  • A Big 4 accounting firm on various security and privacy matters.
  • A health information cloud provider in investigating and remediating a ransomware attack that encrypted thousands of patient records.
  • A global health care company in connection with a material joint venture with a pharmaceutical company in developing a privacy and security framework to comply with laws from 50+ jurisdictions.
  • An adtech company in connection with the collection, processing and transfer of data across dozens of global jurisdictions, including data transfers into and out of the U.S.
  • A real estate and proptech industry group and its global members on implications of the California Consumer Privacy Act (CCPA) through various white papers and industry presentations and in presenting comments to the CCPA regulations.
  • A global restaurant chain in conducting an internal investigation and incident response involving concerns of credit card theft involving millions of cards potentially being exposed.
  • Individuals accused in a federal court action of violations of the Computer Fraud and Abuse Act and the Stored Communications Act in connection with an alleged scheme to clone a state-owned petrochemical company’s electronic infrastructure.
  • A global financial services company with counselling on the redesign and rebuild of its digital forensics and cybersecurity functions to improve the company’s efficiency and efficacy in responding to disputes, investigations and compliance risks.
  • One of the world’s largest technology companies in developing and drafting data privacy and security addendums focused on hardware and software to reflect new privacy obligations and potential security-related liability.
  • An e-gaming company in connection with global cybersecurity and privacy risks and obligations in a potential transaction.
  • A defense contractor in containing and remediating a ransomware attack impacting the company’s production and assembly operations, and reporting the same pursuant to federal defense contractor obligations.
  • A professional services firm in investigating a business email compromise across dozens of employees that compromised the data for various of the firm’s clients.

Business Litigation, Financial Institution Litigation, Class Actions and Crisis Management

Scott has a significant amount of experience defending and prosecuting bet-the-company and significant litigation on behalf of companies and their officers and directors. He has first-chair trial experience and has represented clients in state and federal courts nationwide and in various arbitration settings.

Scott’s representative matters include:

  • Secured a defense verdict, as first-chair trial counsel, for a startup media company on all counts after a two-week federal court bench trial involving allegations of violations of intellectual property rights and a Massachusetts consumer protection statute.
  • Defended a Fortune 100 life insurance company in a purported class action challenging the company’s retention of surplus profits and alleged failure to comply with Massachusetts law concerning the distribution of dividends to policyowners, with alleged damages well into the billions of dollars.
  • Represented a mutual life insurance company—and obtained a motion-to-dismiss victory—in a purported class action concerning the company’s corporate governance and members’ voting rights to elect the company’s board of directors, which presented matters of first impression under Massachusetts law and which upheld the company’s 160-year-old practice.
  • Defended a financial services company in a purported class action challenging the legality of the company’s bylaws and recent amendments thereto, which presented matters of first impression, and counseled the company and its board of directors through a second round of bylaw amendments.
  • Counseled a foreign-based asset manager and its U.S. parent on the acquisition of a Korean asset manager, and served as the company’s representative in Korea to gain approval by the Korean government’s regulators.

Internal Investigations, Government Enforcement and White Collar Defense

Scott has handled hundreds of internal investigations during his career, including during his time serving as head of investigations at a Fortune 100 global financial services company. Scott has handled civil and criminal investigations (with the assistance of white collar colleagues). He represents clients before various state and federal regulators, including the Securities and Exchange Commission (SEC), the Department of Justice (DOJ), the Financial Industry Regulatory Authority (FINRA), state attorneys general, the New York Department of Financial Services (NYDFS) and the Federal Trade Commission (FTC). As in-house counsel, Scott was responsible for the company’s anti-fraud controls and training, as well as the company’s investigation function, as an example of his breadth of experience.

Scott’s representative matters include:

  • Advising a global medical technology company in responding to multiple subpoenas from the DOJ investigating third parties’ alleged Medicare fraud schemes relating to genetic testing.
  • Advised a global company investigating the offboarding of employees suspected of “backing up the truck” to raid the company of its customer information, trade secrets and proprietary information.
  • Conducted an investigation of accounting irregularities for a startup technology company preparing for an initial public offering (IPO) or acquisition.
  • Resolved an SEC enforcement matter and other regulatory inquiries—informed by allegations of a purported Dodd-Frank Act whistleblower—related to the disclosure of certain variable annuity features on behalf of a life insurance company.
  • Represented financial service companies (including life insurance companies and broker-dealers) in response to regulatory inquiries, including by the SEC, FINRA, state regulatory authorities (including the Massachusetts Division of Securities, the Massachusetts Division of Insurance, the Massachusetts Attorney General and the NYDFS), involving alleged sales practice violations as well as product design and disclosure matters.
Speaking Engagements

Speaking Engagements

Speaker, “Fortifying the Firewall: Cybersecurity Best Practices for Law Firms and Their Clients,” ABA Litigation Section, October 31, 2023.

Speaker, “FTC’s Heightened Scrutiny of Health Apps: Increased Enforcement Activity; Proposed Health Breach Notification Rule Changes,” Strafford Webinar, August, 23, 2023.

Moderator, “Data Governance – Communication Best Practices,” Argyle Executive Forum, August 17, 2023.

Panelist, “Managing Insurance Issues Before and After a Cyber-Attack,” Incident Response Forum Masterclass 2023, April 20, 2023.

Speaker, “Privacy & Data Security—Technology, Trends and Regulations,” Argyle Cybersecurity Solutions CISO Summit, March 14, 2023.

Speaker, “Advocacy & Election Impact on Multifamily: Privacy and Cyber Regulation & Policy,” 2022 OPTECH Conference, National Multifamily Housing Council, November 3, 2022.

Speaker, “OPTECH Town Hall: Managing Your Data,” 2022 OPTECH Conference, National Multifamily Housing Council, November 3, 2022.

Keynote speaker, “Compliance Alert! – IT Legal Update for CIOs,” Argyle CIO Leadership Forum, October 25, 2022.

Keynote speaker, “Data Protection in the Workplace – Compliance Update 2022,” HR Leadership Forum: Tech Check 2022, Argyle, October 6, 2022.

Speaker, “Marketing 101 for Privacy Officers: How to Collaborate with Your Marketing Team,” IAPP Global Privacy Summit, April 12, 2022.

Speaker, “Is There a New Era for Data Privacy on the Horizon?” Executive Policy Summit, Online Lenders Alliance, April 28, 2022.

Keynote speaker, “Comply, Engage, Win – Crafting Compliant Marketing Campaigns That Build Consumer Trust,” CX/UX Leadership Forum: Building Better B2B Customer Journeys, Argyle, December 7, 2021.

Keynote speaker, “Compliance Spotlight: Protecting Your Company’s Employee Data,” HR Technology Leadership Forum: Innovation & Optimization 2021, Argyle, November 30, 2021.

Speaker, “Post-Pandemic Digital World: Platforms, Algorithms, Cybersecurity, and Justice,” Western New England University’s Virtual Symposium, October 29, 2021.

Speaker, “Privacy & Data Security—Technology, Trends and Regulations,” Argyle Cybersecurity Solutions CISO Summit, March 14, 2023.


Keynote speaker, “Got Cookies? - Control, Data Privacy and Commerce,” Martech Leadership Forum: Adapting to Technology to Supercharge CX, Argyle, July 27, 2021.

Speaker, “Key State Legislative and Regulatory Developments,” Online Lenders Alliance (OLA) Legal Issues Conference, July 21, 2021.

Speaker, “Webinars for Wise Nonprofits: Data Privacy and Security for Nonprofits: Part I (Data Privacy) and Part II (Security),” Lawyers Alliance for New York, June 16 and 24, 2021.

Speaker, LIMRA Chief Legal Counsel Forum, May 21, 2021.

Speaker, “Know Your Home Field: Health Privacy, Information Blocking and Incident Response,” New Jersey Health Information Management Association (NJHIMA), April 26, 2021.

Guest lecturer, “Interview with the Experts: Cybersecurity Litigation,” Boston College Law School, April 22, 2021.

Speaker, “Healthcare Cybersecurity: Protecting Sensitive Data, Research, and Patients while Navigating the Regulatory Landscape,” Boston College - Woods College of Advancing Studies, March 25, 2021.

Speaker, Privacy Painters, March 18, 2021.

Speaker, "Healthcare and Ransomware Attacks: Protecting Patient Information, Mitigating Privacy Risks," Strafford Publications, March 17, 2021.

Speaker, “Know Your Home Field: Health Privacy, Information Blocking and Incident Response,” New York Health Information Management Association (NYHIMA), February 10, 2021.

Quoted, “Despite confusion, AG begins privacy act enforcement,” Daily Journal, July 1, 2020.

Speaker, “Data Protection: Compliance, Risk and Information Sharing,” Boston Conference on Cyber Security, March 4, 2020.

Speaker, “Data Privacy and Security – The Implications for Your Business,” Online Lending Legal and Policy Issues Forum, LEND360, February 26, 2020.

Speaker, “Preparing for the Open and Hidden Litigation Risks of the California Consumer Privacy Act,” Association of Corporate Counsel Webinar, October 23, 2019.

Speaker, “Data Privacy: With New Regulatory Requirements. Here’s What You Need to Know Today,” National Multifamily Housing Council Annual Student Housing Conference, October 14, 2019.

Speaker, “Cybersecurity & Privacy—Fiduciary Considerations,” Conference of State Bank Supervisors, 2019 Trust Forum, October 7, 2019.

Speaker, “Privacy and Cyber Security Law Update: Preparing For The New Wave of Consumer Rights,” New England Corporate Counsel Association, October 2, 2019.

Speaker, “Are You Ready for the New Data Privacy Rules?” 2019 National Multifamily Housing Council, Fall Meeting, September 13, 2019.

Speaker, “Preparing for the Open and Hidden Litigation Risks of the CCPA,” Manatt Webinar, September 4, 2019.

Panelist, “Cybersecurity: Current Law and Trends Impacting the Insurance Industry,” American Council of Life Insurers’ Annual Legal and Compliance Conference, July 16, 2019. 

Moderator, “National Intelligence,” Boston Conference on Cyber Security 2019, March 6, 2019.

“Legal Considerations for Technology Contracts, Software Audits and Data Security Investigations,” February 12, 2019.

“Firm General Counsel Summit, Addressing Cybersecurity and Privacy Risk in Law Firms,” October 31–November 2, 2018.

“Safeguarding Data and Mitigating Cyber Risk in the Financial Services Industry,” ACA Aponix Annual Financial Services Forum, October 17, 2018.

“California Consumer Privacy Act: A U.S. Outlier or Start of a Trend?” Webinar, October 10, 2018.

“It’s Time to Get on Board With Cybersecurity: Effective Cyber Management,” Cyber Response Event, July 26, 2018.

“It’s Time to Get on Board With Cybersecurity: Effective Cyber Management,” Cyber Response Event, April 25, 2018.

“International Economic Forum of the Americas World Strategic Forum,” Mitigating Cyber Risk Roundtable, April 16–17, 2018.

“Latin America Wealth Management Roundtable,” February 28, 2018.

“Threat Actor Hunting & The Legal Context,” FireEye Cyber Defense Summit 2017, October 12, 2017.

“Building Cyber Response & Resilience,” Infosecurity North America 2017, October 5, 2017.

“Cybersecurity: The Role of Counsel, the Board and Executive Management in Assessing, Preparing for and Investigating the Risk,” International Bar Association’s Challenges for the Insurance Industry Conference, March 30–31, 2017.

“A Buyer’s Guide to Cyber Insurance,” International Bar Association’s Challenges for the Insurance Industry Conference, March 30–31, 2017.

“The Board’s Role in Cyber Risk Oversight,” National Association of Corporate Directors, November 16, 2016.

“Legal Implications of Cyber Security,” SIFMA Internal Auditors Society Annual Conference, October 26, 2016.

“Internal Investigations Conducted and Managed Internally,” American Bar Association’s Business Law Section Annual Meeting, September 8, 2016.

Panelist, “Protecting Enterprise Data Across Partners, Providers and the Planet,” Ing3nious East Coast eDiscovery & Information Governance Retreat, November 2015.

Panelist, “Cybersecurity and Information Governance: Is Your Company Prepared?” Association of Corporate Counsel, New York City Chapter, Corporate Governance Seminar, September 2015.

Panelist, “Threading the Needle: Skillfully Navigating the Ins and Outs of an Internal Investigation; Aligning People, Process and Technology to Optimize e-Discovery Management,” Consero Financial Services & Insurance Litigation Forum, May 2015.

Panelist, “National eDiscovery Leadership Institute,” University of Missouri-Kansas City School of Law, 2014.

Panelist, “Improving Client Outcomes With Discovery,” LegalTech NYC, 2013.

Panelist, “Strategically Managing Parallel Proceedings,” ALI-ABA Conference on Life Insurance Industry Class Actions & Complex Litigation, 2013.

Panelist, “Legal Developments and Strategy for Protecting Trade Secrets,” ALI-ABA Conference on Life Insurance Industry Class Actions & Complex Litigation, 2012.

Guest lecturer, “Cyber Security and Legal Risk,” Boston College’s Woods College of Advancing Studies Cybersecurity Policy & Governance Master’s Program.

Honors & Awards

Honors & Awards

Named as one of the Top-Ranked Attorneys, Chambers USA, 2023

Go-To Lawyers: Cybersecurity and Data Privacy, Massachusetts Lawyers Weekly, 2022

500 Leading Litigators in America, Lawdragon, 2022 and 2024

2022 BTI Consulting Client Service All-Star

The Best Lawyers in America, 2021–2024

Incident Response 40, Cybersecurity Docket, 2022

2020 Pro Bono Honor Roll, Massachusetts Supreme Judicial Court, November 2021

Memberships

Memberships

Admitted to practice in Massachusetts, New York and the District of Columbia

Admitted to the U.S. Court of Appeals, First Circuit; U.S. District Court for the District of Columbia; and U.S. District Court for the District of Massachusetts

New England Legal Foundation, Board Member (2015–2016) and Advisory Council (2016–present)

Boston College, Woods College of Advancing Studies, Cybersecurity and Governance Master’s Program, Advisory Council (2017–present)

Publications

Publications

Co-author, “Navigating the HIPAA Risks of Website Trackers,” Privacy and Cybersecurity Law Report, June 26, 2023.

Co-author, “Chapter 7: Telehealth and digital health privacy regulations,” Diabetes Digital Health and Telehealth, 2022.

Co-author, “Signs Inscribed on a Gate: The Impact of Van Buren v. United States on Civil Claims Under the Computer Fraud and Abuse Act,” Western New England Law Review, 2022.

Co-author, “Data — and data protection — is key to digital strategies,” Sports Business Journal, November 17, 2021.

Interviewed, “Voltron,” Data Protection Breakfast Club Podcast, June 9, 2021.

Quoted, “Tech, Health Equity Concerns for Digital Vaccine Credentialing,” PatientEngagementHIT, May 14, 2021.

Co-author, “Considerations in Machine Learning–Led Programmatic Underwriting,” Rail The Journal of Robotics, Artificial Intelligence & Law, Volume 4, No. 4, May 2021.

Quoted, “Hackers exploit system loopholes with ransomware,” Business Insurance, May 4, 2021.

Quoted, “Patient privacy laws are due for an overhaul, experts say,” Modern Healthcare, January 30, 2021.

Co-author, “Addressing The Security Risks Of University Foreign Funding,” Law360, January 19, 2021.

Quoted, “Corporate Secrets at Risk in Hack of U.S. Courts Documents,” Bloomberg Law, January 7, 2021.

Co-author, “The California Privacy Rights Act Has Passed: What’s In It?” Pratt’s Privacy & Cybersecurity Law Report, November/December 2020.

Co-author, “An Intersection Between Ransomware and U.S. National Security: OFAC Speaks,” Corporate Compliance Insights, October 8, 2020.

Quoted, “EU Top Court Leaves US Data Transfers On Shaky Ground,” Law360, July 17, 2020.

Quoted, “Coronavirus Response To Test Limits of Location Privacy,” Law360, April 1, 2020.

Co-author, “Conducting Internal Investigations During the COVID-19 Pandemic,” Law Journal Newsletters’ Business Crimes Bulletin, March 25, 2020.

Co-author, “ COVID-19: Evolving Cybersecurity Considerations for Business,” Corporate Compliance Insights, March 23, 2020.

Co-author, “6 Changes In California's New Draft Privacy Regulations,” Law360, March 2, 2020.

Quoted, “GC Cheat Sheet: The Hottest Corporate News of the Week,” Law360, February 14, 2020.

Quoted, “4 Takeaways From Calif.'s Revised Consumer Privacy Regs,” Law360, February 13, 2020.

Quoted, “CCPA Litigation Risks: How to Avoid Claims Under Other Statute,” Cybersecurity Law Report, February 5, 2020.

Co-author, “INSIGHT: Cybersecurity Attacks, Prevention Call for Attorneys, Rapid Response Teams,” Bloomberg Law, January 8, 2019.

Author, “U.S. Securities and Exchange Commission Updates Cybersecurity Disclosure Guidance,” Alert, February 22, 2018.

Author, “A Necessary Paradigm: Leveraging Legal Counsel to Mitigate Cyber Risk,” Insurance Law Committee Update of the International Bar Association Legal Practice Division, March 2017.

Author, “New York Department of Financial Services Revises Proposed Cybersecurity Rule,” Alert, January 12, 2017.

Author, “Tech Meets Legal Spotlight: Advice on Working With Information Security,” Vol. 3, No. 1, January 11, 2017.

Co-author, “The Sarbanes-Oxley Act of 2002: A Brief Summary of the New Professional Responsibility Obligations for Securities Attorneys, New Criminal Provisions, and Reforms to the Sentencing Guidelines,” ABA White Collar Crime Book, 2003.

Co-author, “The New Sentencing Guidelines for Corp. Crime,” New York Law Journal, Vol. 229, No. 20, January 30, 2003.

Author, “The Evolution of ‘Brady’ Continues,” New York Law Journal, Vol. 226, No. 10, July 16, 2001.

 

Scott in the News

  • 09.08.23

    Lawdragon Names 13 Manatt Attorneys to 2024 500 Leading Litigators in ...

    Thirteen Manatt attorneys were named to Lawdragon’s 2024 list of the 500 Leading Litigators in America, which recognizes the trial attorneys ...

  • 09.07.23

    Manatt Enhances Health Care Offerings With Former AGO Health Care ...

    Eric Gold joins rapidly growing Boston office and brings experience overseeing complex civil investigations, litigation and policy initiatives acro...

  • 08.17.23

    82 Manatt Attorneys Named to 2024 Best Lawyers Guide

    Eighty-two Manatt attorneys have been named to the 2024 edition of Best Lawyers in America, which recognizes the nation’s leading lawyers eac...

  • 06.01.23

    Manatt Receives Top Rankings in Chambers USA 2023

    Manatt has once again been ranked among the nation’s leading law firms in Chambers’ 2023 USA Guide.

Show More

Scott's Articles

  • 07.07.22

    Signs Inscribed on a Gate: The Impact of Van Buren v. United States ...

    Co-Leader of Manatt’s Privacy and Data Security practice Scott Lashway and Privacy and Data Security Special Counsel Matthew Stein ...



  • 11.17.21

    Data — and Data Protection — is Key to Digital Strategies

    Privacy and Data Security Co-leader and Partner Scott Lashway joined Manatt Digital and Technology Counsel and Director Matthew Reece in ...



  • 01.19.21

    Addressing the Security Risks of University Foreign Funding

    Manatt partners Scott Lashway and Richard Hartunian and special counsel Matthew Stein authored an article for Law360 about the security ...



  • 12.01.20

    The California Privacy Rights Act Has Passed: What’s In It?

    Co-leader of Manatt’s privacy and data security practice Scott Lashway and partner Brandon Reilly authored an article for Pratt’s ...



Show More


Scott's Newsletters

  • 08.17.23

    Is OCR Correct That Website Metadata Is Regulated by HIPAA? Chicago ...

    The plaintiff’s bar continues to bring new wiretapping claims over pixels and analytics programs in courts around the country, including ...

  • 04.11.23

    Navigating the HIPAA Risks of Website Trackers

    Covered entities are used to ensuring that many different facets of their operations comply with Health Insurance Portability and Accountability Act ...

  • 03.14.23

    Federal Wiretap Act: Illinois Court Rejects Claim Over Hospital ...

    Wiretapping claims have become the focus of the privacy plaintiff’s bar.

  • 03.03.23

    Client Alert: Illinois’s Biometric Law (BIPA) Reminds Us Again of ...

    It is not news that industries of all types rely on vendors to provide technology services, applications, and hardware.

Show More


Scott's Events and Webinars

  • 10.31.23

    Lashway to Speak on ABA Litigation Section Roundtable

    Manatt privacy and cybersecurity Partner and Co-Leader Scott Lashway will speak at the American Bar Association (ABA) Litigation Section ...



  • 09.26.23

    FTC’s Heightened Scrutiny of Health Apps: Increased Enforcement ...

    With recent events underscoring the Federal Trade Commission’s (FTC) heightened scrutiny of and enforcement efforts against health app ...



  • 08.23.23

    Lashway and Leiter to Speak on FTC’s Heightened Scrutiny of Health ...

    Privacy and Data Security Partner and Co-Leader Scott Lashway and Manatt Health Counsel Alice Leiter will speak in a webinar titled, ...



  • 08.17.23

    Lashway Moderated Argyle Executive CISO Leadership Forum Panel

    Manatt Privacy and Data Security Partner and Co-Leader Scott Lashway moderated an esteemed panel of speakers at Argyle Executive ...



Show More
manatt-black

ATTORNEY ADVERTISING

pursuant to New York DR 2-101(f)

© 2023 Manatt, Phelps & Phillips, LLP.

All rights reserved 

 

  • Services
  • People
  • Insights
  • About Us
  • Careers
  • Offices & Contacts
  • Disclaimer
  • Privacy Statement

Share This Page

Your Information
Recipient's Information