Manatt Logo
Menu
  • Industries
    • Manatt Digital and Technology
    • Manatt Energy and Environmental
    • Manatt Entertainment
    • Manatt Financial Services
    • Manatt Health
    • Manatt Real Estate
    • Manatt Retail and Consumer Products
  • Services
    • Business Strategy and Consulting
      • Digital and Technology Consulting
      • Digital Health
      • Manatt Health
      • Manatt Housing Solutions
      • Manatt Real Estate Advisors
      • Manatt's Recovery Team
      • Name Image Likeness (NIL) in College Athletics
    • Corporate and Finance
      • Blockchain and Cryptocurrency
      • Cannabis and CBD
      • Capital Markets
      • Digital and Technology Transactions
      • Distressed Assets
      • Estate Planning and Personal Representation
      • Financial Services Transactions
      • Fintech
      • Games and Esports
      • Global Payments
      • Health Care Transactions
      • Hospitality and Leisure
      • Impact Investing and Community Development
      • Manatt Leasing
      • Mergers and Acquisitions
      • Music
      • Name Image Likeness (NIL) in College Athletics
      • Private Equity and Buyout
      • Real Estate Transactions and Finance
      • Special Purpose Acquisition Companies (SPACs)
      • Tax, Employee Benefits and Executive Compensation
      • Venture Capital / Emerging Companies
    • Government and Regulatory
      • Advertising, Marketing and Media
      • California State Government and Regulatory Policy and Government Contracts
      • Environment
      • Federal Government Affairs and Public Policy
      • Government Litigation and Administrative Law
      • Insurance
      • Investigations, Compliance and White Collar Defense
      • Land Use
      • Los Angeles Government and Land Use
      • Manatt Energy and Environmental
      • Manatt Health
      • Medical Technology and Life Sciences FDA Regulation
      • New York City Government, Policy and Government Contracts
      • New York State Government, Regulatory Policy and Government Contracts
    • Litigation
      • Advertising Litigation
      • Antitrust and Competition
      • Appellate
      • Bankruptcy
      • Capabilities to Serve Clients During COVID-19
      • Class Actions
      • Consumer Protection
      • Digital Media Litigation
      • Employment and Labor
      • Entertainment Litigation
      • Environmental Litigation
      • False Claims Act
      • Financial Services Litigation and Enforcement
      • Games and Esports
      • Government Litigation and Administrative Law
      • Health Care Litigation
      • Insurance
      • Intellectual Property Protection and Enforcement
      • Investigations, Compliance and White Collar Defense
      • Music
      • Privacy and Data Security
      • Private Wealth and Fiduciary Disputes
      • Real Estate Litigation
      • TCPA Compliance and Class Action Defense
      • Technology and Intellectual Property Litigation
      • Trademark and Copyright Litigation
      • Unmanned Aircraft
  • People
  • Insights
    • News
    • Articles
    • Webinars
    • Podcasts
    • Events and Engagements
    • Newsletters
    • White Papers
  • Hot Topics
    • Reproductive Health
    • Metaverse
    • Long-Term Care/Long-Term Services and Supports
    • Behavioral Health
    • Drivers of Health
    • Children's Health
    • COVID-19
    • State Privacy Legislative Updates
    • Medicaid Managed Care
  • About Us
    • About Manatt
    • Contact Us
    • Management
    • Diversity
    • Women's Initiative
    • Pro Bono
    • Capabilities to Serve Clients During COVID-19
    • Manatt for Entrepreneurs
    • Manatt on Health
  • Client Login
  • Careers
  • Offices
  • Manatt on Health
  • Manatt for Entrepreneurs
Manatt Logo
  • Industries
    • Manatt Digital and Technology
    • Manatt Energy and Environmental
    • Manatt Entertainment
    • Manatt Financial Services
    • Manatt Health
    • Manatt Real Estate
    • Manatt Retail and Consumer Products
  • Services
    • Business Strategy and Consulting
      • Digital and Technology Consulting
      • Digital Health
      • Manatt Health
      • Manatt Housing Solutions
      • Manatt Real Estate Advisors
      • Manatt's Recovery Team
      • Name Image Likeness (NIL) in College Athletics
    • Corporate and Finance
      • Blockchain and Cryptocurrency
      • Cannabis and CBD
      • Capital Markets
      • Digital and Technology Transactions
      • Distressed Assets
      • Estate Planning and Personal Representation
      • Financial Services Transactions
      • Fintech
      • Games and Esports
      • Global Payments
      • Health Care Transactions
      • Hospitality and Leisure
      • Impact Investing and Community Development
      • Manatt Leasing
      • Mergers and Acquisitions
      • Music
      • Name Image Likeness (NIL) in College Athletics
      • Private Equity and Buyout
      • Real Estate Transactions and Finance
      • Special Purpose Acquisition Companies (SPACs)
      • Tax, Employee Benefits and Executive Compensation
      • Venture Capital / Emerging Companies
    • Government and Regulatory
      • Advertising, Marketing and Media
      • California State Government and Regulatory Policy and Government Contracts
      • Environment
      • Federal Government Affairs and Public Policy
      • Government Litigation and Administrative Law
      • Insurance
      • Investigations, Compliance and White Collar Defense
      • Land Use
      • Los Angeles Government and Land Use
      • Manatt Energy and Environmental
      • Manatt Health
      • Medical Technology and Life Sciences FDA Regulation
      • New York City Government, Policy and Government Contracts
      • New York State Government, Regulatory Policy and Government Contracts
    • Litigation
      • Advertising Litigation
      • Antitrust and Competition
      • Appellate
      • Bankruptcy
      • Capabilities to Serve Clients During COVID-19
      • Class Actions
      • Consumer Protection
      • Digital Media Litigation
      • Employment and Labor
      • Entertainment Litigation
      • Environmental Litigation
      • False Claims Act
      • Financial Services Litigation and Enforcement
      • Games and Esports
      • Government Litigation and Administrative Law
      • Health Care Litigation
      • Insurance
      • Intellectual Property Protection and Enforcement
      • Investigations, Compliance and White Collar Defense
      • Music
      • Privacy and Data Security
      • Private Wealth and Fiduciary Disputes
      • Real Estate Litigation
      • TCPA Compliance and Class Action Defense
      • Technology and Intellectual Property Litigation
      • Trademark and Copyright Litigation
      • Unmanned Aircraft
  • People
  • Insights
    • News
    • Articles
    • Webinars
    • Podcasts
    • Events and Engagements
    • Newsletters
    • White Papers
  • Hot Topics
    • Reproductive Health
    • Metaverse
    • Long-Term Care/Long-Term Services and Supports
    • Behavioral Health
    • Drivers of Health
    • Children's Health
    • COVID-19
    • State Privacy Legislative Updates
    • Medicaid Managed Care
  • About Us
    • About Manatt
    • Contact Us
    • Management
    • Diversity
    • Women's Initiative
    • Pro Bono
    • Capabilities to Serve Clients During COVID-19
    • Manatt for Entrepreneurs
    • Manatt on Health
  • Client Login
  • Careers
  • Offices
  • Manatt on Health
  • Manatt for Entrepreneurs
  • Home
  • People
  • Scott T. Lashway
Language:
  • English
    • English
    • Spanish
    • Portuguese
Share:

Scott T. Lashway

Partner

Privacy and Data Security
Contact
  • slashway@manatt.com
  • Phone: 617.646.1401
  • Download vCard
  • Boston
Bar Admissions
  • Massachusetts

    New York

    Washington, D.C.

Education
  • Boston College Law School, J.D.

    Dickinson College, B.A.

Services
  • Blockchain and Cryptocurrency
  • Financial Services Litigation and Enforcement
  • Insurance
  • Investigations, Compliance and White Collar Defense
  • Litigation
  • Manatt for Entrepreneurs
  • Privacy and Data Security
Industries
  • Games and Esports
  • Manatt Digital and Technology
  • Metaverse

Show Full Bio

  • Profile
  • Experience
  • Speaking Engagements
  • Honors & Awards
  • Memberships
  • Publications
Profile

Profile

Scott Lashway is the managing partner of Manatt’s Boston office and co-leader of Manatt’s privacy and cybersecurity practice group. He has established himself as one of the nation’s leading cybersecurity and data privacy advisors as well as a go-to counsel for significant disputes and investigations.

Focusing much of his practice on the intersections of law, corporate data and technology, Scott is well known for advising clients to anticipate and manage data governance, privacy and security risks across a variety of industries by deftly guiding them through proactive advisory work, incident response and breach investigations, litigation, and government investigations and enforcement actions. His work on cybersecurity and privacy matters dates back two decades and includes a wide variety of matters, including data and intellectual property (IP) misappropriation; unauthorized access, acquisition and misuse; hacking; and technology disruptions.

While Scott represents clients in a large range of industries, he has a significant focus on the health care, financial services and technology sectors. For years, Scott has advised clients at the forefront of technology implementation and development as well as new data uses, which uniquely qualifies Scott to navigate complex and unprecedented data and privacy issues in Web3 and the metaverse. Scott’s greatest accomplishments for his clients are those that avoid headlines and are rarely—if ever—heard of.

Examples of Scott’s representations include:

  • Representing a leading children’s hospital defending allegations in purported class action in state court alleging patient data was inappropriately accessed in violation of privacy and security disclosures.
  • For a global financial institution and asset manager, served as coordinating counsel in breach of contract litigation involving ten consolidated actions, including handling all discovery (~100 depositions) and data handling obligations for the outside counsel team.
  • Represented a global data and technology company in an investigation of, and an incident response to, simultaneous intrusions by multiple nation-state attackers and numerous financially motivated threat actors.
  • For a surgery and medical facility, obtained dismissal of a purported class action in an issue of first impression in the Eleventh Circuit, concerning Article III standing requirements to plead harm, brought against a health care facility alleging that patient data had been accessed, stolen and posted to the Internet by a well-known threat actor.
  • Led a team representing a global biotechnology company, involved in the strategic development of therapeutics, in investigating and defending against a cyberattack by a highly sophisticated, well-resourced threat actor. This matter involved close interaction with various U.S. agencies and law enforcement.
  • Represented a startup multimedia company with an international following against allegations involving data theft and raiding in a state court litigation, and proactively pursued claims concerning cyber espionage against former executives and employees.
  • Represented a leading publisher of legal, business and regulatory information as a plaintiff in federal court alleging the unauthorized taking of millions of dollars of protected data scraped through an online portal using a bot or “data scraper.”
  • On behalf of a global risk intelligence company, obtained dismissal on matters of first impression of a purported class action alleging violation of state law regarding the alleged display of consumers’ Social Security numbers, obtained appellate victories upholding dismissal up to the state’s highest court and established jurisdiction of a purported class action in the state’s complex business session as a matter of first impression.
  • On behalf of a multichannel media company, secured a defense verdict on all counts after a two-week federal court bench trial involving allegations of IP rights violations and Massachusetts’ consumer protection laws.
  • For a global retail chain, conducted an internal investigation and cyber incident response spanning four continents involving concerns of credit card theft.

Having drafted his first privacy policy in 2001 and having handled his first data destruction investigation in 2002, Scott has advised clients on hundreds of proactive and reactive matters involving U.S. and international privacy and security laws and obligations (civil and criminal), including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA); HIPAA and state law equivalents; the Biometric Information Privacy Act (BIPA); the New York State Department of Financial Services (NYDFS) cybersecurity regulations and the Shield Act; the Computer Fraud and Abuse Act, the Stored Communications Act and state law equivalents; SEC and Financial Industry Regulatory Authority (FINRA) security guidance and privacy obligations; the Gramm-Leach-Bliley Act; FedRamp and state consumer protection statutes, including Massachusetts’ Chapter 93A; and compliance with National Institute of Standards and Technology, SOC 2, HITRUST and other security frameworks.

Scott routinely counsels industry groups and leading industry participants on data privacy and security trends, serves as a sounding board to many, and is a member of Law360’s Cybersecurity & Privacy Editorial Advisory Board. Earlier in his career, Scott worked as senior in-house counsel and head of investigations for a Fortune 100 global financial services company.

Experience

Experience

Cybersecurity, Data Privacy and Technology-Focused Matters

Scott is the co-leader of Manatt’s global privacy and cybersecurity practice. He routinely counsels companies on the full spectrum of cybersecurity and data privacy matters, from proactive preparedness and compliance to reactive investigations, incident responses, breaches, regulatory enforcement matters and litigation, including class actions and business-to-business disputes. In connection with this practice, Scott conducts internal investigations for companies in a wide variety of industries into matters involving unauthorized access of systems and acquisition of data; violations of data security laws and regulations; the theft or misuse of data, intellectual property (including trade secrets), and confidential and proprietary business information; and the theft of or damage to critical electronic infrastructure.

Scott’s representative matters include:

  • A cloud e-commerce platform company, in responding to multiple cybersecurity incidents involving the alleged theft and misuse of credit card data as well as a privacy class action filed in Delaware.
  • A leading biotechnology and therapeutics company, in responding to reports of hacking of its patient technology, requiring investigation and reporting to the FDA.
  • A Big 4 accounting firm on various security and privacy matters.
  • A health information cloud provider in investigating and remediating a ransomware attack that encrypted thousands of patient records.
  • A global health care company in connection with a material joint venture with a pharmaceutical company in developing a privacy and security framework to comply with laws from 50+ jurisdictions.
  • An adtech company in connection with the collection, processing and transfer of data across dozens of global jurisdictions, including data transfers into and out of the U.S.
  • A real estate and proptech industry group and its global members on implications of the California Consumer Privacy Act (CCPA) through various white papers and industry presentations and in presenting comments to the CCPA regulations.
  • A global restaurant chain in conducting an internal investigation and incident response involving concerns of credit card theft involving millions of cards potentially being exposed.
  • Individuals accused in a federal court action of violations of the Computer Fraud and Abuse Act and the Stored Communications Act in connection with an alleged scheme to clone a state-owned petrochemical company’s electronic infrastructure.
  • A global financial services company with counselling on the redesign and rebuild of its digital forensics and cybersecurity functions to improve the company’s efficiency and efficacy in responding to disputes, investigations and compliance risks.
  • One of the world’s largest technology companies in developing and drafting data privacy and security addendums focused on hardware and software to reflect new privacy obligations and potential security-related liability.
  • An e-gaming company in connection with global cybersecurity and privacy risks and obligations in a potential transaction.
  • A defense contractor in containing and remediating a ransomware attack impacting the company’s production and assembly operations, and reporting the same pursuant to federal defense contractor obligations.
  • A professional services firm in investigating a business email compromise across dozens of employees that compromised the data for various of the firm’s clients.

Business Litigation, Financial Institution Litigation, Class Actions and Crisis Management

Scott has a significant amount of experience defending and prosecuting bet-the-company and significant litigation on behalf of companies and their officers and directors. He has first-chair trial experience and has represented clients in state and federal courts nationwide and in various arbitration settings.

Scott’s representative matters include:

  • Secured a defense verdict, as first-chair trial counsel, for a startup media company on all counts after a two-week federal court bench trial involving allegations of violations of intellectual property rights and a Massachusetts consumer protection statute.
  • Defended a Fortune 100 life insurance company in a purported class action challenging the company’s retention of surplus profits and alleged failure to comply with Massachusetts law concerning the distribution of dividends to policyowners, with alleged damages well into the billions of dollars.
  • Represented a mutual life insurance company—and obtained a motion-to-dismiss victory—in a purported class action concerning the company’s corporate governance and members’ voting rights to elect the company’s board of directors, which presented matters of first impression under Massachusetts law and which upheld the company’s 160-year-old practice.
  • Defended a financial services company in a purported class action challenging the legality of the company’s bylaws and recent amendments thereto, which presented matters of first impression, and counseled the company and its board of directors through a second round of bylaw amendments.
  • Counseled a foreign-based asset manager and its U.S. parent on the acquisition of a Korean asset manager, and served as the company’s representative in Korea to gain approval by the Korean government’s regulators.

Internal Investigations, Government Enforcement and White Collar Defense

Scott has handled hundreds of internal investigations during his career, including during his time serving as head of investigations at a Fortune 100 global financial services company. Scott has handled civil and criminal investigations (with the assistance of white collar colleagues). He represents clients before various state and federal regulators, including the Securities and Exchange Commission (SEC), the Department of Justice (DOJ), the Financial Industry Regulatory Authority (FINRA), state attorneys general, the New York Department of Financial Services (NYDFS) and the Federal Trade Commission (FTC). As in-house counsel, Scott was responsible for the company’s anti-fraud controls and training, as well as the company’s investigation function, as an example of his breadth of experience.

Scott’s representative matters include:

  • Advising a global medical technology company in responding to multiple subpoenas from the DOJ investigating third parties’ alleged Medicare fraud schemes relating to genetic testing.
  • Advised a global company investigating the offboarding of employees suspected of “backing up the truck” to raid the company of its customer information, trade secrets and proprietary information.
  • Conducted an investigation of accounting irregularities for a startup technology company preparing for an initial public offering (IPO) or acquisition.
  • Resolved an SEC enforcement matter and other regulatory inquiries—informed by allegations of a purported Dodd-Frank Act whistleblower—related to the disclosure of certain variable annuity features on behalf of a life insurance company.
  • Represented financial service companies (including life insurance companies and broker-dealers) in response to regulatory inquiries, including by the SEC, FINRA, state regulatory authorities (including the Massachusetts Division of Securities, the Massachusetts Division of Insurance, the Massachusetts Attorney General and the NYDFS), involving alleged sales practice violations as well as product design and disclosure matters.
Speaking Engagements

Speaking Engagements

Speaker, “Advocacy & Election Impact on Multifamily: Privacy and Cyber Regulation & Policy,” 2022 OPTECH Conference, National Multifamily Housing Council, November 3, 2022.

Speaker, “OPTECH Town Hall: Managing Your Data,” 2022 OPTECH Conference, National Multifamily Housing Council, November 3, 2022.

Keynote speaker, “Compliance Alert! – IT Legal Update for CIOs,” Argyle CIO Leadership Forum, October 25, 2022.

Keynote speaker, “Data Protection in the Workplace – Compliance Update 2022,” HR Leadership Forum: Tech Check 2022, Argyle, October 6, 2022.

Speaker, “Marketing 101 for Privacy Officers: How to Collaborate with Your Marketing Team,” IAPP Global Privacy Summit, April 12, 2022.

Speaker, “Is There a New Era for Data Privacy on the Horizon?” Executive Policy Summit, Online Lenders Alliance, April 28, 2022.

Keynote speaker, “Comply, Engage, Win – Crafting Compliant Marketing Campaigns That Build Consumer Trust,” CX/UX Leadership Forum: Building Better B2B Customer Journeys, Argyle, December 7, 2021.

Keynote speaker, “Compliance Spotlight: Protecting Your Company’s Employee Data,” HR Technology Leadership Forum: Innovation & Optimization 2021, Argyle, November 30, 2021.

Speaker, “Post-Pandemic Digital World: Platforms, Algorithms, Cybersecurity, and Justice,” Western New England University’s Virtual Symposium, October 29, 2021.

Keynote speaker, “Got Cookies? - Control, Data Privacy and Commerce,” Martech Leadership Forum: Adapting to Technology to Supercharge CX, Argyle, July 27, 2021.

Speaker, “Key State Legislative and Regulatory Developments,” Online Lenders Alliance (OLA) Legal Issues Conference, July 21, 2021.

Speaker, “Webinars for Wise Nonprofits: Data Privacy and Security for Nonprofits: Part I (Data Privacy) and Part II (Security),” Lawyers Alliance for New York, June 16 and 24, 2021.

Speaker, LIMRA Chief Legal Counsel Forum, May 21, 2021.

Speaker, “Know Your Home Field: Health Privacy, Information Blocking and Incident Response,” New Jersey Health Information Management Association (NJHIMA), April 26, 2021.

Guest lecturer, “Interview with the Experts: Cybersecurity Litigation,” Boston College Law School, April 22, 2021.

Speaker, “Healthcare Cybersecurity: Protecting Sensitive Data, Research, and Patients while Navigating the Regulatory Landscape,” Boston College - Woods College of Advancing Studies, March 25, 2021.

Speaker, Privacy Painters, March 18, 2021.

Speaker, "Healthcare and Ransomware Attacks: Protecting Patient Information, Mitigating Privacy Risks," Strafford Publications, March 17, 2021.

Speaker, “Know Your Home Field: Health Privacy, Information Blocking and Incident Response,” New York Health Information Management Association (NYHIMA), February 10, 2021.

Quoted, “Despite confusion, AG begins privacy act enforcement,” Daily Journal, July 1, 2020.

Speaker, “Data Protection: Compliance, Risk and Information Sharing,” Boston Conference on Cyber Security, March 4, 2020.

Speaker, “Data Privacy and Security – The Implications for Your Business,” Online Lending Legal and Policy Issues Forum, LEND360, February 26, 2020.

Speaker, “Preparing for the Open and Hidden Litigation Risks of the California Consumer Privacy Act,” Association of Corporate Counsel Webinar, October 23, 2019.

Speaker, “Data Privacy: With New Regulatory Requirements. Here’s What You Need to Know Today,” National Multifamily Housing Council Annual Student Housing Conference, October 14, 2019.

Speaker, “Cybersecurity & Privacy—Fiduciary Considerations,” Conference of State Bank Supervisors, 2019 Trust Forum, October 7, 2019.

Speaker, “Privacy and Cyber Security Law Update: Preparing For The New Wave of Consumer Rights,” New England Corporate Counsel Association, October 2, 2019.

Speaker, “Are You Ready for the New Data Privacy Rules?” 2019 National Multifamily Housing Council, Fall Meeting, September 13, 2019.

Speaker, “Preparing for the Open and Hidden Litigation Risks of the CCPA,” Manatt Webinar, September 4, 2019.

Panelist, “Cybersecurity: Current Law and Trends Impacting the Insurance Industry,” American Council of Life Insurers’ Annual Legal and Compliance Conference, July 16, 2019. 

Moderator, “National Intelligence,” Boston Conference on Cyber Security 2019, March 6, 2019.

“Legal Considerations for Technology Contracts, Software Audits and Data Security Investigations,” February 12, 2019.

“Firm General Counsel Summit, Addressing Cybersecurity and Privacy Risk in Law Firms,” October 31–November 2, 2018.

“Safeguarding Data and Mitigating Cyber Risk in the Financial Services Industry,” ACA Aponix Annual Financial Services Forum, October 17, 2018.

“California Consumer Privacy Act: A U.S. Outlier or Start of a Trend?” Webinar, October 10, 2018.

“It’s Time to Get on Board With Cybersecurity: Effective Cyber Management,” Cyber Response Event, July 26, 2018.

“It’s Time to Get on Board With Cybersecurity: Effective Cyber Management,” Cyber Response Event, April 25, 2018.

“International Economic Forum of the Americas World Strategic Forum,” Mitigating Cyber Risk Roundtable, April 16–17, 2018.

“Latin America Wealth Management Roundtable,” February 28, 2018.

“Threat Actor Hunting & The Legal Context,” FireEye Cyber Defense Summit 2017, October 12, 2017.

“Building Cyber Response & Resilience,” Infosecurity North America 2017, October 5, 2017.

“Cybersecurity: The Role of Counsel, the Board and Executive Management in Assessing, Preparing for and Investigating the Risk,” International Bar Association’s Challenges for the Insurance Industry Conference, March 30–31, 2017.

“A Buyer’s Guide to Cyber Insurance,” International Bar Association’s Challenges for the Insurance Industry Conference, March 30–31, 2017.

“The Board’s Role in Cyber Risk Oversight,” National Association of Corporate Directors, November 16, 2016.

“Legal Implications of Cyber Security,” SIFMA Internal Auditors Society Annual Conference, October 26, 2016.

“Internal Investigations Conducted and Managed Internally,” American Bar Association’s Business Law Section Annual Meeting, September 8, 2016.

Panelist, “Protecting Enterprise Data Across Partners, Providers and the Planet,” Ing3nious East Coast eDiscovery & Information Governance Retreat, November 2015.

Panelist, “Cybersecurity and Information Governance: Is Your Company Prepared?” Association of Corporate Counsel, New York City Chapter, Corporate Governance Seminar, September 2015.

Panelist, “Threading the Needle: Skillfully Navigating the Ins and Outs of an Internal Investigation; Aligning People, Process and Technology to Optimize e-Discovery Management,” Consero Financial Services & Insurance Litigation Forum, May 2015.

Panelist, “National eDiscovery Leadership Institute,” University of Missouri-Kansas City School of Law, 2014.

Panelist, “Improving Client Outcomes With Discovery,” LegalTech NYC, 2013.

Panelist, “Strategically Managing Parallel Proceedings,” ALI-ABA Conference on Life Insurance Industry Class Actions & Complex Litigation, 2013.

Panelist, “Legal Developments and Strategy for Protecting Trade Secrets,” ALI-ABA Conference on Life Insurance Industry Class Actions & Complex Litigation, 2012.

Guest lecturer, “Cyber Security and Legal Risk,” Boston College’s Woods College of Advancing Studies Cybersecurity Policy & Governance Master’s Program.

Honors & Awards

Honors & Awards

Go-To Lawyers: Cybersecurity and Data Privacy, Massachusetts Lawyers Weekly, 2022

500 Leading Litigators in America, Lawdragon, 2022

2022 BTI Consulting Client Service All-Star

The Best Lawyers in America, 2021–23

Incident Response 40, Cybersecurity Docket, 2022

2020 Pro Bono Honor Roll, Massachusetts Supreme Judicial Court, November 2021

Memberships

Memberships

Admitted to practice in Massachusetts, New York and the District of Columbia

Admitted to the U.S. Court of Appeals, First Circuit; U.S. District Court for the District of Columbia; and U.S. District Court for the District of Massachusetts

New England Legal Foundation, Board Member (2015–2016) and Advisory Council (2016–present)

Boston College, Woods College of Advancing Studies, Cybersecurity and Governance Master’s Program, Advisory Council (2017–present)

Publications

Publications

Co-author, “Chapter 7: Telehealth and digital health privacy regulations,” Diabetes Digital Health and Telehealth, 2022.

Co-author, “Signs Inscribed on a Gate: The Impact of Van Buren v. United States on Civil Claims Under the Computer Fraud and Abuse Act,” Western New England Law Review, 2022.

Co-author, “Data — and data protection — is key to digital strategies,” Sports Business Journal, November 17, 2021.

Interviewed, “Voltron,” Data Protection Breakfast Club Podcast, June 9, 2021.

Quoted, “Tech, Health Equity Concerns for Digital Vaccine Credentialing,” PatientEngagementHIT, May 14, 2021.

Co-author, “Considerations in Machine Learning–Led Programmatic Underwriting,” Rail The Journal of Robotics, Artificial Intelligence & Law, Volume 4, No. 4, May 2021.

Quoted, “Hackers exploit system loopholes with ransomware,” Business Insurance, May 4, 2021.

Quoted, “Patient privacy laws are due for an overhaul, experts say,” Modern Healthcare, January 30, 2021.

Co-author, “Addressing The Security Risks Of University Foreign Funding,” Law360, January 19, 2021.

Quoted, “Corporate Secrets at Risk in Hack of U.S. Courts Documents,” Bloomberg Law, January 7, 2021.

Co-author, “The California Privacy Rights Act Has Passed: What’s In It?” Pratt’s Privacy & Cybersecurity Law Report, November/December 2020.

Co-author, “An Intersection Between Ransomware and U.S. National Security: OFAC Speaks,” Corporate Compliance Insights, October 8, 2020.

Quoted, “EU Top Court Leaves US Data Transfers On Shaky Ground,” Law360, July 17, 2020.

Quoted, “Coronavirus Response To Test Limits of Location Privacy,” Law360, April 1, 2020.

Co-author, “Conducting Internal Investigations During the COVID-19 Pandemic,” Law Journal Newsletters’ Business Crimes Bulletin, March 25, 2020.

Co-author, “ COVID-19: Evolving Cybersecurity Considerations for Business,” Corporate Compliance Insights, March 23, 2020.

Co-author, “6 Changes In California's New Draft Privacy Regulations,” Law360, March 2, 2020.

Quoted, “GC Cheat Sheet: The Hottest Corporate News of the Week,” Law360, February 14, 2020.

Quoted, “4 Takeaways From Calif.'s Revised Consumer Privacy Regs,” Law360, February 13, 2020.

Quoted, “CCPA Litigation Risks: How to Avoid Claims Under Other Statute,” Cybersecurity Law Report, February 5, 2020.

Co-author, “INSIGHT: Cybersecurity Attacks, Prevention Call for Attorneys, Rapid Response Teams,” Bloomberg Law, January 8, 2019.

Author, “U.S. Securities and Exchange Commission Updates Cybersecurity Disclosure Guidance,” Alert, February 22, 2018.

Author, “A Necessary Paradigm: Leveraging Legal Counsel to Mitigate Cyber Risk,” Insurance Law Committee Update of the International Bar Association Legal Practice Division, March 2017.

Author, “New York Department of Financial Services Revises Proposed Cybersecurity Rule,” Alert, January 12, 2017.

Author, “Tech Meets Legal Spotlight: Advice on Working With Information Security,” Vol. 3, No. 1, January 11, 2017.

Co-author, “The Sarbanes-Oxley Act of 2002: A Brief Summary of the New Professional Responsibility Obligations for Securities Attorneys, New Criminal Provisions, and Reforms to the Sentencing Guidelines,” ABA White Collar Crime Book, 2003.

Co-author, “The New Sentencing Guidelines for Corp. Crime,” New York Law Journal, Vol. 229, No. 20, January 30, 2003.

Author, “The Evolution of ‘Brady’ Continues,” New York Law Journal, Vol. 226, No. 10, July 16, 2001.

Scott in the News

  • 10.31.22

    Lashway Named Go-To Cybersecurity and Data Privacy Lawyer by ...

    Privacy and Data Security practice Co-Leader Scott Lashway was named to Massachusetts Lawyers Weekly ’s list of 2022 Go-To Lawyers in ...

  • 10.03.22

    Lawdragon Names 11 Manatt Attorneys to Inaugural 500 Leading ...

    Eleven Manatt attorneys were named to Lawdragon ’s inaugural list of the 500 Leading Litigators in America, which recognizes attorneys who ...

  • 09.07.22

    Manatt Represents Francisco Partners in Majority Investment in Kobalt ...

    A Manatt team led by Entertainment Leader Jordan Bromley and Partner Beau Stapleton advised Francisco Partners Management, a U.S.-headquartered ...

  • 08.18.22

    86 Manatt Attorneys Named to 2023 Best Lawyers Guide

    Eighty-six Manatt attorneys have been named to the 2023 edition of Best Lawyers in America, which recognizes the nation’s leading lawyers each ...

Show More

Scott's Articles

  • 07.07.22

    Signs Inscribed on a Gate: The Impact of Van Buren v. United States ...

    Co-Leader of Manatt’s Privacy and Data Security practice Scott Lashway and Privacy and Data Security Special Counsel Matthew Stein ...



  • 11.17.21

    Data — and Data Protection — is Key to Digital Strategies

    Privacy and Data Security Co-leader and Partner Scott Lashway joined Manatt Digital and Technology Counsel and Director Matthew Reece in ...



  • 01.19.21

    Addressing the Security Risks of University Foreign Funding

    Manatt partners Scott Lashway and Richard Hartunian and special counsel Matthew Stein authored an article for Law360 about the security ...



  • 12.01.20

    The California Privacy Rights Act Has Passed: What’s In It?

    Co-leader of Manatt’s privacy and data security practice Scott Lashway and partner Brandon Reilly authored an article for Pratt’s ...



Show More


Scott's Newsletters

  • 01.05.23

    Health Care Industry Reminded Again About Cybersecurity Risks With ...

    The final week of 2022 brought with it two reminders of the continued scourge of ransomware on the health care industry and the need for ...

  • 08.31.22

    CA Fails to Extend Privacy Exemptions for B2B and Employment Data ...

    Beginning on January 1, 2023, the California Consumer Privacy Act will apply to personal information collected by companies subject to the CCPA about ...

  • 08.09.22

    Telehealth and Digital Health Privacy Regulations

    The Health Insurance Portability and Accountability Act of 1996 is the primary federal law that protects patients’ health care data and records.

  • 05.03.22

    Cyber Beware: E-Gaming and Cyber-Criminality

    Recent events illustrate that the e-gaming industry—developers, publishers, esports leagues and teams, and the financial machinations behind ...

Show More


Scott's Events and Webinars

  • 11.03.22

    Lashway to Speak at the 2022 OPTECH Conference

    Manatt Privacy and Data Security Co-Leader and Partner Scott Lashway will speak in two sessions titled “Advocacy & Election Impact on ...



  • 10.06.22

    Lashway to Present Keynote Address at Argyle’s HR Leadership Forum

    Scott Lashway, partner and co-leader of Manatt’s Privacy and Data Security practice, will present a keynote address on October 6 at ...



  • 06.17.22

    A Due Diligence Imperative: The Importance of Addressing Privacy in ...

    In this episode of Data on Demand, host Scott Lashway is joined by Manatt’s own Brandon Reilly and Matt Stein to discuss ...



  • 04.27.22

    Lashway and Reilly to Speak at OLA Executive Policy Summit

    Scott Lashway, partner and co-leader of Manatt’s Privacy and Data Security practice, and Joseph Reilly, Manatt Financial Services partner, ...



Show More
manatt-black

ATTORNEY ADVERTISING

pursuant to New York DR 2-101(f)

© 2023 Manatt, Phelps & Phillips, LLP.

All rights reserved 

 

  • Services
  • People
  • Insights
  • About Us
  • Careers
  • Offices & Contacts
  • Disclaimer
  • Privacy Statement

Share This Page

Your Information
Recipient's Information