Peter F. McLaughlin is Of Counsel in the Global Privacy and Data Security Practice Group in the New York office of Morrison & Foerster LLP. His practice focuses on health information privacy and data security issues generally. As the former global privacy director and assistant general counsel of a Fortune 20 health care company, Mr. McLaughlin has specific experience relevant to the health care sector and the securing of valuable corporate information assets.
Legal 500 US has recognized Mr. McLaughlin’s technology work in the area of data protection and privacy (2010-2013). He is a frequent speaker at ABA, HIPAA Security Summit, Practicing Law Institute, International Association of Privacy Professionals, RSA, and other programs in the U.S. and internationally. He is a member of the American Bar Association (ABA) and co-chairs the ABA’s Information Security Committee. For four years he was co-chair of the Privacy Security & Data Management subcommittee for the Business Law Section. He is also a member of the International Association of Privacy Professionals, the Health Information Management Systems Society (HIMSS), and the American Health Lawyers Association and its Health Information Technology Committee. Mr. McLaughlin is a Certified Information Protection Professional (CIPP), certified by the International Association of Privacy Professionals.
Mr. McLaughlin received his J.D. from Georgetown Law Center in 1993 and was the senior articles editor for the journal Law & Policy in International Business. He earned his bachelor’s degree from Columbia University in 1986. Mr. McLaughlin is admitted to practice in Massachusetts and New York.
Health Care Sector
- Assisted a health care company under FTC and OCR consent decrees to develop a compliant information security program.
- Assessed the health privacy/security compliance of an international pharmaceutical company.
- Advised mobile app, software, cloud, IT services and medical device firms on health data security and privacy compliance requirements.
- Coordinated the review and revision of data security and privacy policies concerning PHI.
- Represented a health care provider before regulators with respect to the preparation of and response to mandated independent assessment of security programs.
- Reviewed the HIPAA compliance of a non-health sector client’s employee information practices.
- Managed internal investigations related to privacy and security compliance and potential security incidents.
- Conducted HIPAA Security Rule compliance reviews.
- Conducted a data security compliance assessment of a cloud-based data backup company.
- Advised a large privately held firm on credit card security (PCI) policies and procedures.
- Counseled a multinational defense firm on its U.S. privacy and security compliance program.
- Advised an MMOG (massively multiplayer online game) developer on system security and data sharing.
- Assisted a Middle East government in development of its new data security and privacy law.
- Advised U.S. environmental controls company on the information security aspects of a global HR database implementation.