Matthew H. Meade is co-chair of the firm's Cybersecurity and Data Protection Group where he provides advice regarding data security breaches, information and records management and other areas regarding privacy. He helps clients identify business risks associated with the use and storage of sensitive information. Matt regularly advises clients on security breach notification laws and other U.S. state and federal data security requirements (including laws regarding disposal of records). Matt drafts agreements addressing issues related to data use, privacy and security. He also has prepared document retention and management policies and developed associated training programs.
Matt's recent representations include:
- Advised numerous entities, including health care providers, manufacturers, retailers, schools, security alarm companies, financial services company, county governments and collection agency on information security breach notification procedures and development of post breach corrective action plans.
- Coordinated response to multi-state security breaches and hacking with local and federal law enforcement, district attorney and United States Attorney.
- Performed comprehensive review and subsequent revisions of all security policies for leading hospitality provider and then provided data security training to managers and executives on subjects covered in policies.
- On behalf of a health care automation solutions provider, obtained dismissal of claims arising from the theft of an employee’s laptop computer containing protected health information, on grounds that court lacked subject matter jurisdiction because plaintiff failed to adequately allege injury-in-fact.
- Assisted banking client with response to unauthorized customer wire transfer, including developing post-incident policy enhancements.
- Coordinated internal investigation of health care data breach, subsequent patient notice, communication with the Department of Health & Human Services Office of Civil Rights (“OCR”) and development of corrective steps. OCR closed the case taking no further action and noting the voluntary compliance efforts of the entity.
- Negotiated with states attorney general office’s on behalf of cloud storage company holding data of health care entity involved in multi-state investigation and multi-jurisdiction litigation.
- Prepared and reviewed company policies including Written Information Security Programs, document management, social networking and incident response.
- Conducted internal investigation of processes and procedures of professional sports league, including analysis of discipline by league of teams, coaches and players, and of document management policy.
- Conducted an internal investigation of a large-scale data leak of personnel information at a Fortune 100 corporation; interviewing relevant employees and preparing a report and recommendations for the Executive Board.
- Advised clients on proper security measures in connection with employee and customer personal information.
Prior to joining Buchanan, Matt was an associate with the New York office of an international law firm, where, in addition to privacy-related matters, he worked on white-collar internal investigations, federal litigation matters and federal criminal cases, including plea negotiations, participation in proffer sessions, bail proceedings, guilty pleas, pre-sentence reports and negotiations with the United States Attorney's Office.
Matt was selected for inclusion in The Best Lawyers in America® list in 2017 under the Privacy and Data Security Law category.Matt serves on the Steering Committee for the Sedona Conference Working Group 11 on Data Security and Privacy Liability, which brings “together lawyers, judges, policy makers, security experts, technologists and business leaders to identify and develop principles and best practices that will constructively resolve issues surrounding data security and privacy liability.” Matt speaks and writes regularly on data security and is a co-chair of the ABA’s Second Annual National Institute on Cybersecurity.