M. Scott Koller focuses his practice on data breach response and security compliance issues. He has guided hundreds of clients through incident response and data breach investigations involving malware, network intrusion, inadvertent disclosure and ransomware.
When advising clients on the technical issues associated with a data breach, Scott leverages his strong background in information technology as a Certified Information Systems Security Professional (CISSP), Certified Computer Forensic Examiner, Fellow of Information Privacy (FIP) from the International Association of Privacy Professionals.
As a litigator, Scott is also well-suited to help defend his clients in connection with regulatory investigations and class action lawsuits, including those involving the Department of Health and Human Services, Financial Industry Regulatory Authority, and state regulatory agencies.
Scott regularly serves as breach coach and privacy counsel and prepares comprehensive privacy and security policies, Business Associate Agreements (BAAs), privacy notices, training materials and incident response plans.
He has also advised clients on U.S. state and federal privacy and data security laws, including helping organizations prepare for the new California Consumer Privacy Act (CCPA).
- Advises clients in the financial, healthcare and retail sectors in cybersecurity and data breach incidents in the U.S. and abroad.
- Provides proactive privacy and security advice to emerging companies related to data collection, use, sharing and marketing.
- Conducted a data breach notification assessment, including managing the forensic investigation and notification process for a large cloud hosting provider in connection with a sophisticated cybersecurity attack.
- Served as the primary HIPAA privacy counsel to various clients, including e-health, telemedicine and network security providers.
- Prepared comprehensive HIPAA privacy and security policies and procedures, business associate agreements, privacy notices and training materials for numerous HIPAA-covered entities.
- Represented a rehabilitation clinic in connection with a government investigation surrounding the loss of personal health information contained on several stolen laptops.
- Counsel for a hospital chain in connection with a government investigation by the Department of Justice surrounding its business practices.
- Represented a nonprofit in connection with an investigation and audit by the California Department of Public Health for alleged violations of privacy laws.
- International Association of Privacy Professionals (IAPP)
- American Bar Association: Science & Technology Law Section
- J.D., Northwestern University School of Law
- B.A., Economics, Chapman University
- B.S., Business Administration, Chapman University
Admissions : California
Rate : $$$