Jason Wool’s practice focuses on cybersecurity, including cyber risk management, incident response, and compliance with global data protection laws, regulations, and standards, including the PCI-DSS. He has advised organizations ranging from small businesses to Fortune 500 companies during complex, privileged computer crime investigations; provided ongoing advice on the development of cybersecurity programs and cybersecurity governance structures; conducted tabletop exercises and other data breach simulations; assisted clients with large scale audits to determine compliance with complex cybersecurity standards; advised on cyber risk in connection with transactional due diligence; devised complex cybersecurity schedules in connection with outsourcing agreements and conducted training on cybersecurity for audiences ranging from IT operations personnel to boards of directors. He also actively monitors cybersecurity-related legislative and regulatory developments (including participating in all six National Institute of Standards and Technology (NIST) workshops on the development of the Cybersecurity Framework) in order to provide advice on potential impacts.
Jason holds a B.A. from Haverford College and a J.D. from William & Mary. He is certified as a CIPP/US and CIPP/E. Jason is a three time Super Lawyers Rising Star.
On May 7, 2019, Governor Jay Inslee signed a bill (HB 1071) that strengthens the state’s existing data breach notification law by expanding the definition of “personal information” and reducing ...Read More
The Department of Health and Human Services (“HHS”) recently issued a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties (“CMPs”) in which it lowered the maximum annual fines ...Read More
- This Old Reg: FTC Proposes Major Updates to the Safeguards Rule
- Is Your Token a Security? The SEC Wants to Help You Figure That Out.
- Ready for It? Canada’s Data Breach Record Keeping Requirements
- Ohio Provides Breach Litigation Safe Harbor to Businesses
- Canada’s Breach Notification Requirements to Go Into Effect
- At Last, My Alabama Breach Notice Has Come Along
- Risky Business: Five Considerations for Security in Vendor Contracting