Brian Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice. Brian focuses his practice on providing practical advice that enables companies to pursue their business in a competitive environment while reducing risk associated with the collection, use, storage, transfer, and potential loss of data. He frequently negotiates complex data-centric information technology agreements, and designs policies and corresponding controls for the implementation of best practices, compliance with state and federal law, and international considerations. He often reviews the data flows within an organization from both a senior leadership perspective as well as at the implementation level, and provides actionable recommendations to engineer such data flows in order to reduce compliance risk and engender consumer trust.
Brian frequently provides advice to clients that wish to buy or sell corporate entities whose business models leverage data and information technology, including data aggregation, analytics, and open source software.
Brian has been designated a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals, and is also a Certified Information Privacy Professional (CIPP) (US Specialization), Certified Information Privacy Manager (CIPM), and a Certified Information Systems Security Professional (CISSP). He has a B.S. in Computer Science and an M.S. in Telecommunications from the University of Colorado at Boulder, College of Engineering and Applied Science.
He is also a member of Governor Brown’s California Cybersecurity Task Force, a statewide partnership comprised of key stakeholders, subject matter experts, and cybersecurity professionals from California's public and private sectors, academia, and law enforcement that serves as an advisory body to the State of California Senior Administration Officials in matters related to cybersecurity.
Before becoming an attorney, Brian worked at one of the country’s leading information security firms, where he focused on analyzing the existing network security controls of financial institutions, online merchants, and government organizations. He also conducted penetration tests, provided guidance on PCI-DSS compliance, and assisted federal law enforcement with digital forensics post security incident. Subsequently, he joined one of the world’s largest management consulting and information services firms, where he led efforts to design and implement large-scale information security initiatives for Fortune 500 companies, including one of the world’s largest banking and consumer credit companies.
More Legal and Business Bylines From Brian H. Lam
- Beware Dark Patterns – What are They and What Should Your Business Do About Them? - (Posted On Friday, April 02, 2021)
- Webinar Recording: The California Privacy Rights Act – What You Need to Know to Prepare [VIDEO] - (Posted On Thursday, March 11, 2021)
- California Privacy Rights Act Passes - Dramatically Altering the CCPA - (Posted On Friday, November 06, 2020)
- NIST Provides Important Guidance For IOT Industry - (Posted On Monday, June 22, 2020)
- Alleged Privacy Law Violations Create Potential $5 Billion Issue For Google - (Posted On Friday, June 19, 2020)
- Analysis of Modified Attorney General Regulations to CCPA – Part 2: Business Practices for Handling Consumer Requests - (Posted On Friday, February 14, 2020)
- The Next Act for the Architect of the California Consumer Privacy Act: The California Privacy Rights Act - (Posted On Thursday, January 30, 2020)
- Analysis of Attorney General Regulations to CCPA – Part 2: Business Practices for Handling Consumer Requests - (Posted On Thursday, October 17, 2019)
- Analysis of Attorney General Regulations to the California Consumer Privacy Act – A Series - (Posted On Tuesday, October 15, 2019)
- 2019 CCPA Amendment Process Comes to a Close - (Posted On Friday, September 20, 2019)
Brian H. Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice, and he was selected as a 2019 National Law Review Go-To Thought Leader for his analysis of cybersecurity regulation and laws, with a specific emphasis on his work related to the California Consumer Privacy Act (CCPA), the important and far-reaching implications of this new privacy and consumer protection legislation, and its road to implementation.