Brian Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice. Brian focuses his practice on providing practical advice that enables companies to pursue their business in a competitive environment while reducing risk associated with the collection, use, storage, transfer, and potential loss of data. He frequently negotiates complex data-centric information technology agreements, and designs policies and corresponding controls for the implementation of best practices, compliance with state and federal law, and international considerations. He often reviews the data flows within an organization from both a senior leadership perspective as well as at the implementation level, and provides actionable recommendations to engineer such data flows in order to reduce compliance risk and engender consumer trust.
Brian frequently provides advice to clients that wish to buy or sell corporate entities whose business models leverage data and information technology, including data aggregation, analytics, and open source software.
Brian has been designated a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals, and is also a Certified Information Privacy Professional (CIPP) (US Specialization), Certified Information Privacy Manager (CIPM), and a Certified Information Systems Security Professional (CISSP). He has a B.S. in Computer Science and an M.S. in Telecommunications from the University of Colorado at Boulder, College of Engineering and Applied Science.
He is also a member of Governor Brown’s California Cybersecurity Task Force, a statewide partnership comprised of key stakeholders, subject matter experts, and cybersecurity professionals from California's public and private sectors, academia, and law enforcement that serves as an advisory body to the State of California Senior Administration Officials in matters related to cybersecurity.
Before becoming an attorney, Brian worked at one of the country’s leading information security firms, where he focused on analyzing the existing network security controls of financial institutions, online merchants, and government organizations. He also conducted penetration tests, provided guidance on PCI-DSS compliance, and assisted federal law enforcement with digital forensics post security incident. Subsequently, he joined one of the world’s largest management consulting and information services firms, where he led efforts to design and implement large-scale information security initiatives for Fortune 500 companies, including one of the world’s largest banking and consumer credit companies.
More Legal and Business Bylines From Brian H. Lam
- How to Leverage Privacy as a Key Competitive Advantage - (Posted On Tuesday, February 20, 2018)
- Carpenter v. United States Privacy Case Pushes Supreme Court to Decide Fourth Amendment Protections of Cell Phone Metadata - (Posted On Tuesday, January 30, 2018)
- Getting Past Spectre and Meltdown: A Practical Guide - (Posted On Monday, January 22, 2018)
- Athletes and their Biometric Data – Who Owns It and How It Can Be Used - (Posted On Tuesday, December 19, 2017)
- Insurance Commissions Approve Data Security Model Law - (Posted On Tuesday, December 12, 2017)
- Two Data Breach Bills Introduced in US Senate - (Posted On Monday, December 11, 2017)
- Proposed Ohio Law May Encourage Businesses to Adopt Cyber Standards - (Posted On Monday, November 13, 2017)
- FTC Provides Additional Guidance on COPPA Policy for Voice Recordings - (Posted On Wednesday, November 01, 2017)
- Equifax Breach: Three Takeaways in First Four Days - (Posted On Wednesday, September 13, 2017)
- The FTC’s Uber Consent Order: A Warning to Fast-Growing Companies - (Posted On Wednesday, August 23, 2017)
Brian H. Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice, and he was selected as a 2019 National Law Review Go-To Thought Leader for his analysis of cybersecurity regulation and laws, with a specific emphasis on his work related to the California Consumer Privacy Act (CCPA), the important and far-reaching implications of this new privacy and consumer protection legislation, and its road to implementation.