Brian Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice. Brian focuses his practice on providing practical advice that enables companies to pursue their business in a competitive environment while reducing risk associated with the collection, use, storage, transfer, and potential loss of data. He frequently negotiates complex data-centric information technology agreements, and designs policies and corresponding controls for the implementation of best practices, compliance with state and federal law, and international considerations. He often reviews the data flows within an organization from both a senior leadership perspective as well as at the implementation level, and provides actionable recommendations to engineer such data flows in order to reduce compliance risk and engender consumer trust.
Brian frequently provides advice to clients that wish to buy or sell corporate entities whose business models leverage data and information technology, including data aggregation, analytics, and open source software.
Brian has been designated a Fellow of Information Privacy (FIP) by the International Association of Privacy Professionals, and is also a Certified Information Privacy Professional (CIPP) (US Specialization), Certified Information Privacy Manager (CIPM), and a Certified Information Systems Security Professional (CISSP). He has a B.S. in Computer Science and an M.S. in Telecommunications from the University of Colorado at Boulder, College of Engineering and Applied Science.
He is also a member of Governor Brown’s California Cybersecurity Task Force, a statewide partnership comprised of key stakeholders, subject matter experts, and cybersecurity professionals from California's public and private sectors, academia, and law enforcement that serves as an advisory body to the State of California Senior Administration Officials in matters related to cybersecurity.
Before becoming an attorney, Brian worked at one of the country’s leading information security firms, where he focused on analyzing the existing network security controls of financial institutions, online merchants, and government organizations. He also conducted penetration tests, provided guidance on PCI-DSS compliance, and assisted federal law enforcement with digital forensics post security incident. Subsequently, he joined one of the world’s largest management consulting and information services firms, where he led efforts to design and implement large-scale information security initiatives for Fortune 500 companies, including one of the world’s largest banking and consumer credit companies.
More Legal and Business Bylines From Brian H. Lam
- FTC Asked to Investigate Google’s Matching of “Bricks to Clicks” - (Posted On Tuesday, August 08, 2017)
- FTC Reaffirms that IoT Devices Must Comply with COPPA - (Posted On Thursday, July 20, 2017)
- US-CERT Encourages Companies to Act on FBI Guidance to Protect Email Systems - (Posted On Friday, June 02, 2017)
- Cloudbleed: Three Risk Management Lessons Learned - (Posted On Monday, March 13, 2017)
- Data Breaches Will Cost Yahoo and Verizon Long After Sale - (Posted On Monday, February 27, 2017)
- SEC May Leverage Investigation of Yahoo! Data Breaches to Clarify Prior Guidance - (Posted On Thursday, January 26, 2017)
- California AG Guidance for Ed Tech Industry: Six Recommendations to Protect Student Data Privacy - (Posted On Wednesday, November 16, 2016)
- How Did The Internet Of Things Allow The Latest Attack — On The Internet? - (Posted On Friday, October 28, 2016)
- Three Guidelines to Maximize Value of Data - (Posted On Monday, October 24, 2016)
- California Attorney General Harris Provides New Online Tool to Report California Online Privacy Protection Act (CalOPPA) Violations - (Posted On Thursday, October 20, 2016)
Brian H. Lam is a member of Mintz’s Privacy & Security Practice and Technology Transactions Practice, and he was selected as a 2019 National Law Review Go-To Thought Leader for his analysis of cybersecurity regulation and laws, with a specific emphasis on his work related to the California Consumer Privacy Act (CCPA), the important and far-reaching implications of this new privacy and consumer protection legislation, and its road to implementation.