Joseph J. Lazzarotti is a principal in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. He founded and currently co-leads the firm's Privacy, Data and Cybersecurity practice group, edits the firm’s Privacy Blog, and is a Certified Information Privacy Professional (CIPP) with the International Association of Privacy Professionals. Trained as an employee benefits lawyer, focused on compliance, Joe also is a member of the firm’s Employee Benefits practice group.
In short, his practice focuses on the matrix of laws governing the privacy, security, and management of data, as well as the impact and regulation of social media. He also counsels companies on compliance, fiduciary, taxation, and administrative matters with respect to employee benefit plans.
Privacy and cybersecurity experience - Joe counsels multinational, national and regional companies in all industries on the broad array of laws, regulations, best practices, and preventive safeguards. The following are examples of areas of focus in his practice:
-
Advising health care providers, business associates, and group health plan sponsors concerning HIPAA/HITECH compliance, including risk assessments, policies and procedures, incident response plan development, vendor assessment and management programs, and training.
-
Coached hundreds of companies through the investigation, remediation, notification, and overall response to data breaches of all kinds – PHI, PII, payment card, etc.
-
Helping organizations address questions about the application, implementation, and overall compliance with European Union’s General Data Protection Regulation (GDPR) and, in particular, its implications in the U.S., together with preparing for the California Consumer Privacy Act.
-
Working with organizations to develop and implement video, audio, and data-driven monitoring and surveillance programs. For instance, in the transportation and related industries, Joe has worked with numerous clients on fleet management programs involving the use of telematics, dash-cams, event data recorders (EDR), and related technologies. He also has advised many clients in the use of biometrics including with regard to consent, data security, and retention issues under BIPA and other laws.
Benefits counseling experience - Joe's work in the benefits counseling area covers many areas of employee benefits law. Below are some examples of that work:
-
As part of the Firm's Health Care Reform Team, he advises employers and plan sponsors regarding the establishment, administration and operation of fully insured and self-funded health and welfare plans to comply with ERISA, IRC, ACA/PPACA, HIPAA, COBRA, ADA, GINA, and other related laws.
-
Guiding clients through the selection of plan service providers, along with negotiating service agreements with vendors to address plan compliance and operations, while leveraging data security experience to ensure plan data is safeguarded.
More Legal and Business Bylines From Joseph J. Lazzarotti
- HHS Issues Cloud Computing Guidance Which Is Helpful To All Users of Cloud Services - (Posted On Monday, October 10, 2016)
- Smaller HIPAA Breaches To Get More Attention by Office for Civil Rights - (Posted On Friday, August 19, 2016)
- HHS Office of Civil Rights and $15 Million in HIPAA Settlement Payments in 2016 - (Posted On Wednesday, July 27, 2016)
- 5 Practice Tips for Law Firms as Data Breach Spotlight Swings Their Way - (Posted On Thursday, June 09, 2016)
- Facebook’s “Trending” Section and Human Resources Analytics - (Posted On Thursday, May 12, 2016)
- Check Your Spam Filter, You Might Have Been Selected for a HIPAA Audit! - (Posted On Tuesday, March 22, 2016)
- Should We Train Our Employees About Good Data Privacy and Security Practices? - (Posted On Monday, March 21, 2016)
- ERISA Preempts Vermont Health Plan Reporting Law, Supreme Court Holds (Self-Funded Plans Take Note) - (Posted On Monday, March 07, 2016)
- Vermont’s Health Plan Reporting Law Impermissibly Impacts National Plan Administration and Falls to ERISA Preemption, Supreme Court Holds - (Posted On Wednesday, March 02, 2016)
- HIPAA Covered Entities Not Responsible For Intercepted Transmission of PHI When Individual Requested Unsecured Transmission, Office for Civil Rights Concludes - (Posted On Monday, February 29, 2016)
Joseph J. Lazarotti is a Privacy, e-Communication and Data Security Principal with Jackson Lewis who has been named a 2019 National Law Review Go-To Thought Leader for his writing on data privacy and cybersecurity concerns. His coverage includes the ongoing saga of the California Consumer Privacy Act (CCPA), along with major court decisions affecting privacy and legislation nationwide and globally–corporate and otherwise–impacting the landscape of employer privacy. His writing is exhaustive and thorough, and National Law Review readers can count themselves well informed in cybersecurity by following Mr. Lazarotti’s thought leadership.