MENU
Partner

Kenneth N. Rashbaum

212.885.8836 krashbaum@bartonesq.com
Partner

Kenneth N. Rashbaum

212.885.8836 krashbaum@bartonesq.com
View All Attorneys

Rashbaum advises multinational corporations, financial services organizations life sciences organizations, and other businesses that collect, use, and share electronic information in the areas of privacy, cybersecurity, e-discovery for litigation and regulatory proceedings and information management. He counsels these entities on information governance and its compliance with federal, state, and non-U.S. laws and the interface of e-commerce and legal and regulatory liabilities in areas such as cybersecurity and breach response. Ken has vast experience in preparation and negotiation of technology contracts, including service level agreements and license agreements relating to compliance with data protection and privacy laws in the U.S. and other countries. He also advises clients in the preparation of applications for privacy and cyber liability and technology errors and omissions insurance, assists them in preparation of information controls required by those applications and provides advice concerning proposed insurance policies. Ken leads information security and data breach response assessments, investigations, and remediation initiatives; prepares policies for social media legal and regulatory compliance; and represents technology and life sciences organizations in federal and state investigations and audits, and in litigation.

Ken also serves as special e-discovery counsel for complex litigation and in matters in which electronic evidence from beyond the U.S. is required.  He has been recognized internationally as a thought leader in electronic discovery and disclosure, and has served as national e-discovery counsel for multinational pharmaceutical corporations and global e-discovery counsel in products liability and IP litigation.  Ken was appointed to the faculty of the Federal Judicial Center for its September 2010 session and the Georgetown Advanced E-Discovery Institute (November 2009 and December 2012 sessions) to lead sessions on international e-discovery issues and challenges. In 2019, he served as a special consultant to the New Jersey Assembly assisting in the preparation of a bill that, if passed, would become New Jersey’s first comprehensive privacy and cybersecurity law. Ken has also testified as a cybersecurity and privacy expert before the New Jersey Homeland Security and State Preparedness Committee.

In his capacity as a nationally known expert on data privacy, Ken counsels healthcare organizations on compliance with federal, state and judicial standards governing protected health information. He has served as HIPAA and privacy counsel to major hospital systems, health plans, physicians’ groups, cloud computing providers and health information application developers; advised academic hospital systems on protocols for implementation security and privacy controls in of electronic health records; and provided counsel on risk management issues in access, uses and disclosures of electronic patient information.

Ken is an Adjunct Professor of Law at Fordham University School of Law and had been a member of the Adjunct Faculty at the Maurice A. Deane School of Law at Hofstra University from 2013 – 2015.

Prior to joining Barton, Ken was a senior litigation partner in the New York office of Sedgwick LLP (formerly Sedgwick, Detert, Moran & Arnold) where he was the Founding Co-Chair of the E-Discovery, Compliance and Data Management and HIPAA Practice Groups.

Kenneth N Rashbaum - SuperLawyers

Practices

Banking and Finance Cybersecurity, Data Privacy, GDPR Compliance Insurance Securities Litigation, Regulatory Investigations, and Enforcement White Collar Defense
Practices

Industry Experience

Art, Fashion, Beauty, and Design Cannabis Finance Healthcare Media and Publishing Real Estate Technology
Industry Experience
B
Practices
Industries
Admissions
  • New York State
  • U.S. District Courts: Southern, Eastern, Northern and Western Districts of New York
  • U.S. Court of Appeals, Second Circuit
Education
  • J.D., Hofstra University School of Law
  • B.A., State University of New York at New Paltz, summa cum laude

Honors

  • Selected to Fellows of the American Bar Foundation
  • Selected to Super Lawyers, 2018 to present
  • Team In Training, Leukemia and Lymphoma Society, Boston Marathon 2014
  • Past Member, Charter Revision Commission, South Orange, New Jersey
Memberships
  • American Bar Association: Policy and Government Affairs Officer of the International Section
  • International Association of Privacy Professional
Presentations
  • “The Impact of Cybersecurity Controls on the Duties of Confidentiality and Communication with the Board and Senior Management.” Annual IBM Ethics Webinar, in partnership with ACC WESTSCT. (November 16, 2022).
  • “Understanding and Preparing for the New SEC Cybersecurity Regulations.” Webinar. Presented by Control Risks. (November 14, 2022).
  • “Data Privacy and Cybersecurity Update.” Panelist. Association of Corporate Counsel Annual Meeting. Las Vegas, Nevada. (October 24, 2022).
  • “Importance of Cybersecurity to Protect your Firm and your Clients.” Speaker. Round table discussion. 2022 Primerus Global Conference. San Diego, California. (October 22, 2022).
  • “Cybersecurity: Risks, Controls, and Advice for Client Service.” Panel member. Webinar. New York State Society of CPAs (NYSSCPA). (June 21, 2022).
  • “From Strategy to Tactics: Data Remediation at Private Equity and Hedge Funds.” Panelist. Webinar. Hosted by HaystackID. (April 20, 2022).
  • “Cybersecurity – Is Your Company Protected?” Panel Member. Primerus International Summit. Washington, D.C. (April 9, 2022).
  • “Data Privacy in 2021 and Beyond: Business Opportunities and Challenges.” Association of Corporate Counsel – Westchester/Southern Connecticut Chapter. CLE Seminar. (December 1 & 8, 2021).
  • “THE CYBERATTACK ATE MY LEGAL ADVICE: The Impact of Cybersecurity Controls on Legal Professional Privilege and the Duty of Confidentiality.” Association of Corporate Counsel Westchester-Southern Connecticut. CLE Webinar. (October 19, 2021).
  • “Privacy Beyond the GDPR and CCPA.” Association of Corporate Counsel International Legal Affairs Network. Webinar. (October 5, 2021).
  • “Legal Considerations for Doing Business in the US.” BritishAmerican Business’ Accelerate Program Series. Webinar. (September 30, 2021).
  • “How are firms handling cyber compliance internally, and how might it be a business tool to retain existing clients and win new clients?” Primerus, Coffee & Conversation Series. (July 12, 2021).
  • “What Is A Top Concern For Clients And Their In-House Counsel?” Primerus. (June 29, 2021).
  • “Practical Solutions to Managing Third-Party Cyber Risk.” Barton LLP & Global Cyber Risk Advisors Corp. (June 23, 2021).
  • “Certificate Program Offering a Deep Dive into Global Privacy Laws, Compliance Strategies & Case Studies.” Seton Hall Law. (June 15-18, 2021).
  • “Privacy Versus Discovery: GDPR, the Electronic Information Storage Act and Other Issues.” American Bar Association First Annual Virtual International Litigation Skills Conference. (May 26-7, 2021).
  • “The Duty of Technological Competence and Other Ethical Issues Relating to Technology and Law Practice.” Gibbons Institute of Law, Science & Technology / Seton Hall Law seminar. (April 29, 2021).
  • “Challenges of Privacy, Cybersecurity and Artificial Intelligence: Avoiding Discriminatory Impact.” International Law Section of the American Bar Association Virtual Conference. (February 10, 2021).
  • “Do the Right Thing in Cyberspace: Meeting Ethics Challenges When Practicing Across the Bandwidth.” Association of Corporate Counsel – Westchester/Southern Connecticut chapter. (October 20, 2020).
  • “Unlocking the Full Value of First-Party Data.” BritishAmerican Business webinar. (September 23, 2020).
  • “Privacy Shield Ruled Invalid by CJEU in Schrems II: Where do we go from here?” Primerus. (August 4, 2020).
  • “To Trace or Not to Trace?: Compliance in the Era of COVID-19 and Remote Surveillance.” Primerus. (July 21, 2020).
  • “To Trace or Not to Trace?: Compliance in the Era of COVID-19 and Remote Surveillance.” Association of Corporate Counsel’s “Quick Hits” Webinar. (July 8, 2020).
  • “Cyber Compliance & Its Impact on Litigation: Discovery.” Primerus. (June 2, 2020).
  • “Pandemics and Logistics – Meeting the International Supply Chain Challenges of the COVID-19 Crisis.” American Bar Association Section of International Law. Webinar. (April 21, 2020).
  • “How Does the New NYS Cybersecurity and Privacy Law (SHIELD Act) Impact Your Business?” Barton LLP & the International Legal Technology Association. (February 11, 2020).
  • “GDPR & CCPA Are Fueling High Demand for On-Point RegTech Solutions.” Thomson Reuters Panel, LegalWeek 2020. New York, New York. (February 4, 2020).
  • “Real Estate Owners, Developers and Operators: Is Your Tenant and Property Information Secure?” EisnerAmper Seminar. New York, New York. (June 19, 2019).
  • “Business in 2019 is Global and the Only Constant is Change: The Legal & Regulatory Landscape of Transactions Across Borders.” DiscoverBetterLaw Seminar. New York, New York. (June 10, 2019).
  • “A Resilient Privacy Program in Today’s Climate.” Crowe Risk Consulting Group New Jersey Roundtable. Upper Montclair, New Jersey. (May 8, 2019).
  • “21st Century Business Technologies and Legal Guidance to Facilitate Them: Blockchain, Smart Contracts, Artificial Intelligence and Machine Learning.” 2019 Primerus International Convocation. Miami, Florida. (May 3, 2019).
  • Section Council Policy Deliberations. ABA International Section Annual Meeting. Washington, D.C. (April 8-11, 2019).
  • “Connecting Bridges and Borders: Company Collaboration in Today’s Competitive Market” Conference. Budapest, Hungary. (October 16, 2018).
  • “General Data Protection Regulation: A Corporate Counsel’s Guide to Advising their Clients on GDPR.” Global Cyber Institute Webinar. (June 8, 2018).
  • Testified before the New Jersey Homeland Security & State Preparedness Committee. (May 22, 2018).
  • “Don’t Stop at HIPAA.” Esentire Webinar. (May 31, 2018).
  • “GDPR: A European Privacy Conundrum or a Business Opportunity for US Companies?” Clear Law Institute Webinar Series. (January 8, 2018).
  • “Cybersecurity Regulations for Financial Services.” Investment Adviser Association Webinar Series. (April 20, 2017).
  • “Cybersecurity 2.0: What Can Boards Do Besides Lose Sleep?” National Association of Corporate Directors, New Jersey Chapter. (February 2017).
  • “Managing Information Risk in an Evolving Regulatory World.” Legal Tech New York. (February 2017).
  • “Episode 9: Pokemon Sun and Moon Leaks.” Fordham Intellectual Property, Media & Entertainment Law Journal Podcast. (November 2016).
  • “Technology and the Law: Adapting and Providing Value, a Conversation with Kenneth Rashbaum.” Legal Marketing Studio Podcast. (October 31, 2016).
  • “Defending and Enhancing Operational Integrity in Today’s Cybersecurity Landscape.” Minolta Konica All Covered Cybersecurity Program. Microsoft Event Center, New York, NY. (October 26, 2016).
  • “Complex Litigation Of Cyber Security Issues.” NJICLE Cyber Security Law Conference. New Brunswick, NJ. (June 14, 2016).
  • “Advanced Cybersecurity Law.” Pennsylvania Bar Institute. Philadelphia, PA. (June 1, 2016).
  • “Cross-Border Discovery and Information Management Times Are A-Changing.” Ing3nious Southeast eDiscovery and Information Governance Retreat. Atlanta, GA. (May 22-23 2016).
  • “Managing Vendor and Business Partner Cybersecurity Risks and Liabilities” Clear Law Institute. Philadelphia, PA. (April 26, 2016).
  • “What Happened to the US/EU Safe Harbor? The Tension Between Privacy and Business Efficiency for Multinational Companies.” LegalTech 2016. (February 4, 2016).
  • “Game Changer: Effects of the EU Safe Harbor Decision.” LegalTech 2016. (February 3, 2016).
  • “Cyber Security and Social Security.” New Jersey Society of CPAs. (January 7, 2016).
  • “Cyber Security in Health Law: Protecting Patients and Providers.” New York Law Journal Webinar. (October 20, 2015).
  • “Cyber Fraud: Fight Back!” REBNY. New York, NY. (April 23, 2015).
  • “eDiscovery Speaker Series: Responding to Government Investigations.” Driven Inc. Speaker Series. New York, NY. (April 22, 2015).
  • “Department Store Issues.” Federal Bar Association’s Fashion Law Conference. New York, NY. (March 20, 2015).
  • “Aligning the Values and Costs of Litigation Services.” Managing Litigation as a Business. Houston, TX. (February 18, 2015).
  • “The New Normal: Revisiting the Transatlantic Relationship.” International Bar Association Conference. New York, NY. (January 29, 2015).
  • “Ethics Challenges in Management of IP Litigation.” Managing Litigation as a Business. Phoenix, AZ. (January 22, 2015).
  • “Lock Out Cyber Crime: A Cybersecurity Workshop.” Barton LLP and CSA2. New York, NY. (January 13, 2015).
  • “Exploring the Security of the Internet of Things: Trust Comes First.” Internet of Things Innovation Summit. CLSA. New York, NY. (December 12, 2014).
  • “Do You Know Where Your Data Is: A Cybersecurity Workshop.” Barton LLP and CSA2. New York, NY. (December 8, 2014).
  • “Healthcare Regulatory and Litigation Readiness.” RVM Education Center. New York, NY. (September 18, 2014).
  • “HIPAA & Secure Information Governance – Myths, Realities & Practical Solutions.” Webinar. (September, 2014).
  • “Knowledge Group: Cyber Insurance – What You Need to Know in 2014.” Webinar. (July, 2014).
  • “Do the Right Thing in Cyber-Space: Ethics in the Digital Age.” Chicago Bar Association. Chicago, IL. (September, 2013).
  • “Cyber-Security: Legal Obligations, Precautions and Best Practices.” ABA Section of International Law-Israel Bar Association Joint Conference. Eilat, Israel. (May 2013).
  • “First Do No Harm: Preserving and Admitting Foreign ESI.” Georgetown Advanced e-Discovery Institute. (December, 2012).
  • “Silicon Alley South: Cyber-Compliance and Risk Management For the Burgeoning Technology Sector in South and Central America.” American Bar Association Section of International Law, Fall Meeting. (October, 2012).
  • “Where Are Your Data Tonight? Social Media and Economic Espionage.” American Bar Association Section of International Law, Spring Meeting. (April, 2012).
  • “Privilege In Electronic Communications.” New York City Bar Association. (February, 2012).
  • “Customs Stations On The Life Sciences Information Highway: Trans-Border Privacy and Data Protection.” New York State Bar Association-Ontario Bar Association Meeting. Toronto, Ontario. (March 2012).
  • “The Crossroads of Incident Response Planning and Data Breach Notification Obligations.” Master’s Conference. Washington, D.C. (October, 2011).
  • “A Perfect (Electrical) Storm: The Electronic Health Record in Litigation and Oversight Proceedings.” AHRM-NY. (December, 2010).
In The Media
Attorney Articles

Matters

Close
Cybersecurity, Data Privacy, GDPR Compliance
  • Assisted NJ Assembly with First Data Protection Bill
    • Assisted the Deputy Speaker of the New Jersey assembly in preparation of New Jersey’s first data protection and cybersecurity bill. Ken also testified as a cyber security expert before the assembly’s homeland security and state preparedness committee.
  • Negotiated GDPR-Compliant Agreements for Global Media Company
    • Represented a global media company in negotiation of service level and vendor agreements pursuant to the General Data Protection Regulation of the European Union (GDPR) and provided counsel in GDPR requirements and privacy/cybersecurity requirements of multiple U.S. states.
  • Favorably Settled Suit Involving Company Data Stolen by Employees
    • Obtained a Temporary Restraining Order, and then a favorable settlement, on the client’s behalf, in a matter in which an insurance broker’s employees stole and transferred company data in an attempt to start a competing organization.
  • Counseled Organizations Regarding Cyberattack Response
    • Counseled multiple organizations—such as fashion studios, CPA firms, law firms, hospitals and technology and media companies—on cybersecurity attack investigations, breach response, and remediation initiatives.
  • Negotiated Service Agreements with Customers and Vendors
    • Has represented security consultancies, CPA firms, media companies, and life science organizations in the negotiation of service agreements with customers and vendors from multiple countries.
  • Advised Organizations on Cybersecurity Training and Compliance
    • Has represented several multi-national organizations, providing counsel and advice on privacy and cybersecurity compliance pursuant to applicable laws and regulations including facilitation of security risk assessments; preparation of policies and procedures; and delivery and presentation of corporate training materials.
  • Negotiated Contract Focusing on International Data Transfer
    • Negotiated a contract for data collection on a global basis between a consultancy and one of the largest investment banks in the world, with a particular focus on international data transfer laws and regulations.
  • Counsel to Healthcare IT App Developers Regarding Data Protection
    • Provided counsel to healthcare IT app developers regarding solutions for secure, real-time sharing of medical information among providers.
  • Prepared Cybersecurity Protocols for NY Hospital System
    • Prepared information security, privacy, and data preservation protocols and training for a five-hospital system in New York.
  • Taught Cybersecurity Curriculum at Three Academic Medical Centers
    • Delivered Grand (teaching) Rounds at three academic medical centers on patient safety, cybersecurity, and privacy risks in the design of electronic medical records systems.
  • Conducted Health Data Privacy Training at Boston Hospital
    • Advised a Boston academic hospital system on health data preservation protocols, prepared preservation policies, and conducted work force training on the protocols.
Regulatory Investigations and Enforcement
  • Counsel to Assisted Living Facility in Audit by NYDFS
    • Represented a major assisted living facility in a cybersecurity audit by the New York Department of Financial Services.
  • Defeated Motions to Dismiss in Data Misuse/Theft Case
    • Represented an insurance broker with regard to federal and state claims concerning allegations of data misuse and theft and defeated motions to dismiss.
  • Provided FDA Remediation Training
    • Provided FDA remediation training required by audit findings at biotech corporations with regard to record-keeping and manufacturing practices.
Internal Investigations
  • Led Internal Investigation into NYC Hospital System Breach
    • Represented a New York City hospital system by leading an investigation into breach of patient information from five hospitals and disclosure onto five Internet search engines, while also coordinating breach response and reporting.
  • Led Investigation into Global Theft of Trade Secrets
    • Led investigation into and provided counsel and coordination for response to theft of trade secrets from a multi-national oil equipment manufacturing corporation, where theft originated in eleven countries.
Commercial Litigation
  • E-Discovery Counsel for U.S. District Court Litigation
    • Served as special e-discovery counsel for the preservation and production of electronic evidence from Switzerland, Germany, and Italy for U.S. District Court litigation.
  • Led E-Discover Teams in Product Liability Litigation
    • Led e-discovery teams in multi-district pharmaceutical product liability litigation.
  • Tried Multiple Cases to Verdict in State, Federal Courts
    • Tried multiple criminal, healthcare, product liability, commercial, and construction law cases to verdict in federal and state courts.
  • Obtained Dismissal of Claims in NY State Court
    • Represented an internationally-known singer and songwriter in a lawsuit arising from a concert in Europe and obtained a dismissal of the claims against him in a New York state court.
  • Co-Represented Defense in 32-Party Labor Lawsuit
    • Co-represented the defense in a thirty-two-party lawsuit in the Western District of New York arising from a months-long labor dispute.