Bill Roberts is chair of the firm’s Data Privacy and Protection Practice Group and a partner in the firm's Health Law Practice Group. Bill has extensive, practical experience counseling clients worldwide on all aspects of cybersecurity protection and incident response, from handling data breaches affecting millions of individuals, to helping publicly traded corporations, privately held businesses and not-for-profit organizations establish compliance programs under the EU General Data Protection Regulation (GDPR) and related US federal and state data privacy and consumer protection regimes.
Early in his career, Bill focused his practice on data privacy and information security issues in the health care sector, which remains one of the most highly regulated industries in the global economy. As information collection, usage, storage, management and disposal has grown to include virtually every enterprise, Bill has expanded his work to help businesses in a broad range of industries and of all types - from startups to Fortune 50 corporations - address emerging issues at the intersection of privacy, technology and the law.
Bill and his team have also advised manufacturers, retailers, media and technology companies, software and mobile app developers, educational institutions and more on the development and launch of new technology products and services. As a testament to his skill and knowledge, many of the nation’s most sophisticated insurance and pharmacy companies, hospital systems and other health care providers regularly turn to Bill for guidance.
Bill has represented clients in hundreds of national and international data breach matters of all sizes and involving a broad range of consumer and proprietary business information. In the face of a suspected or actual data breach, he helps clients understand and comply with applicable reporting requirements and provides representation during investigations before or in connection with the US Department of Health & Human Services (HHS), the Office for Civil Rights (OCR), the Federal Trade Commission (FTC), the Federal Bureau of Investigation (FBI), the Secret Service, the White House, US attorneys’ office, state attorneys general and state departments of insurance. Among recent high-profile, broad-impact matters, Bill counseled a UK company that suffered a global data breach and represented the target of one of the largest-known HIPAA “business associate” breaches (helping the client avoid any penalties).
In an era in which technology advances by the day, Bill also helps clients develop and implement data security systems and processes and negotiate vendor agreements that minimize the risk of data theft, piracy, hacking and ransomware attacks. He recognizes that no business or platform can be absolutely secured against a potential breach; as such, he works with organizations to develop proactive breach-response protocols that enable them to take immediate action and work closely with law-enforcement officials to minimize potential losses or damage. He also helps clients manage public relations issues that can arise in the context of highly publicized data security incidents
Bill’s experience spans the gamut of privacy laws and regulations, including:
- HIPAA/HITECH
- Gramm-Leach-Bliley Act (GLB)
- Telephone Consumer Protection Act (TCPA)
- EU General Data Protection Regulation (GDPR)
- New York Department of Financial Services (DFS) Cybersecurity Regulation
- Children’s Online Privacy Protection Act (COPPA)
- Federal Trade Commission Act (FTCA)
- California Consumer Privacy Act (CCPA)
- Biometrics
A thought leader in the cybersecurity space, Bill speaks and writes on a near-monthly basis on topics involving data protection and privacy, both nationally and internationally. A certified privacy professional, he has served as a featured faculty member and presenter at numerous industry events, webinars and conferences, including the National HIPAA Summit and the Model Agreements & Guidelines International (MAGI) Clinical Research Conference, and is an appointed member of the State of Connecticut’s Health Data Collaborative in addition to his many other leadership positions. Bill is regularly called upon by the media to comment on health care and privacy legal matters.
Outside of his legal practice, Bill is a father and lifelong skier.