Media Mentions
2011
“Robocalls Gaining Popularity”
Fox 25 Boston, November 8, 2011
Heather Egan Sussman explained in this televised interview that automated, pre-recorded informational “robo-calls” for charities or political candidates are not covered under federal telemarketing rules and “Do Not Call” registries. This means that callers “don't need prior written permission [the consumers] to recieve those calls. Because this is “a gray area,” Ms. Sussman said, “what we have seen over the last few years is the emergence of companies that are for hire and able to send out these types of pre-recorded phone calls.” Click here to view the full segment.
Heather Egan Sussman, Employee Benefits, Global Data Privacy Programs
“SEC Guidance on Cybersecurity Aims to Keep Investors Informed”
Corporate Counsel, October 18, 2011
Amy Leder said that new SEC guidance for companies to disclose material cybersecurity risks calls for answering the potential investor’s question, “When I’m investing in your stock, is this something I need to worry about?” In particular, she noted, if a real or potential incident “rises to the level of materiality,” it might warrant disclosure in Form 10-Q and 10-K filings. Heather Egan Sussman called disclosing the right amount of information about cyber risks a “balancing act,” in which the many companies that already undertake a “normal evaluative process” to assess those risks will have the job of “translating it into their public-facing documents.”
Amy S. Leder, Heather Egan Sussman, Corporate, Employee Benefits
“Privacy Breaches Leave State Agencies Open to Liability”
Law360, October 6, 2011
Heather Egan Sussman, noting that data security breaches by hackers against state and local government agencies are increasing, called such organizations “vulnerable entities, and yet these entities have some of the most sensitive data on citizens.” Although officials acting in good faith generally cannot be sued, she warned that they may in some instances be held personally liable for a data loss if they are found negligent. Ms. Sussman advised local governments to follow the federal data security lead “by coming up with a uniform set of guidelines. There hasn’t been the same coherent strategy for state and local agencies, but there should be.”
Heather Egan Sussman, Employee Benefits, Global Data Privacy Programs
“Global Privacy Laws Advance to Keep Pace with EU”
Law360, August 16, 2011
Heather Egan Sussman pointed out that new technologies such as cloud computing are leading other countries to implement strict data privacy rules like those of the European Union. “Jurisdictions that want to attract this aspect of e-commerce face obstacles if they do not have an adequate regulatory environment,” she stated, adding that “demanding greater privacy protections” allows these countries to attract new business that meets EU standards. Henry Chen of MWE China Law Offices agreed, noting that Thailand, for example, is strengthening its privacy regime, which now only applies to the public sector.
Heather Egan Sussman, Employee Benefits
“EU ‘Right to Be Forgotten’ Only Good in Theory: Attys”
Law360, August 10, 2011
Heather Egan Sussman suggested that the European Union proposal to force businesses to erase all traces of consumer’ electronic data at their request “could actually make the chasm between the EU and the U.S. much wider” in terms of data privacy requirements. “The goal, I think we can all agree, is to try to bring the U.S. and the EU closer,” she added. “I think there’s no question that uniformity in the law helps business. Lack of uniformity only helps the lawyers.”
Heather Egan Sussman, Employee Benefits
“Local and State Agencies More Vulnerable to Hacker Attacks”
Los Angeles Times, August 9, 2011
Heather Egan Sussman explained that until now state and local government agencies “were not viewed as being in particular risk of being targeted by hackers,” so their “focus has not been on IT security to the same degree that the more visible and the larger entities have paid to it.” Ms. Sussman added that although these agencies can seek more funding for security experts, updated hardware and software, and training, “if you have one employee at work who double-clicks a link and inadvertently downloads malware, the hacker can be off and running.”
Heather Egan Sussman, Employee Benefits
“Experts: Small Targets No Match for Savvy Hackers”
Associated Press, August 8, 2011
Heather Egan Sussman, assessing the risk that hackers pose to state and local government computer systems, stated that even though these government computers “are housing some of the most sensitive data about citizens and residents, … what we’re seeing are state and local agencies that are underfunded, overworked, overstressed” and unable to afford the data privacy measures they need.
Heather Egan Sussman, Employee Benefits
“India Privacy Rules Raise Alarms”
Compliance Week, June 14, 2011
Heather Egan Sussman called new data privacy rules in India “a major development, particularly for companies that outsource to India where the business involves sensitive personal data as defined by this law.” Ms. Sussman said the law puts “its own spin” on such concepts as notice, consent, opt-in and data security, which “may make it difficult to proceed with business as usual.”
Heather Egan Sussman, Employee Benefits
“High Profile Data Breaches Raise Security Alerts”
Compliance Week, May 3, 2011
Heather Egan Sussman warned companies about “the major costs and risks” from an online criminal security breach, saying, “It’s not just that they’re stealing your money or stealing your trade secrets, they can disrupt your entire business for days.” She urged “addressing the human element” as an important defense strategy, such as training employees not to open emails with infected attachments or not to use wireless Internet connections to company data systems that hackers can exploit in public places. Ms. Sussman said hackers are no longer interested in “the smash and grab … [for] one or two credit card numbers” – they are “waiting for the big hit.”
Heather Egan Sussman, Employee Benefits
2010
“New Mass. Law Sharply Restricts Initial Questions about Job Applicants’ Criminal History”
The National Law Journal, November 30, 2010
Heather Egan Sussman stated that the new state law’s focus on job applications “is problematic for employers who don’t conduct interviews for certain positions” but instead carry out the hiring process “all in writing back and forth.” She noted other difficulties, such as a state agency fact sheet that extends the ban on criminal history questions to state residents’ out-of-state job applications even though “the legislation doesn’t say anything about jobs outside of Massachusetts.” However, Ms. Sussman advised that “employers are wise to follow guidelines in the fact sheet lest they face an enforcement action in court.”
Heather Egan Sussman, Employee Benefits
2007
Daniel Curto, Melissa Nott and Heather Sussman have been named Massachusetts Rising Stars by Super Lawyers. This list features the results of a poll determining the most highly recognized lawyers under the age of 40 and was published in the recent issue of Boston Magazine.
Daniel A. Curto, Melissa Nott Davis, Heather Egan Sussman, Corporate, Trial
