- December 20, 2024
Loading
Attorney Hilary Lane spent 14 years of her career at NBCUniversal, the media colossus — now owned by Comcast — that includes such holdings as the NBC television network and its affiliated properties, streaming service Hulu, movie studio Universal Pictures and the Universal Studios theme parks.
As chief privacy officer, she worked at the company’s famous headquarters in the heart of Manhattan, at 30 Rockefeller Plaza, or “30 Rock,” as it’s known.
But Lane, 56, and her husband, a private chef, yearned for a change of scenery — and that was before the coronavirus pandemic exploded in New York and other northeast states in the spring.
“We wanted to get somewhere warm,” she says. “My husband, he’s mobile; he’s got a business that he can just transfer somewhere else.”
“I encourage my clients to train their employees on phishing because the more awareness you raise, the lower the risk of [a data breach] happening.” Hilary Lane, partner at Quarles & Brady in Tampa
Lane considered a range of in-house and private practice opportunities before accepting an offer from Quarles & Brady, a law firm with a growing data privacy and security practice group at its Tampa office. She joined as a partner in April but only recently moved to the city, leaving her longtime home in New Jersey behind.
While a new career challenge for Lane, who has spent the bulk of her career handling data privacy and cybersecurity cases for one of the world’s largest media conglomerates, her move to town is also a big get for the firm — and for Tampa.
Mark Kornfeld, a partner at Quarles & Brady who she’s known for many years, “sang the praises” of Tampa as a place to live and work, particularly for lawyers who practice in areas like hers. (Kornfeld, prior to joining Quarles & Brady, was part of the Madoff Recovery Initiative, the legal team that helped recover some $13 billion for victims of Bernie Madoff’s fraudulent investment schemes.)
“I got to know the [Quarles & Brady] privacy team and was impressed by them and impressed by the platform,” Lane says. “I felt like I could kind of help launch it, grow the practice with my numbers, and frankly, the fact Mark was here and spoke so highly of it, … I knew I could trust Mark and how happy he was with the firm.”
At Quarles & Brady, Lane says she’ll represent clients nationwide but intends to focus on adding more Florida and Gulf Coast clients to her practice. She believes the depth and breadth of her expertise in some of the most stringent data privacy laws — such as the European Union’s General Data Protection Regulation and the California Consumer Privacy Act — will be an asset to the local business community because as more commerce is conducted online, companies collect data from all over the world and must be aware of the rules and regulations that govern how they handle that information.
“Businesses all have privacy policies,” Lane says, “but there are new requirements around what you need to put in a privacy policy. You have to include very specific information about California consumers’ rights because — and this is similar to the GDPR in the EU — California consumers now have the right to ask you to delete their information. They have the right to ask you for access to certain information that you hold about them.”
She adds, “Companies need to not only disclose those rights but also have a mechanism in place for when consumers invoke those rights. … You have to have processes in place to make sure you know where their data is.”
In Lane’s experience, phishing is the biggest threat to companies’ data security, and it’s a problem that’s only gotten worse because of the COVID-19 crisis and subsequent rise in remote work. Hackers know employees might be more lax when working from home, so they’re making more attempts, blasting out scam emails about coronavirus testing, for example, that contain harmful links. "I encourage my clients to train their employees on phishing because the more awareness you raise, the lower the risk of [a data breach] happening,” Lane says.
Vendors are another problem area, Lane says. Companies can harden and secure data networks as much as they want, but if vendors who handle customer information don’t adhere to the same standards, it can all be for naught.
“Make sure your vendors have appropriate security,” Lane says. “There are things you can do about that in your contracts.”