Elliot Golding (CIPP/US) is a member of our Data Privacy & Cybersecurity Practice and Healthcare Industry Group leadership team, where he provides business-oriented privacy and cybersecurity advice to a wide range of clients, with a particular focus on companies handling healthcare and other personal data. He has been selected as an honoree in Global Data Review’s inaugural 40 Under 40 list, representing the best of the data law bar around the world.
Elliot partners with clients to proactively manage risk by developing and implementing information governance programs, drafting privacy and security policies, preparing and testing data breach response plans, and negotiating complex data agreements. He not only counsels clients about what the law currently requires, but also provides industry context and forward-looking advice that takes into account trends and best practices in developing areas, such as the Internet of Things and complying with the California Consumer Privacy Act. In particular, Elliot helps clients understand how personal information may be used and disclosed to support business needs so that companies can stay competitive and compliant in a rapidly evolving environment.
Elliot has also managed hundreds of breach response matters for companies through all aspects of investigation, notification, remediation and engagement with regulators (including federal regulators such as the Office of Civil Rights [OCR] and State Attorneys General). Elliot has defended clients in litigation by State Attorneys General under state security breach notification laws and the Health Insurance Portability and Accountability Act (HIPAA) and has helped clients successfully avoid enforcement actions altogether by working directly with regulators during investigations.
Elliot's practice covers a wide range of laws, regulations, industry standards and best practices, such as HIPAA and HITECH; the California Consumer Privacy Act; 42 CFR Part 2 (Federal Confidentiality of Substance Use Disorder Patient Records); Federal Trade Commission (FTC) Act and FTC guidance; state laws and guidance governing privacy, security and breach notification (such as the California Shine the Light law, Lanterman-Petris-Short Act, Confidentiality of Medical Information Act, CalOPPA, and state laws governing sensitive health information); Telephone Consumer Protection Act (TCPA); CAN-SPAM; Gramm-Leach-Bliley Act (GLBA); Children's Online Privacy Protection Act (COPPA); NIST Security Standards; and Payment Card Industry Data Security Standards (PCI-DSS).
Elliot has several appointments in the American Bar Association’s Science & Technology Law Section, including serving as the co-chair of the E-Privacy Law Committee, co-chair of the Privacy, Security and Emerging Technology Division, vice-chair of the Biotechnology, Healthcare Technology, and Medical Device Committee, and a Council Member. He also serves as a member of the Bloomberg BNA Health Care Innovations Board, is a frequent speaker and writer of thought leadership pieces, and is a Certified Information Privacy Professional (CIPP/US).
More Legal and Business Bylines From Elliot Golding
- FTC Policy Statement: Mobile Health Apps Must Comply with Health Breach Notification Rule - (Posted On Thursday, January 20, 2022)
- California Attorney General Issues Guidance on Health Data Privacy Issues - (Posted On Tuesday, October 19, 2021)
- ONC Delays Timeframes for Information Blocking and Changes To Health IT Certification Program - (Posted On Wednesday, November 04, 2020)
- Voters Approve California Privacy Rights Act - (Posted On Wednesday, November 04, 2020)
- CCPA Amended to Address HIPAA Exemption, Deidentified Data Rules - (Posted On Tuesday, October 27, 2020)
- HHS Eases Federal Substance Use Disorder Confidentiality Rules - (Posted On Thursday, August 27, 2020)
- Final CCPA Regulations Are Now in Effect – With a Few Changes - (Posted On Tuesday, August 18, 2020)
- Federal Government Issues Alert on Top Ten Cybersecurity Vulnerabilities - (Posted On Wednesday, May 20, 2020)
- CCPA Enforcement Still Imminent; Temporary Exemptions May Lapse - (Posted On Friday, April 17, 2020)
- California Attorney General Proposes Further Modifications to Proposed CCPA Regulations - (Posted On Saturday, March 14, 2020)
The National Law Review recognizes the Data Privacy and Security Practice Group at Squire Patton Boggs as a Go-To Thought Leader for their contributions related to Privacy legislation in California. With the year-long implementation of the CCPA (California Consumer Privacy Act) and the recent CPRA (California Privacy Rights Act), Squire Patton Boggs wrote consistently on CCPA compliance, including updates from the California Attorney General on changes to the CCPA, updates to CCPA Regulations and the progression of the CPRA to the ballot box and eventual law. The articles provided guidance for businesses including health care systems and financial institutions on CCPA compliance. The following NLR authors from Squire Patton Boggs were regular contributors on data privacy and security: Glenn A. Brown, Lydia de la Torre, Elliot Golding, Michael W. Kelly, Lauren Kitces, and Ann J, LaFrance.