David has assisted clients from the IT, automotive, and healthcare sectors with the establishment and maintenance of regulatory compliance programs.
He has advised clients on a range of U.S. laws and regulations, including: HIPAA/HITECH; ITAR; EAR; OFAC; FTC Section 5; and pending bills and industry standards pertaining to telematics, geo-location, connected car services, and behavioral advertising.
In addition, he has helped a number of European clients develop mechanisms for the adequate transfer of personal data from the EEA to the U.S. This has included establishing Binding Corporate Rules (BCR); negotiating European Standard Contractual Clauses (ESCC); and helping clients “self-certify” under the “Privacy Shield” framework.