Mr. Segalis provides advice on compliance with:

• GLB (including Privacy and Security Rules, and the Interagency Guidance)
• FCRA (including the Affiliate Sharing and Marketing Rules, and the Red Flags Rule)
• State financial privacy laws (including California and Vermont)
• State information security breach notification laws, SSN and driver's license number protection laws, online privacy laws, and information security laws and regulations
• CAN-SPAM
• FTC and FCC telemarketing regulations
• FTC behavioral marketing guidelines
• The Privacy Act (including OMB guidance)
• FISMA (including NIST regulations)
• The Privacy Rights Act
• Communications monitoring laws and regulations (including ECPA, SCA, FINRA Rules and state common law privacy rights)
• PCI DSS
• Cross-border data transfer requirements (including U.S. Department of Commerce Safe Harbor framework and Model Clauses)

• Advised on an acquisition from an entity in bankruptcy of a customer database containing detailed and highly confidential personal information; counseled the client on re-launching the business and engaging former customers
• Advised one of the country's largest insurers on implementing an electronic communications monitoring program for agents and employees
• Counseled one of the nation's largest health maintenance organizations regarding handling an information security breach, including compliance with the requirements of the HITECH Act
• Advised a credit card company on implementing a data protection compliance program in the European Union
• Advised a credit card company on all aspects of developing a Safe Harbor compliance program; counseled the company on the development and world-wide launch of new marketing, information analysis and fraud prevention products and services
• Assisted an investment bank in all aspects of compliance with the FCRA Red Flags Rule, including the development and implementation of a comprehensive identity theft prevention program, and provided ongoing compliance counseling
• Counseled a lender on compliance with GLB, FCRA and state financial privacy requirements (including preparation and revision of privacy notices) in connection with changes in customer information practices
• Advised a national mortgage insurance company on compliance with GLB and state financial privacy requirements in connection with the launch of a borrower assistance program and associate e-commerce portal
• Counseled a national mortgage association and a government-held loan guarantor on compliance with the Privacy Act and FISMA (including relevant OMB guidance and NIST regulations) in connection with the launch of several TARP-mandated borrower assistance programs
• Advised a large national bank on compliance with employee monitoring requirements, including ECPA, SCA, state privacy laws and FINRA Rules, in connection with the launch of an instant messaging system and expansion of employee monitoring programs
• Advised companies in a variety of industries on compliance with privacy laws and regulations in connection with employee investigations
• Assisted companies in handling information security breaches, including (i) analyzing incidents under state breach notification laws, GLB regulations and, where applicable, the PCI DSS, (ii) determining notification requirements with respect to affected individuals, government authorities and other relevant entities, and (iii) responding to state and federal investigations
• Advised a leading computer manufacturer on privacy and information security aspects of several acquisitions of software companies and launches of e-commerce products
• Counseled a publisher on a variety of email marketing campaigns, monetization of marketing lists and data protection aspects of corporate restructuring
• Advised a global fashion brand on the development and launch of mobile applications
• Advised a global electronics company on the development and launch of an activity-monitoring product and associated e-commerce portal
• Advised retailers and e-commerce website operators on compliance with PCI DSS obligations
• Worked closely with data protection counsel world-wide to assist a variety of clients, including diversified manufacturers and global fashion brands, in launching and enhancing brick-and-mortar and e-commerce operations worldwide
• Drafted and negotiated privacy and information security agreements in connection with outsourcing transactions (including behavioral marketing and financial services) that involved access to personal information
• Assisted companies in implementing global enterprise-wide privacy and information security programs, including conducting complex assessments and analyses of existing privacy and information security practices, preparation of privacy and information security documentation governing the processing of human resources and consumer data, and implementing training programs

• Associate, Dewey Ballantine LLP, 2003-2007
• Project Engineer, Pratt & Whitney, UTC, 1996-2000

• Volunteer welfare advocacy attorney for the City Bar Justice Center's Legal Clinic for the Homeless
• Successfully represented an autistic child against the New York City Department of Education on claims of denial of appropriate education
• Represented indigent defendants in federal criminal proceedings
• Successfully represented clients in immigration asylum proceedings

• J.D., New York University School of Law, 2003
  
• B.M.E., Georgia Tech, 1996
  

• Russian (fluent)