Attorney

McDermott Will & Emery LLP, 2016 – Present; Partner, Locke Lord LLP, 2015 – 2016; Edwards Wildman Palmer LLP (then merged with Locke Lord LLP), 2011 – 2015; Partner, Edwards Angell Palmer & Dodge LLP (then merged with Wildman Harold), 2005 – 2011; Partner, Palmer & Dodge LLP (then merged with Edwards Angell), 1998 – 2005 ; Partner, Gadsby & Hannah LLP, 1994 – 1997; Partner, Schreiber & McKelway P.C., 1983 – 1994; Partner, Katz & Schreiber, 1982 – 1983; Associate, Bove Katz & Charmoy, 1980 – 1981; Chief Trial Counsel, Massachusetts Commission Against Discrimination, 1975 – 1979.

Represents companies, boards and high level executives in privacy, data protection, cyber security, employment and compliance matters. Work includes advising multi-national companies, tech, biotech, retail, financial services and other businesses on data breaches, privacy, data protection, GDPR, CCPA, PCI and compliance strategies in the US and other countries. Over the years, handled a number company internal investigations involving alleged misconduct, anti-kickback, fraud and abuse, sexual and other harassment, workplace e-mail and internet matters, as well as senior executive contracts. Has defended employment, data collection and privacy litigation in state and federal trial and appellate courts and in administrative agencies (e.g., state AG's, FTC, OCR, MCAD, EEOC, DOL). These have included innumerable sexual harassment, discrimination, wrongful termination, employment contract, non-competition, privacy, defamation, ERISA, disabilities and related matters at all levels. <br/><br/>Co-Chair, McDermott's Global Privacy and Cybersecurity Group (2016-2019), a nationally ranked practice in Chambers and Legal 500. Helps companies manage data breaches and security incidents, including PCI and credit card matters, privacy policies, "Do Not Track", GLB, HIPAA, PATRIOT Act, OFAC, ECPA, CFAA, FCRA/FACTA, CIPA, and related privacy by design and related investigations. In this context, has an international privacy practice, involving advising and constructing compliance regimes regarding E.U. data protection, GDPR and other country data protection laws, including in Latin America and Asia; global data breach notification procedures; and multi-national whistleblower hotlines. Practiced in certain health law and life science areas, such as HIPAA, physician clinical trials and group practice issues, licensure and discipline, fraud and abuse/anti-kickback, Foreign Corrupt Practices Act, and medical record privacy and data breaches, both in the U.S. and abroad. <br/><br/>Previously, was Chair for Privacy Matters of the World Law Group (WLG) for a decade to 2016. WLG is an affiliation of some 55 large law firms operating in 70 countries, and its Privacy Group addresses international data protection and data privacy regimes, whistleblower hotlines abroad, and updates of various E.U. member state and other country protocols, opinions and guidelines. <br/><br/>Was requested by the Massachusetts Flaschner Judicial Institute to give presentations to the Massachusetts judiciary on developments in employment discrimination, common law employment claims and employment case jury instructions in 2004 and 1989.

Previously on MCAD/AAA Arbitration Program Panel for discrimination cases, Boston, mid-1990's to end of program, approx. 2000. Mediated four cases under AAA administered program for Massachusetts Commission Against Discrimination, Policy 96-1 on ADR. Most other mediations have involved employment discrimination under c. 151B, Title VII, ADA, ADEA, etc. in late 1990's, and others less formally and more recently in employment and harassment matters, contract, bonus, and terminations, and the like, as well as EU/US data protection and privacy matters (referenced below). Industries included life sciences, healthcare, pharmaceutical/medical device, financial services and hospitality/hotels.

Age, sex, sexual harassment, disability, race, retaliation and other employment discrimination and common law employment issues and claims under state and federal law, in hiring, firing, and terms and conditions. Issues include shifting burdens of proof, damages, and psychiatric evidence/diagnosis, mitigation. <br/><br/>Data protection and privacy matters under U.S. law, including ECPA, FCRA, HIPAA, GLB, and under E.U. law, including E.U. data protection laws, such as France, Germany, Spain and elsewhere. Issues encompass cross-border data transfer, dual compliance with Sarbanes-Oxley and E.U. country data protection, and differing perspectives on privacy, privacy compliance, oversight and enforcement.

Many labor and employment matters, including discrimination and harassment ones, can be settled if both parties are so inclined. Identifying the commonality of interests or intersection of the parties' respective positions and goals is often key to this process. The plaintiff may need to be "heard" before resolution is possible and the company may be willing to resolve the matter on reasonable but not excessive terms. In the submissions and risk assessment, I expect the parties in these cases to give rigorous attention to applicable burdens of proof and actual expected evidence. <br/><br/>In EU and other data protection matters for companies with global or multi-national operations the key is reconciling the different laws, practices and compliance concerns while being sensitive to various cross-border and cross-cultural approaches to the same or similar dilemmas.

Harvard University (JD-1972); University of Michigan (BA, with distinction-1969).

Admitted to the Bar: Massachusetts (1972); U.S. District Court: District of Massachusetts (1973); U.S. Court of Appeals: First (1976) and Sixth (1984) Circuits; U.S. Supreme Court (1979).

Boston Bar Association (Steering Comm., Privacy, Cybersecurity and Digital Law Section, 2018-present; co-founder and past Co-Chair, Privacy Law Section). Member, International Association of Privacy Professionals (IAPP) for last decade; Previously: Massachusetts Bar Association (Labor and Employment Section Council; Health Law Section: Labor Section; Subcommittee on Drafting Sexual Harassment Guidelines issued 2002, Management Co-chair); Boston Bar Association (Labor/Equal Employment Opportunity Committee).

Has given more than 250 lectures and presentations, in the US and a number of countries, to bar and bench associations, insurance companies, compliance organizations, privacy officers, and personnel groups on data breach management, privacy, data protection, SOX hotlines abroad, employment law and litigation, damages, jury instructions, sexual harassment and other investigations, arbitration of employment disputes, healthcare fraud and abuse, and privacy generally (HIPAA, email practices, GLB, CAN-Spam, EU data protection), and other compliance topics. See https://www.mwe.com/en/team/s/schreiber-mark-e?currenttab=thought-leadership. Articles and speaking engagements include: "To Scan or Not to Scan: Surge in Lawsuits under Illinois Biometrics Law", November 7, 2017, article; "Irish Court Casts Serious Doubt on EU Model Clauses", October 10, 2017, article; "New York's Cybersecurity Requirements Post Multi-Year Compliance Challenges", September 20, 2017, article; "Global Privacy & Cybersecurity Compliance Strategies Series - Part Two: Asia and the Rest of the World", September 12, 2017, article; "Privacy Shield Implementation and How-To Kit from McDermott Will & Emery", August 2017, article; Practising Law Institute, "Can You Really Use That Data? Potential IP and Data Privacy Pitfalls in Big Data Agreements,April 12, 2017, webinar; "Privacy Shield - A "How-to" Guide on Navigating its Process, Risks and Opportunities", March 23, 2017, article; "Cyber Diligence and Risk Mitigation in M&A - Global Privacy & Cybersecurity Webcast Series", March 22, 2017; "Privacy Shield - Global Privacy & Cybersecurity Webcast Series", March 8, 2017; "Privacy Shield - A "How-to" Guide on Navigating Its Risks and Opportunities", September 8, 2016, video; Co-author, "Use and Transfer of Medical and Clinical Data in Greece," Nephrologists' Conference, Greece, August 2007; "New German SOX Whistleblower Guidelines: Some Help for US Companies," EAPD CLIENT ALERT, May 2007; contributing author, "Drafting Employment Documents in Massachusetts," MCLE, Inc., Liebowitz, ed., 1997, 1999, re-published, 2006; co-author, "Reducing the Risk of Whistleblower Complaints," RISK MANAGEMENT MAGAZINE, November 2006; co-author, "Privacy Rules of Whistleblower Complaints and Investigations," LABOR & EMPLOYMENT BULLETIN, Edwards Angell Palmer & Dodge, Summer 2006; co-author, "Anti-Kickback Laws Pose Risk to Health Care Deals," VENTURE CAPITAL JOURNAL, vol. 6, June 2006; co-author and chapter author, "Anonymous Sarbanes-Oxley Hotlines for Multi-National Companies: Compliance with E.U. Data Protection Laws," chapter 9, THE PRACTITIONER'S GUIDE TO THE SARBANES-OXLEY ACT, vol. ii, American Bar Association text, May 2006; "Compliance with Sarbanes-Oxley in the European Union Made Easier: Update on French CNIL Whistleblower Guidelines and New Online Authorization Process," BNA INTERNATIONAL WORLD SECURITIES LAW REPORT, January 2006; co-author, "Anonymous Sarbanes-Oxley Hotlines in the EU: Practical Compliance Options for Global Companies," BNA WORLD DATA PROTECTION REPORT, August 2005, BNA PRIVACY & SECURITY LAW, September 2005; co-author, "Federal Anti-Kickback Law Applied to Medical Device and Biotech Companies," Palmer & Dodge LLP publication, July 14, 2005; co-author, "Privacy Update - News and Information on Privacy, Security, and Electronic Transactions," Palmer & Dodge LLP publication, March 12, 2004.

$1,320 Per Hour

English

United States of America

Boston, MA