Article Detail

News & Knowledge

Officers and Directors May Be on the Hook for Data Breaches

November 05, 2021

Drew Sorrell has authored an article entitled "Officers and Directors May Be on the Hook for Data Breaches" for Orlando Inno, a multi-media platform launched in partnership with the Orlando Business Journal that covers headlines focused on innovation, technology and Central Florida startups.

In the article, Sorrell discusses the increasing trend to target officers and directors – personally – when companies that fail to enact and enforce good privacy policies plainly stating how information will and won’t be used. 

"In 2021 and beyond, a company’s CEO, officers and directors must understand that their corporate duties include the responsibility to meaningfully oversee privacy and the use of collected data and assure that reasonable security is in place. Simply assigning someone to write and post a privacy policy is insufficient. Simply handing-off security to the director of information technology is no longer enough. Rather, privacy and security now essentially require a cultural shift in organizations."

Read the Article: Officers and Directors May Be on the Hook for Data Breaches


This article is informational only. You should consult an attorney before acting or failing to act. The law may change rapidly and no warranty is given. LOWNDES DISCLAIMS ALL IMPLIED WARRANTIES AND WITHOUT LIMITATION, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE. ALL ARTICLES ARE PROVIDED AS IS AND WITH ALL FAULTS. Consult a Lowndes attorney if you wish to establish an attorney/client relationship.
Drew

Drew Sorrell is a seasoned business lawyer with particular expertise in technology, cybersecurity and privacy issues. With an MBA in marketing and finance, he approaches clients’ legal issues with both a practical business bent and a self-described geeky love of technology.

Drew enjoys working with CLO’s, CIO’s, CTO’s and technology owners at businesses of all sizes in every phase of their legal needs. He assists them on the front end, drafting and negotiating software licenses, Internet service provider agreements, data privacy/breach policies and procedures, and employment/services agreements as well as the indemnity and insurance coverage related to those agreements. He advises clients on the GDPR and state-specific regulations, penetration testing and security audits. He also has years of experience handling matters when things go wrong, including data breaches, privacy issues and other technology or software problems.

A founding member of the Sedona Conference Group 11 (Privacy/Data Security), Drew is frequently asked to speak and write on legal and ethical issues arising from technology, including unfair and deceptive trade practices, data breach, privacy, data governance, and technology contract drafting. He is chair of the firm’s multi-disciplinary Data Governance Group as well as the past chair of the Orange County Bar Association’s Intellectual Property, Business Law and Technology Committees.

Outside the technology arena, Drew has substantial expertise in both contracts and commercial litigation. In addition, he has experience assisting clients with government contracting. Drew began his legal career as a judicial clerk to Senior United States District Judge John H. Moore II, in Jacksonville, Florida, and then practiced with an AmLaw top 10 firm in Manhattan. After a stint as an assistant county attorney responsible for day-to-day legal advice and litigating civil issues for the county, Drew returned to Lowndes. Drew is admitted to practice in Florida, New York and the District of Columbia.

Born in Florida, Drew roots for his adopted football team—the FSU Seminoles (because neither Rollins nor George Washington has a football team). He is a proud father of two sons who play basketball and soccer, make great grades and generally keep him on his toes.

Meritas Law Firms Worldwide logo
Do Your Part Logo