About Robert Hudock

Robert Hudock

Robert J. Hudock
Associate
rhudock@ebglaw.com

Mr. Hudock has been at the forefront of information privacy, information security, data mining/aggregation, and the forensic practice areas for the last eight years. During this time, he has regularly advised leading financial and health institutions, as well as innovative startup companies, on identifying, evaluating and improving the security posture and mission critical processes of their organizations. Most recently, he has assisted Fortune 500 clients with their security and risk analysis obligations under U.S., Canada, and European Union (“EU”) law.

Mr. Hudock regularly:

• Conducts risk assessments and IT audits for health care and financial services companies following HIPAA, FDIC, Federal Reserve Bank (FRB), OTS, OCC Information Security Guidelines, Gramm-Leach-Bliley Act (GLBA), and other best practices;
• Designs and implements cost-effective strategies for managing electronic documents, including collecting, preserving, reviewing, analyzing and producing electronic data. Mr. Hudock has broad knowledge of e-Discovery hardware and software technologies, including (traditional) Boolean, conceptual, clustering, and taxonomic search methodologies;
• Advises clients regarding privacy and security legislation: Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Regulations; Gramm-Leach-Bliley Act; European Union Commission’s Directive on Data Protection (95/46) and the Department of Commerce’s EU Safe-Harbor; the Personal Information Protection and Electronic Documents Act (Canada); the US Patriot Act; Sarbanes-Oxley; State-based security breach notification legislation (both acquisition- and risk-based variations); OIG Corporate Integrity Agreements and Medicare and Medicaid Patient Protection Act of 1987 (the “Antikickback Statute”); and NIST/ ISO privacy and security standards; and
• Manages computer security incidents for various clients in both the health care and financial sectors. His work also includes performing and creating procedures for system security audits, penetration tests, and vulnerability assessments to define real metrics by which an organization can evaluate and demonstrate their privacy and security due diligence.

In addition to graduating at the top of his class at Cornell Law School, Mr. Hudock is a Certified Information Systems Security Professional (CISSP). He was awarded this information technology security audit certification by the International Information Systems Security Certification Consortium (see www.isc2.org). He has held this certification for almost six years. Mr. Hudock is also certified by the National Security Agency to perform INFOSEC Security Methodology (IAM) audits under FISMA. Finally, Mr. Hudock is also a Certified Ethical Hacker. The Certified Ethical Hacker (CEH) certification is a professional certification provided by the International Council of E-Commerce Consultants. Mr. Hudock is a skilled security and legal professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker to secure client’s information systems. Most noteworthy, Mr. Hudock has also won the internationally recognized capture the flag for the last two years. This competition is held each summer in Las Vegas at Defcon.

• Litigation/Government Investigations
• Privacy, Security and HIPAA Compliance

EDUCATION

J.D. , Cornell Law School, cum laude, 2000

B.S. , St. Lawrence University, cum laude, 1996
BAR ADMISSIONS
District of Columbia
New York

MEMBERSHIPS

American Health Lawyers Association

Member – Information Systems Security Association (ISSA)

Member – ISC2 (CISSP)

Sedona E-Discovery Working Group, Member

Healthcare Information and Management Systems Society (HIMSS)

EU Council Certified Ethical Hacker (CEH)