Vincent J. Tennant

Vincent Tennant is an associate in the Privacy & Cybersecurity and Health Care Groups.

Vince’s practice focuses on data privacy and cybersecurity issues in the context of regulatory compliance, enforcement, litigation and transactions. He advises private equity, asset managers, health care, life sciences, retail and technology clients on privacy and cybersecurity compliance, cyber risk management in critical transactions and cybersecurity incident response.

Vince counsels clients on federal, state, and international privacy and security laws including California Consumer Privacy Act (CCPA), EU General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA), Children’s Online Privacy Protection Rule (COPPA) and Telephone Consumer Protection Act (TCPA).

Vince is a Certified Information Privacy Professional, Europe (CIPP/E) and a member of the New York City Bar Association’s Technology, Cyber and Privacy Law Committee.

Subscribe to all posts by Vincent J. Tennant

Department of Health and Human Services Issues Request for Information on Cybersecurity Standards

The Department of Health and Human Services (“HHS”) has issued a formal request for information from the public about how regulated entities are implementing industry recognized security practices. The request for information represents a chance for the private sector to contribute to HHS regulation. Interested parties have until June 6, 2022 to submit comments. HHS … Continue Reading

U.S. and EU Agree in Principle on New Trans-Atlantic Data Privacy Framework

By Ryan P. Blaney, Vishnu V. Shankar, Alexander Dixey and Vincent J. Tennant on March 28, 2022 Posted in Data Privacy Laws, GDPR, International, Privacy Law

In a joint press conference on March 25, 2022, U.S. President Joseph Biden and European Commission President Ursula von der Leyen announced an agreement “in principle” on a framework, called the Trans-Atlantic Data Privacy Framework (“Privacy Shield 2.0”), to replace the U.S.-EU Privacy Shield. The EU General Data Protection Regulation (“GDPR”) places restrictions on personal … Continue Reading

ONC Releases Interoperability Frameworks

By Ryan P. Blaney, Vincent J. Tennant, Whitney Phelps and Jason S. Madden on March 11, 2022 Posted in Legislation, Miscellaneous, Privacy Law

The 21st Century Cures Act directed the National Coordinator to “develop or support a trusted exchange framework, including a common agreement among health information networks nationally.” Fulfilling that mandate, the Office of the National Coordinator (“ONC”) for Health Information Technology released the “Trusted Exchange Framework and the Common Agreement” for health record interoperability. The two … Continue Reading

“Log4Shell” Vulnerability Has Potential to Compromise Millions of Devices

By Ryan P. Blaney, Will S. Chuchawat and Vincent J. Tennant on December 13, 2021 Posted in Cybersecurity, Data Privacy Laws, Invasion of Privacy, Privacy Law

Cybersecurity experts around the world are scrambling to sound the alarm about a newly discovered security vulnerability that could be used by attackers to easily infiltrate computer systems.… Continue Reading