Business Texts on Personal Phones and Compliance Risks: Navigating Discovery, Liability, and Regulatory Pitfalls in the Digital Age

Mike Overly | Foley & Lardner LLP

Michael R. Overly focuses his practice on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies. He counsels clients in the areas of technology acquisition, information security, electronic commerce, and online law. Michael is a partner in the firm’s Technology Transactions, Cybersecurity, and Privacy and Privacy, Security & Information Management Practices.

Michael is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information System Auditor (CISA), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified Risk and Information System Controls (CRISC), and Certified Outsourcing Professional (COP) certifications.

Ryan Band | Crowell & Moring LLP

Ryan Band, a Litigation and Health Care associate at Crowell & Moring LLP, has nearly a decade of experience managing e-discovery for substantial government investigations and civil matters. He helps clients navigate complex problems, providing practical, timely, and defensible solutions across a variety of issues. Ryan prides himself on his ability to translate complex legal concepts into accessible information, making him a valuable resource to both seasoned professionals and those new to the field.

Ryan is deeply committed to pro bono and community service, dedicating time to representing criminal defendants, handling civil matters, and advocating for veterans. Currently serving on the DC Bar Litigation Community Steering Committee, he is excited to help foster community engagement among legal professionals.

I. Statutory framework and civil discovery requirements | 1:00pm – 1:15pm

• Statutory framework for regulated entities
• Relevant laws and regulations
• Key statutes
• Civil discovery requirements
• Discovery process in civil litigation
• Statutory obligations for discovery
• Preservation of evidence and data

II. Background: How the investigation got started | 1:15pm – 1:30pm

• Common triggers for regulatory and legal investigations
• How investigations unfold in regulated industries
• Early steps in managing legal risks and compliance

III. Liability for regulated entities | 1:30pm – 1:45pm

• Liability risks for corporations and regulated entities
• Case studies and examples of liability
• Impact of violations on business operations
• Mitigating risks through compliance programs

IV. Liability for employees | 1:45pm – 2:00pm

• Employee responsibilities under regulatory and civil law
• Liability considerations for individual employees
• Personal and corporate accountability
• Defending employee actions in legal and compliance context

Break | 2:00pm – 2:10pm

V. New best practices | 2:10pm – 2:20pm

• Navigating texting for work purposes
• Establishing clear guidelines for communication
• Legal risks of informal communications
• How texting can affect discovery in litigation
• Keeping between the “Navigational Beacons”
• Identifying and maintaining boundaries for risk mitigation
• Structuring communications to stay within compliance
• Effective training and awareness

VI. Areas of potential liability | 2:20pm – 2:35pm

• Common liability pitfalls in compliance and discovery
• Understanding the scope of liability for business and employees
• Common mistakes that lead to legal and regulatory violations
• Strategies to identify and avoid liabilities

VII. The critical role of compliance | 2:35pm – 2:50pm

• How compliance programs prevent liability and protect business interests
• Importance of proactive vs. reactive compliance strategies
• The relationship between compliance and legal departments
• Integrating compliance across the organization

VIII. Practical considerations for maintaining legal and regulatory compliance | 2:50pm – 3:10pm

• Building and implementing an effective compliance program
• Practical steps to avoid liability in daily operations
• Using technology for compliance monitoring and reporting
• Handling disputes and investigations with confidence