Scot Ganow

Scot is a partner at Taft and is chair of the firm’s Privacy, Security and Artificial Intelligence Practice.  As a former chief privacy officer leveraging more than 10 years of management and compliance experience in Fortune 500 companies prior to law school, Scot brings a diverse business background to his practice at Taft.  Scot represents clients in a variety of sectors, including consumer reporting, construction, healthcare, broadband services, and manufacturing. Scot assists clients in all areas of the data life cycle and governance, including:

• Policy development, implementation, assessment, and training.
• Identifying, evaluating, and managing privacy and security risks.
• Third-party management, including onward transfer agreements and audits.
• Data breach and incident response management and counseling.

• Speaker, “Building Your Privacy Toolbox,” ACC Chicago Summit, Sept. 14, 2023.
• Speaker, “Operational Security: The Threat and Legal Landscape,” Siemens Cyber Smart Series, June 7, 2022.
• Co-presenter, “Event + Response = Outcome. How you should respond when your network is compromised,” Cyber webinar with Cincinnati Chamber of Commerce, Feb. 17, 2022.
• Co-Presenter, “The U.S. Government’s Cybersecurity Guidance and Requirements: Why All Businesses Should Take Note,” Lexology webinar, Oct. 28, 2021.
• Co-Author, “COVID-19 Bulletin: Online Schooling Data Privacy Concerns and Best Practices During the Pandemic,” Taft Privacy & Data Security Insights Blog, April 1, 2020.
• Author, “COVID-19 Bulletin: California Attorney General: CCPA Enforcement Will Not Be Delayed Due to COVID-19,” Taft Privacy & Data Security Insights Blog, March 25, 2020
• Co-Author, “COVID-19 Bulletin: Balancing Privacy and Public Health Needs,” Taft Privacy & Data Security Insights Blog, March 16, 2020
• Author, “COVID-19 Bulletin: Sending Employees Home? Don’t compromise information security in the process,” Taft Privacy & Data Security Insights Blog, March 13, 2020
• Co-Author, “So goes the EU, so goes the world….Brazil’s new privacy law is on the horizon,” Taft Privacy & Data Security Insights Blog, March 5, 2020.
• Co-Author, “How am I supposed to do this? Part Deux: California Attorney General issues CCPA modifications,” Taft Privacy & Data Security Insights Blog, March 2, 2020.
• Author, “Happy Data Privacy Day! Is this really a thing?” Taft Privacy & Data Security Insights Blog, Jan. 28, 2020.
• Author, “Business Considerations: California Consumer Privacy Act,” Taft Privacy & Data Security Insights Blog, Dec. 9, 2019.
• Presenter, Cyber Security Forum, ComSpark Innovation Tech Summit, Oct. 8, 2019
• Co-Author, “California Raisin’ the Stakes: Final CCPA Amendments Pass CA Legislature,” Taft Privacy & Data Security Insights Blog, Oct. 7, 2019.
• Author, “Kiss that money goodbye! Why you must scrutinize payment processing changes at every level of your business,” Taft Privacy & Data Security Insights Blog, July 23, 2019.
• Presenter, “Preparation for and Breaches in Cyber Security for All Sized Units,” Indiana Municipal Lawyers Association’s Municipal Law Seminar XXXVI, June 21, 2019.
• Facilitator, “Data Security – Policy and Legal Issues,” Technology First, May 22, 2019.
• Panelist, “Government Contracts: What happened in 2018 that you need to know,” Dayton Chamber of Commerce/Dayton Metro Library, Dayton, Ohio , April 9, 2019.
• Panelist, “Privacy and Confidentiality in the Age of Facebook,” Ohio Information Security Conference, March 13, 2019.
• Co-Author, “A Lesson in Strong Cyber Diligence in Mergers,” Taft Law Bulletin, Dec. 5, 2018.
• Author, “Yet Another Facebook Breach: Use this opportunity to get smart about your online privacy and security,” Taft Privacy & Data Security Insights Blog,, Oct. 16, 2018.
• Speaker, “Lessons Learned After Five Months of GDPR,” IAPP Knowledge Net-Cincinnati, Oct. 2, 2018.
• Panelist, “Cyber Security Forum,” Cincinnati Business Courier, July 12, 2018.
• Presenter, “Cyber Security,” Little Miami River Chamber Alliance’s Chamber Chew Series, May 23, 2018.
• Presenter at Big Data and the Convergence of IT and Biology Event, May 18, 2019.
• Presenter, “Doing Business with Europe? Ready for the Fine in May? GDPR and the New Cost of Doing Business with the EU,” Grant Thornton and the British-American Chamber of Commerce Business Breakfast Briefing, March 2, 2018.
• Author, “Choose to See Data Governance Differently,” Technology First, Sept. 26, 2018.
• Speaker, “Agreements Involving PHI,” Privacy + Security Forum, Washington, D.C., Oct. 24, 2016.
• Speaker, “The Humanity in Privacy,” TEDx Dayton, Victoria Theater, Dayton, Ohio, Oct. 13, 2016.
• Speaker, “10 years of Data Breach,” Ohio Information Security Conference, Dayton, Ohio, March 9, 2016.
• Speaker, “Getting in Shape for Breach Season,” Indiana University Cybersecurity Summit, Sept. 15, 2015.
• Speaker, “Managing the Mobile Workforce: Beyond BYOD”, IAPP Global Privacy Summit, Washington, D.C., April 2015.
• Author, “Model Omnibus Privacy Statute,” University of Dayton Law Review, Vol. 35, No. 3, Sept. 6, 2011.