Scot is chair of the firm’s Privacy and Data Security Practice. As a former chief privacy officer and leveraging more than 10 years of management and compliance experience in Fortune 500 companies, Scot brings a diverse business background to his privacy and data security practice. Scot has represented clients in a variety of sectors, including consumer reporting, construction, healthcare, and manufacturing. Scot assists clients in all areas of the data life cycle, including:
- Policy development, implementation, assessment and training.
- Identifying, evaluating and managing privacy and security risks.
- Third-party management, including onward transfer agreements and audits.
- Data breach and incident response management and counseling.
Scot assists clients in dealing with a variety of data governance regulations, including GDPR, HIPAA, GLBA, FCRA, and state laws governing personally identifiable information, such as CCPA. Scot counsels clients on compliance with various information security standards, including PCI-DSS for credit card data, ISO and NIST. Scot also represents clients in responding to information security events, including data breach. Scot holds the Certified Information Privacy Professional (“CIPP/US”) certification and has presented and written extensively on the topics of data protection and de-identification, and moderated panels on privacy. Scot has spoken in Washington, D.C., at the Global Summit of the International Association of Privacy Professionals, and the Privacy + Security Conference. Scot was also a speaker at TEDx Dayton 2016 at the Victoria Theater, where he spoke on the “Humanity in Privacy.”
In addition to his data privacy and security practice, Scot also has experience with intellectual property matters as a patent attorney. He also counsels clients on general business law matters.
Scot attended the University of Dayton School of Law, where he currently serves as an adjunct professor of law. He clerked for the University of Dayton general counsel's office and the Cincinnati Reds general counsel. Scot is admitted to practice in the state of Ohio, in the U.S. District Court for the Southern District of Ohio and before the United States Patent and Trademark Office.
Scot has served as an enlisted soldier and officer in the Army National Guard for 11 years. He has also worked as a football official since 2007, officiating football at the high school and collegiate levels.
Honoree, Ohio Super Lawyers Rising Stars, Technology Transactions
(2019 - 2020)
All Service Areas
- University of Dayton School of Law (2009)
- Baylor University (B.A. Biology) (1994)
- State - Ohio
- Federal - United States Patent and Trademark Office
Speeches and Publications
- Speaker, "Operational Security: The Threat and Legal Landscape," Siemens Cyber Smart Series, June 7, 2022.
- Co-presenter, "Event + Response = Outcome. How you should respond when your network is compromised," Cyber webinar with Cincinnati Chamber of Commerce, Feb. 17, 2022.
- Co-Presenter, “The U.S. Government's Cybersecurity Guidance and Requirements: Why All Businesses Should Take Note,” Lexology webinar, Oct. 28, 2021.
- Co-Author, "COVID-19 Bulletin: Online Schooling Data Privacy Concerns and Best Practices During the Pandemic," Taft Privacy & Data Security Insights Blog, April 1, 2020.
- Author, "COVID-19 Bulletin: California Attorney General: CCPA Enforcement Will Not Be Delayed Due to COVID-19," Taft Privacy & Data Security Insights Blog, March 25, 2020
- Co-Author, "COVID-19 Bulletin: Balancing Privacy and Public Health Needs," Taft Privacy & Data Security Insights Blog, March 16, 2020
- Author, "COVID-19 Bulletin: Sending Employees Home? Don't compromise information security in the process," Taft Privacy & Data Security Insights Blog, March 13, 2020
- Co-Author, "So goes the EU, so goes the world….Brazil’s new privacy law is on the horizon," Taft Privacy & Data Security Insights Blog, March 5, 2020.
- Co-Author, “How am I supposed to do this? Part Deux: California Attorney General issues CCPA modifications,” Taft Privacy & Data Security Insights Blog, March 2, 2020.
- Author, “Happy Data Privacy Day! Is this really a thing?” Taft Privacy & Data Security Insights Blog, Jan. 28, 2020.
- Author, “Business Considerations: California Consumer Privacy Act,” Taft Privacy & Data Security Insights Blog, Dec. 9, 2019.
- Presenter, Cyber Security Forum, ComSpark Innovation Tech Summit, Oct. 8, 2019
- Co-Author, “California Raisin’ the Stakes: Final CCPA Amendments Pass CA Legislature,” Taft Privacy & Data Security Insights Blog, Oct. 7, 2019.
- Author, “Kiss that money goodbye! Why you must scrutinize payment processing changes at every level of your business,” Taft Privacy & Data Security Insights Blog, July 23, 2019.
- Presenter, “Preparation for and Breaches in Cyber Security for All Sized Units,” Indiana Municipal Lawyers Association’s Municipal Law Seminar XXXVI, June 21, 2019.
- Facilitator, “Data Security – Policy and Legal Issues,” Technology First, May 22, 2019.
- Panelist, “Government Contracts: What happened in 2018 that you need to know,” Dayton Chamber of Commerce/Dayton Metro Library, Dayton, Ohio , April 9, 2019.
- Panelist, “Privacy and Confidentiality in the Age of Facebook,” Ohio Information Security Conference, March 13, 2019.
- Co-Author, “A Lesson in Strong Cyber Diligence in Mergers,” Taft Law Bulletin, Dec. 5, 2018.
- Author, “Yet Another Facebook Breach: Use this opportunity to get smart about your online privacy and security,” Taft Privacy & Data Security Insights Blog,, Oct. 16, 2018.
- Speaker, “Lessons Learned After Five Months of GDPR,” IAPP Knowledge Net-Cincinnati, Oct. 2, 2018.
- Panelist, “Cyber Security Forum,” Cincinnati Business Courier, July 12, 2018.
- Presenter, “Cyber Security,” Little Miami River Chamber Alliance’s Chamber Chew Series, May 23, 2018.
- Presenter at Big Data and the Convergence of IT and Biology Event, May 18, 2019.
- Presenter, “Doing Business with Europe? Ready for the Fine in May? GDPR and the New Cost of Doing Business with the EU,” Grant Thornton and the British-American Chamber of Commerce Business Breakfast Briefing, March 2, 2018.
- Author, “Choose to See Data Governance Differently,” Technology First, Sept. 26, 2018.
- Speaker, “Agreements Involving PHI,” Privacy + Security Forum, Washington, D.C., Oct. 24, 2016.
- Speaker, “The Humanity in Privacy,” TEDx Dayton, Victoria Theater, Dayton, Ohio, Oct. 13, 2016.
- Speaker, “10 years of Data Breach,” Ohio Information Security Conference, Dayton, Ohio, March 9, 2016.
- Speaker, “Getting in Shape for Breach Season,” Indiana University Cybersecurity Summit, Sept. 15, 2015.
- Speaker, “Managing the Mobile Workforce: Beyond BYOD”, IAPP Global Privacy Summit, Washington, D.C., April 2015.
- Author, “Model Omnibus Privacy Statute,” University of Dayton Law Review, Vol. 35, No. 3, Sept. 6, 2011.
- International Association of Privacy Professionals
- Dayton Bar Association
- Ohio State Bar Association
- Federal Bar Association
- American Bar Association
- Certified Information Privacy Professional (CIPP/US)