- Overview
- Experience
- Distinctions
- News & Media
- Events
- Affiliations
Overview
Sherwin practices in Carmody’s litigation group, which was named “highly recommended” Connecticut litigation team in Benchmark Litigation’s Guide to Leading Business Litigation Firms and Attorneys. Sherwin thrives in taking on the unexpected and hard matters that our clients sometimes face.
As a certified privacy professional (CIPP/US, CIPP/E and CIPM), Sherwin counsels clients in the areas of data privacy and cyber security.
He helps organizations establish written information security programs. He serves as external Chief Privacy Officer, as well as the Data Protection Officer under the EU GDPR. He has negotiated and drafted privacy and data security provisions for vendor contracts, outsourcing agreements, data transfer agreements, Controller-to-Controller and Controller-to-Processor agreements, HIPAA Business Associate agreements, student data protection addenda, and so on.
Sherwin has advised clients in M&A and commercial real estate deals involving cybersecurity due diligence and the transfer of data containing sensitive personal and commercial information. He advises clients on purchasing cyber insurance coverage. He speaks regularly on privacy and cyber security best practices to clients and professional groups.
In cases of data security incidents or breaches involving disclosure of personal health, consumer, student, and employment information, Sherwin regularly coaches businesses, unions, law firms, institutions, and health care providers through incident investigation, breach notification, and responding to regulators. When litigation ensues, Sherwin is well positioned to defend or prosecute claims. He has assisted entities and individuals in investigating and civilly prosecuting others for computer crimes involving theft of confidential information and breaches of privacy.
Sherwin counsels start-ups and emerging companies on their privacy and security obligations in designing and launching e-commerce sites, mobile applications, IoT devices, and other technologies or transactions involving the flow of data. He has drafted and negotiated technology and software licensing agreements, service agreements, website and mobile app terms of use, and privacy policies.
Sherwin’s litigation background is diverse. He has served non- and for-profit entities, utilities and municipalities in complex commercial litigation involving environmental issues, breach of contract, unfair trade practices and intellectual property disputes, as well as personal injury defense.
Sherwin can make the client secure in any forum. He has practiced before state and federal agencies and at all three levels of state and federal court, including the U.S. Supreme Court and the U.S. International Trade Commission. Sherwin enjoys working with out-of-state attorneys as local counsel in Connecticut state and federal courts, whether the client needs only limited local guidance or more active involvement.
Experience
- Serve as GDPR Data Protection Officer and Chief Privacy Officer for software technology provider for clinical research studies
- Coached national on-line retailer of high-end specialty products through data breach involving customer payment card information in 42 states and territories and post-breach compliance with Payment Card Industry Data Security Standards (PCI-DSS)
- Advise international workplace technology provider on GDPR compliance and processor contract negotiation
- Counsel municipality through response to online bank account compromise and fraudulent ACH transaction and complex governance and liability issues
- Advise Regional Education Service Center on compliance with student data privacy laws and negotiate technology vendor contracts
- Negotiated indemnification to recover data breach notification costs from corporate client’s hacked data hosting vendor despite lack of written services agreement
- Coached healthcare practice through HIPAA privacy breach resulting from employee forgery of patient checks and theft of patient credit card numbers
- Advise regional health insurer on compliance of proposed business plan with HIPAA marketing rules
- Coached national builder of mall retail shops through breach notification and other legal issues arising from ransomware attack
- Guide review and implementation of HIPAA compliance program for professional accounting and advisory firm
- Advise and provide webinar training to staff of international national nonprofit organization on development of written information privacy and security audit program
- Guided response of regional nonprofit provider of social services in response to incident involving breach of sensitive medical diagnosis in potential violation of HIPAA Privacy Rule
- Counseled national affordable housing developer concerning compliance issues arising from research and data collection from tenants aimed at providing targeted social services
- Prosecute theft of trade secrets and recovery of HIPAA privacy breach costs arising from theft of competitive and member personal information by departing employee and coach insurer through multiple regulator notification
- In computer crime and misappropriation of trade secrets case, secured employer-friendly federal appellate court decision providing novel interpretation of state statute governing court jurisdiction over out-of-state former employees
- Part of defense team that obtained noninfringement rulings for local distributor and Taiwanese manufacturer of coaxial cable connectors in action brought in the U.S. International Trade Commission
- In pro bono engagement for owner of home damaged by fire, obtained damages award against home improvement contractor that failed to finish job and made client whole through successful application to Connecticut Home Improvement Guaranty Fund
- In pro bono appointment for state inmate, obtained substantial settlement from federal government in civil forfeiture action
- For national internet software retailer, favorably resolved trademark and copyright infringement claims asserted by worldwide software maker
- Served as counsel for all check fraud prosecutions for regional banking institution
Before Carmody
Before joining our firm, Sherwin clerked for the Honorable Alvin W. Thompson of the U.S. District Court in Hartford. Sherwin draws upon his experience with federal court clerks, judges, magistrates and government lawyers in order to counsel clients and out-of-state attorneys about federal practice in Connecticut. Before law school, Sherwin worked his way from examining short- and long-term disability claims for The Hartford Life Insurance Company to drafting group disability policies and advocating before state insurance commissioners.
Distinctions
- International Association of Privacy Professionals
- Certified Information Privacy Professional/United States, 2015-present
- Certified Information Privacy Professional/Europe, 2018-present
- Certified Information Privacy Manager, 2018-present
- Selected for inclusion in Connecticut Super Lawyers® in the area of Business Litigation, Utilities, Intellectual Property Litigation, 2013, 2015-2017, 2020
- Selected for inclusion in New England Super Lawyers® in the area of Business Litigation, 2013-2016
News
- 33 Carmody Torrance Sandak & Hennessey LLP Attorneys Selected to the 2020 Super Lawyers®, Rising Stars in Connecticut Lists
- Carmody Elects Six New Partners
- 34 Attorneys Selected to the 2016 Connecticut Super Lawyers® and Rising Stars List
- Carmody & Torrance Participates in United Way’s Day of Caring
Alerts
- Data Privacy and Cyber Security Alert: Connecticut’s New Data Security Law
- Data Privacy and Security & Education Law Alert: Ready for the GDPR? New European Privacy Law to Impact U.S. Schools and Universities
- Data Privacy and Security & Healthcare Law Alert: New Connecticut Cause of Action for Breach of Medical Privacy Based on HIPAA Violation
- Education Law Alert: When the Enrollment Contract Goes to Court
- Health Care Law Alert: Connecticut Supreme Court Opens Door to Negligence Lawsuits for HIPAA Violations
- Health Care Law Alert: Connecticut Supreme Court Recognizes Apparent Agency as a Viable Claim Against Hospitals
- Sherwin M. Yoder, CIPP/US, CIPP/E, and CIPM
Publications
Events
- The Increasing Impact of Data Privacy Laws Coming Out of Europe and California: What Connecticut Business Lawyers Need to Know
- Remote Working & Cyber Security Webinar
- Annual Advanced Labor and Employment Law Symposium
- Cyber Security Conference for CPAs
- CTCPA Governmental Accounting & Auditing Conference
- Score Workshop: Got Data? Meeting Your Privacy and Data Security Obligations
- Nutmeg Group Cyber Training
- Cyber Security Conference for CPAs
- Legal Protection for Coders & Programming Professionals
- 2018 Annual Labor & Employment Seminar
- Got Data? Complying with Privacy and Data Security Obligations
- Affordable Care Act, Labor & Wage Law Update and Connecticut's Data Security Law
- Business Panel Discussion - Best Practices & Cybersecurity
- CEN 6th Annual Conference - Data Privacy and GDPR
- Connecticut's New Data Security Law
- Countdown to the GDPR (Part 3)
- Cyber Security for Small Business
- Cyber Security Panel: The Latest Trends, Risks, and How to Protect Your Systems
- Getting a Grip on Cyber Risk: Data Privacy and Security for Lawyers and Law Firms
- Human Resources Roundtable Breakfast Series
- Human Resources Roundtable Breakfast Series - Cyber Security and the Protection of Personal Information
- Interactive Workshop: Legal Protection for Coders & Programming Professionals
- Trinity College Seminar on Health Law & Policy
- 2nd Annual Connecticut Bankruptcy Conference
- Innovative Digital Health Technologies: The Way Forward!
Affiliations
- MIT Enterprise Forum of Connecticut, Board of Directors, 2017-present
- International Association of Privacy Professionals, including Connecticut IAPP KnowledgeNet
- InfraGard, Connecticut Chapter
- New Haven County Bar Association
- Connecticut Bar Association
- Federal Practice Section, Legislative Liaison and Executive Committee Member, 2014-present
Community
- Volunteer, Federal Court Public Outreach Committee, Annual Law Day High School Trial Simulation, New Haven, 2011-present
- Wallingford Rotary Club
- Rotarian of the Year, 2016
- Program Chair, High School Public Speaking Contest, Wallingford Rotary Club, 2013-2016
- Co-chair, annual Celebrate Wallingford fundraiser, 2012-2016
- Middle school and high school mock trial coach and judge, 2009-2014
- Board of Directors, Maranatha Christian Church of America, 2009-2014
- Church missions related trips abroad, including to Brazil and South Korea, 1994-present