Professionals

Name / Keyword Office Practice Industry Language Show All
Practices

Business and Corporate

Construction

Coronavirus (COVID-19): Navigating the Path Ahead

Data Protection, Privacy and Cybersecurity

Emerging Companies

Financial Services

Global Business

Government Enforcement and Investigations

Government Relations and Public Policy

Health Law

Hospitality, Franchising and Distribution

Immigration

Intellectual Property

Labor & Employment

Litigation

Mergers and Acquisitions

Product Liability and Mass Tort

Real Estate

Securities

Tax

Transportation & Logistics
Industries

Automotive

Aviation and Aerospace

Construction

Disaster Recovery and Government Services

Drug, Device and Life Sciences

Education

Energy

Financial Services

Gaming

Governmental Entities

Health Care

Hospitality, Franchising and Distribution

Long Term Care

Manufacturing

Real Estate

Retail

Telecommunications

Transportation & Logistics
Experience

Featured Case Study
Community Healthcare Trust Incorporated Community Healthcare Trust Incorporated More Case Studies

Search Experience
Keywords Practice Industry
News & Events

Professionals
Practices
Industries
Experience
News & Events
Other Pages

Quick Results

View More Results

Professionals

Matthew G. White, CIPP/US, CIPP/E, CIPM, PCIP

Shareholder

Memphis
T: 901.577.8182
F: 901.577.0724

Matt White, co-chair of the Firm's Financial Services Cybersecurity and Data Privacy Team, regularly advises clients on a wide range of cybersecurity and data privacy matters, including compliance, training, incident response, regulatory investigations, and litigation.

Featured Videos

An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program June 16, 2021

Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors May 19, 2021

State and Federal Privacy Regulation in 2021: What is on the Horizon? April 21, 2021

The California Privacy Rights Act and Financial Institutions March 17, 2021

How To Prepare for a Cybersecurity Incident February 17, 2021

2021 Privacy Landscape January 13, 2021

Featured Experience

Represented numerous financial institutions with regard to compliance with privacy and cybersecurity laws and regulations, including GLBA, CCPA, CPRA, GDPR, HIPAA, FCRA, and TCPA.

Assisted numerous clients with remediation and reporting of security incidents, including those caused by ransomware, phishing, malware, employee misconduct, and other cyber-attacks.

Counseled multiple clients on compliance with U.S. privacy laws and privacy notices.

Professional Biography

Matt White is a Certified Information Privacy Professional (CIPP/US, CIPP/E) and a Certified Information Privacy Manager (CIPM). Matt is also a Payment Card Industry Professional (PCIP). His practice focuses on representing financial institutions, including banks, credit unions, insurance companies, investment advisory firms, broker-dealer firms, and other highly regulated businesses. He counsels clients on all aspects of privacy and cybersecurity, including litigation and breach response, privacy compliance, transactional diligence, and the defense of regulatory actions.

Matt has significant experience:

Advising clients on privacy, information security, supply chain and vendor management, insurance, document retention, e-discovery, and data and technology issues;
Assisting clients with compliance-related matters including internal policy creation and training;
Preparing customized website and mobile device policies and notices including terms of use, privacy policies, state-specific notices, and cookie notices;
Counseling on the investigation, response, notification, and defense of data breaches and incidents; and
Representing clients in responding to regulatory investigations and in litigation and class action matters involving cybersecurity and data privacy issues.

He routinely advises clients on data privacy and security matters arising from a variety of state and federal laws and regulations including the Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), the Fair and Accurate Credit Transactions Act (FACTA), the Telephone Consumer Protection Act (TCPA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), the California Consumer Privacy Act (CCPA), and the New York Department of Financial Services Cybersecurity Regulation. He also counsels clients on global data protection laws including the General Data Protection Regulation (GDPR), and on compliance with Payment Card Industry (PCI-DSS) requirements.

Matt particularly focuses on helping financial institutions and other businesses implement policies, procedures, and best practices concerning data privacy and security, and assisting clients in strategically navigating through cyber incidents and litigation.

In addition to his privacy and security experience, Matt also represents financial institutions, broker-dealers, investment advisors, and other companies in litigation, arbitration, regulatory and compliance matters, and in investigations and enforcement proceedings. He regularly represents national and regional securities firms and their registered representatives in a wide range of matters including customer-initiated arbitrations and litigation, as well as in enforcement proceedings and investigations by the SEC, self-regulatory organizations and state securities agencies.

As an experienced litigator, Matt has represented clients in numerous complex commercial and general business litigation. He has successfully litigated trial and appellate matters in both state and federal courts, and in mediation and arbitration. Matt has also defended financial institutions and other corporations in class action litigation.

You can follow Matt on Twitter, @mattwhitejd, and connect with him on LinkedIn.

Represented numerous financial institutions with regard to compliance with privacy and cybersecurity laws and regulations, including GLBA, CCPA, CPRA, GDPR, HIPAA, FCRA, and TCPA.
Assisted numerous clients with remediation and reporting of security incidents, including those caused by ransomware, phishing, malware, employee misconduct, and other cyber-attacks.
Counseled multiple clients on compliance with U.S. privacy laws and privacy notices.
Represented a company in class action litigation alleging violations of the FTC Guidelines arising out of a data breach.
Represented numerous broker-dealers and registered investment advisers in litigation and in arbitrations involving claims of unsuitability, unauthorized trading, misrepresentation, churning, failure to supervise and breach of fiduciary duty.
Successfully defended broker-dealers and registered investment advisers in SEC enforcement actions.
Successfully defended broker-dealers in FINRA enforcement actions.
Successfully defended a corporate executive in an SEC insider trading investigation.
Successfully defended the officer of a company in a SEC inquiry regarding alleged material misrepresentations.
Represented numerous broker-dealer firms and their registered representatives in responding to subpoenas, document requests from regulators, and informal inquiries as well as formal SRO investigations involving investment banking activities, alleged sales practice violations, failure to supervise and other matters.
Represented the officers of a public company in bankruptcy and in a parallel criminal investigation, civil litigation and regulatory investigation
Successfully defended a financial institution on appeal in a U.S. Court of Appeals case arising out of the disposition of a business unit in which former employees claimed $2.4 million in damages for the alleged breach of a payment agreement. Obtained affirmance in the client's favor.
Represented a mortgage company in a case before the Tennessee Court of Appeals in which the Court held that there is no private right of action to enforce the Home Affordable Modification Program.
Won a dismissal of action alleging breach of contract and fraud filed in a U.S. District Court based on lack of personal jurisdiction.
Represented a local government in litigation arising from school system consolidation.
Successfully defended a broker-dealer in a federal court action alleging violations of federal and state securities laws, aiding and abetting breach of fiduciary duties, and commercial bribery in the wake of the bankruptcy of a registered investment adviser.

Member – International Association of Privacy Professionals (CIPP/US, CIPP/E, CIPM)
- Co-Chair, IAPP KnowledgeNet Memphis Chapter
Distinguished™ Peer Review Rated by Martindale-Hubbell
Named a Mid-South Rising Star by Mid-South Super Lawyers (2014 – 2020)
Named a 2018 Best of the Bar Ace Associate by the Memphis Business Journal
Named a 2016 Top 40 Under 40 by the Memphis Business Journal
Recipient – Baker Donelson Firmwide Pro Bono Award (2016, 2018)
Member – American Bar Association
- Securities Litigation Committee
Member – Memphis Bar Association
Member – Tennessee Bar Association
Member – Virginia Bar Association
Member – Bar Association of the District of Columbia
Member – DRI
- Commercial Litigation Committee
- Government Enforcement and Corporate Compliance Committee
- Securities Enforcement Subcommittee
- Complex Commercial Litigation Subcommittee
Community Co-Chair – DRI Complex Commercial Litigation SLG
Member – Financial Markets Association, Seminar Planning Committee
Member – Leo Bearman, Sr. American Inn of Court
Named a Tennessee Supreme Court Attorney for Justice

President – Memphis Area Gator Club

Co-author – "How to Contend With a 21st Century Ransom Note," ABA Banking Journal (April 2021)
Co-author – "Insurers Beware: Potential Impacts of New York's Cyber Insurance Risk Framework," Insurance Journal (April 2021)
Co-author – "California Privacy Law Update: CCPA Amendments Announced and CPPA Board Members Appointed," republished April 8, 2021 in Corporate Compliance Insights (March 2021)
Co-author – "NYDFS Surges Ahead with Cybersecurity Enforcement: Recent Fine Highlights Need for Financial Institutions to Focus on Incident Response" (March 2021)
Co-author – "Key Takeaways from Recent Cyberattack Resulting in Demise of Hedge Fund" (February 2021)
Co-author – "Privacy Legislation Floodgates Have Opened: Virginia Passes the Consumer Data Protection Act," republished March 17, 2021 in Corporate Compliance Insights (February 2021)
Co-author – "U.S.'s First Cyber Insurance Risk Framework Issued by New York Department of Financial Services," republished in Property Casualty 360 (February 2021)
Co-author – "Proposed NY Privacy Bill Would Increase Business Obligations and Litigation/Enforcement Exposure for Businesses, Including Financial Institutions," republished in Banking Exchange (January 2021)
Co-author – "Faster and More Comprehensive Breach Notification Requirements Proposed for Banks," republished in BankBeat (January 2021)
Co-author – "The Year Ahead: Privacy and Cybersecurity Issues Facing Financial Institutions in 2021," republished in Bank Beat (January 2021)
Co-author – "New Ransomware Advisories from OFAC and FinCEN Create Additional Challenges for Financial Institutions" (January 2021)
Co-author – "How California's New(er) Privacy Legislation Will Affect U.S. Businesses," republished November 18, 2020 in Corporate Compliance Insights (November 2020)
Co-author – "FTC's Red Flag Rule: A Review of Enforcement Actions and Compliance Considerations for the Next Decade," Market Solutions, Financial Markets Association's e-Newsletter, Volume 29, Number 3 (September 2020)
Co-author – "OCC Issues Guidance on Safekeeping and Custody Services for Cryptocurrency," republished in Corporate Compliance Insights (August 2020)
Co-author – "Lessons Learned from the NYDFS First Cybersecurity Regulation Enforcement Action," republished August 26, 2020 in Westlaw (July 2020)
"Critical Guidance for Financial Institutions on Security Considerations for Cloud Computing Environments," republished in Banking Exchange (May 2020)
Co-author – "SEC Signals How Examinations Will Focus on Compliance with Reg BI and Form CRS" (April 10, 2020)
"Cybersecurity Preparedness: Standardization is Key," republished October 2019 in Westlaw Journal Bank & Lender Liability (August 2019)
Co-author – "SEC Issues Risk Alert on Regulation S-P," republished June 2019 in Westlaw Journal Bank & Lender Liability (May 2019)
Co-author – "SEC & FINRA: Shared Regulatory Priorities for 2019" (April 2019)
Co-author – "Data Privacy Class Actions," Tennessee Bankers Magazine (March/April 2019)
Co-author – "Public Company Cybersecurity Disclosures: The SEC Means What It Says" (April 2018)
Co-author – "SEC & FINRA: Shared Regulatory Priorities for 2018," republished in Corporate Compliance Insights (March 2018)
"SEC Expands Cybersecurity Guidance: All Public Companies Must Take Note," republished in Corporate Counsel (February 2018)
Co-author – "The Evolving Landscape of Data Privacy and Cyber Security in the Financial Services Industry," 4 Emory Corporate Governance & Accountability Review 369, Volume 4, Issue 2 (2017)
Co-author – "Supreme Court Deals Major Blow to SEC Disgorgement Claims in Kokesh" (June 2017)
Co-author – "SEC and FINRA Regulatory Priorities: Common Goals for 2017" (February 2017)
"Salman v. U.S.: More Questions than Answers?" (December 2016)
Co-author – "SEC, FINRA and the DOL Take Aim at Confidentiality Provisions in Firm Agreements" (November 2016)
Co-author – "New Requirements for Broker Recruitment" (November 2016)
Co-author – "SEC Amendments Require Advisers to Disclose More Information and Keep Additional Records" (September 2016)
Co-author – "FINRA's 2016 Regulatory and Examination Priorities Letter," Baker Donelson Broker-Dealer/Investment Adviser Alert (March 2016)
Co-author – "SEC Examination Priorities for 2016," Baker Donelson Broker-Dealer/Investment Adviser Alert (March 2016)
Co-author – "Increased SEC and FINRA Scrutiny on Confidentiality Provisions" (July 2015)
"SEC Issues Guidance on its 2014 Examination Priorities" (February 2014)
"FINRA Issues 2014 Regulatory and Examination Priorities Letter" (February 2014)
"FINRA Issues 2013 Regulatory and Examination Priorities Letter" (February 2013)
"FINRA Requires Enhanced Oversight of Complex Products" (June 2012)
"Federal Sentencing Guidelines: Too Blunt An Instrument?," Law360 (June 2012)
Co-author – "Unregistered Securities: Increasing Risks for Broker-Dealers" (May 2012)
"FINRA Issues 2012 Priorities Letter" (February 2012)
"SEC/FINRA Issue Guidance Related to Use of Social Media" (January 2012)
"SEC Alters Policy on 'No Admit, No Deny' Settlements" (January 2012)
"SEC/FINRA Guidance Signals that Broker-Dealers Must Strengthen Branch Exam Processes" (December 2011)
Editor – Section on Alternative Dispute Resolution, The District of Columbia Practice Manual, 2011 Ed. (December 2011)
Co-author – "Merger Trends: H&R vs. AT&T," Law360 (November 2011)
Co-author – "Generic Protections: A Synopsis of the Generic Approval Processes in the U.S., Japan, China, and the European Union," Pharmaceutical Law & Industry Report, 9 PLIR 716 (June 2011)

"State Legislation Update: California and Copy-Cat States," International Association of Privacy Professionals (IAPP) Memphis KnowledgeNet Presentation (March 2021)
"California Privacy Update: CPRA & CCPA," National Association of Mutual Insurance Companies (NAMIC) (January 2021)
"Data Incident Virtual Tabletop Exercise," International Association of Privacy Professionals (IAPP) Memphis and Nashville KnowledgeNet Presentation (December 2020)
"Gramm Leach Bliley Act—What is Your Bank Required to Do?," Tennessee Bankers Association's Strategic Technology, Risk & Security Conference (September 2020)
"Updates in Privacy Law," International Association of Privacy Professionals (IAPP) Memphis KnowledgeNet Presentation (June 2020)
"The California Consumer Privacy Act: Examining the Exemptions, Proposed Regulations, and Compliance Issues for Insurance Companies," National Association of Mutual Insurance Companies (NAMIC) (January 2020)
"Legal Issues Confronting Inside Counsel" (November 2019)
"How to Prepare for the SEC's New Standards of Conduct Rulemaking Package" (September 2019)
"The SEC's Proposed Rules, Interpretations, and Forms on the Standard of Conduct for Broker-Dealers and Investment Advisers" (June 2018)
Panelist – "BCP, Data Security and Cybersecurity: Avoiding Pitfalls and Mitigating Risk," FMA's 27th Annual Securities Compliance Seminar (April 2018)
Speaker – "Action Steps for Complying with Fiduciary Rule and Protecting Senior Investors," Baker Donelson's Broker Dealer/Investment Adviser Fall Compliance Roundtable (November 2016)
Speaker/Panelist – "Taking and Defending Effective Depositions," Tennessee Bar Association's TennBarU (April 2013)
"Encountering and Avoiding Ethical Traps," Tennessee Bar Association's TennBarU (February 2013)

An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program (June 2021)
Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors (May 2021)
State and Federal Privacy Regulation in 2021: What is on the Horizon? (April 2021)
Enterprise Cyber Risk Management for Financial Services Organizations (April 2021)
The California Privacy Rights Act and Financial Institutions (March 2021)
How To Prepare for a Cybersecurity Incident (February 2021)
2021 Privacy Landscape (January 2021)
Cybersecurity for Financial Institutions: Essential Information on Cyber Incidents and Regulatory Issues (November 2020)
COVID-19: Cybersecurity and Data Privacy Considerations for Financial Institutions (April 2020)
Coronavirus and Financial Institutions: What Banks and Lenders Need to Know (March 2020)
California Consumer Privacy Act Essentials for Broker-Dealer and Investment Advisory Firms (December 2019)
California Consumer Privacy Act Essentials for Financial Institutions (November 2019)
How to Prepare for the SEC's New Standards of Conduct Rulemaking Package (August 2019)
Cybersecurity and Data Privacy Essentials for Financial Service Providers (July 2018)
The Evolving Landscape of Data Privacy and Cybersecurity in the Financial Services Industry (January 2017)

Baker Donelson's Matt White Earns Payment Card Industry Professional Certification (March 22, 2021)
69 Baker Donelson Attorneys Named to 2020 Mid-South Super Lawyers; 38 Named to Mid-South Rising Stars (November 30, 2020)
77 Baker Donelson Attorneys Named to 2019 Mid-South Super Lawyers; 45 Named to Mid-South Rising Stars (November 6, 2019)
Baker Donelson's Matt White Earns Additional Information Privacy Certification (July 9, 2019)
86 Baker Donelson Attorneys Named to 2018 Mid-South Super Lawyers; 43 Named to Mid-South Rising Stars (November 8, 2018)
Baker Donelson's Matt White Earns Information Privacy Certification (May 17, 2018)
Baker Donelson Announces Eleven Newly Elected Shareholders Firm-Wide (April 30, 2018)
Baker Donelson Attorneys Earn Information Privacy Certification (January 30, 2018)
94 Baker Donelson Attorneys Named to 2017 Mid-South Super Lawyers; 53 Named to Mid-South Rising Stars (November 7, 2017)
98 Baker Donelson Attorneys Named to 2016 Mid-South Super Lawyers; 57 Named to Mid-South Rising Stars (November 14, 2016)

Matt White Featured on cityCurrent Radio Show Discussing Pro Bono Efforts at Baker Donelson (November 12, 2018)
Matt White Profiled as 2018 Best of the Bar Finalist in Ace Associate Category by Memphis Business Journal (March 26, 2018)

An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program (June 16, 2021)
Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors (May 19, 2021)
State and Federal Privacy Regulation in 2021: What is on the Horizon? (April 21, 2021)
The California Privacy Rights Act and Financial Institutions (March 17, 2021)
How To Prepare for a Cybersecurity Incident (February 17, 2021)
2021 Privacy Landscape (January 13, 2021)
Cybersecurity for Financial Institutions: Essential Information on Cyber Incidents and Regulatory Issues (November 18, 2020)
COVID-19: Cybersecurity and Data Privacy Considerations for Financial Institutions (April 7, 2020)
Coronavirus and Financial Institutions: What Banks and Lenders Need to Know (March 25, 2020)
California Consumer Privacy Act Essentials for Broker-Dealer and Investment Advisory Firms (December 10, 2019)
California Consumer Privacy Act Essentials for Financial Institutions (November 12, 2019)
How to Prepare for the SEC's New Standards of Conduct Rulemaking Package (August 28, 2019)
Cybersecurity and Data Privacy Essentials for Financial Service Providers (July 25, 2018)
The Evolving Landscape of Data Privacy and Cybersecurity in the Financial Services Industry (January 25, 2017)

Practices

Education

University of Florida, Levin College of Law, J.D., cum laude
- Research Editor, Florida Law Review
- Member – Florida Journal of Technology Law and Policy
- Member – Florida Entertainment Law Review
- Officer – Corporate and Securities Litigation Group
- Placed First in the Florida Intramural Securities Moot Court Competition
- Book Awards in Legal Drafting and Advanced Techniques in Appellate Advocacy
- Dean's List
University of Florida, B.A., magna cum laude

Admissions

Tennessee, 2012
District of Columbia, 2010
Virginia, 2009
U.S. District Court for the Western, Middle, and Eastern Districts of Tennessee
U.S. District Court for the Eastern and Western Districts of Virginia
U.S. District Court for the District of Columbia
U.S. Court of Federal Claims
U.S. Court of Appeals for the Federal Circuit
U.S. Court of Appeals for the Sixth Circuit

Featured Media

An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program

Webinar / June 16, 2021

Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors

Webinar / May 19, 2021

State and Federal Privacy Regulation in 2021: What is on the Horizon?

Webinar / April 21, 2021

Online Payment Contact Us BakerConnect Extranet Disclaimer & Terms of Use Privacy Notice Security