The Red Flag Rule: Implementation Issues

Naomi Lefkovitz is an attorney with the Division of Privacy and Identity Protection at the Federal Trade Commission. Her responsibilities focus primarily on business and consumer education, legislative activity, and rulemakings. She specializes in identity theft issues, in particular, the areas of identity management, authentication, and fraud prevention. She has drafted a number of rulemakings related to identity theft including representing the FTC in the inter-agency group that drafted the Red Flags Rule. 

Ms. Lefkovitz joined the FTC in 2001. For the five years prior to working at the FTC, she was Assistant General Counsel at CDnow, Inc., an online music retailer. At CDnow, Inc., she was responsible for negotiating and drafting contracts, managing intellectual property matters, lobbying and trade association participation as well as other corporate matters. 

Ms. Lefkovitz holds a B.A. with honors in French Literature from Bryn Mawr College and a J.D. with honors from Temple University School of Law.

Kevin Lyles practices in the areas of health care transactions, privacy and data security, and outsourcing. He co-chairs the Firm's Health Care practice and oversees the Firm's Privacy & Data Security practice. 

Kevin's health care practice focuses on significant transactions, including hospital change-in-control transactions, structuring physician/hospital joint ventures, formation of accountable care organizations and co-management arrangements, and reorganization of academic medical center relationships. Kevin also counsels clients on fraud and abuse and Stark Law compliance. He has represented hospital systems, academic medical centers, physician organizations, health insurers, and pharmaceutical and medical device companies. 

Kevin is experienced in privacy and data security matters, including cross-border data transfers, responding to data security breaches, privacy policies, identity theft prevention programs, and compliance with regulatory requirements, including the CAN-SPAM Act, the EU Data Protection Directive, HIPAA, FACTA, and the Gramm-Leach-Bliley Act. 

Kevin also is an experienced outsourcing lawyer, concentrating in customer side transactions. His practice includes business process and information technology outsourcing, with significant offshoring experience. His recent experience includes the outsourcing of HR, information technology, revenue cycle, finance and accounting, and benefit plan administration services. 

Kevin is a member of the American Health Lawyers Association and serves as co-leader of its Electronic Health Records Affinity Group. He has served on the advisory boards for the Healthcare Outsourcing Congress, the Privacy2000 conference series, and MD Net Guide. He serves on the boards of the National Healthcare, Research and Education Finance Corporation and the Contemporary American Theatre Company.

David Medine is a partner in the firm's Regulatory and Government Affairs Department, and a member of the Communications and Financial Institutions Practice Groups. He joined the firm in 2002. 

After developing e-commerce and financial services policy at the Federal Trade Commission and The White House, Mr. Medine has brought his experience to a wide range of online and offline clients. His government experience has made him a valuable asset to clients, whether it involves defending investigations, advice on legislative strategies, development of privacy and security policies or counsel on regulatory compliance. Mr. Medine's representation of the United States in international organizations, such as the OECD or in negotiations with the European Union, has positioned him well to represent clients wrestling with international data and consumer protection issues. 

Practice 
Mr. Medine currently represents major online companies, media firms and consumer product companies regarding compliance with federal and state consumer protection and privacy laws and regulations. He also represents a wide range of financial institutions, including banks, insurance companies, credit bureaus, credit card issuers, debt collectors and broker-dealers on credit, financial privacy, data security and other issues. 

At the FTC, Mr. Medine's responsibilities included the development of policy and regulations, oversight of programs involving consumer financial services, privacy and e-commerce and enforcement activities in those areas. He participated in drafting the Gramm-Leach-Bliley financial privacy and the Children's Online Privacy Protection Act (COPPA) regulations. 

In August 2000, Mr. Medine left the FTC to serve as a Senior Advisor to the National Economic Council at The White House, where he advised both the President and the Assistant to the President for Economic Policy, and coordinated Administration policies on such issues as privacy, financial institutions and expanding capital investment in under-served areas. He advised government agencies on implementation of electronic signature legislation and represented The White House in congressional consideration of "spam" legislation.