ROBERT J. HUDOCK is a Member of the Firm in the Health Care and Life Sciences practice, in the firm's Washington, DC, office. Mr. Hudock practices in the firm's E-Health Group. His practice includes information security, privacy, data forensics/e-discovery, legal and business issues of outsourcing, encryption (FIPS/ ISO Standards), legal implications of expert systems, and knowledge management systems.

Mr. Hudock has been at the forefront of information privacy, information security, data mining/aggregation, and the forensic practice areas for the last eight years. During this time, he has regularly advised leading financial and health institutions, as well as innovative startup companies, on identifying, evaluating and improving the security posture and mission critical processes of their organizations. Most recently, he has assisted Fortune 500 clients with their security and risk analysis obligations under U.S., Canada, and European Union ("EU") law.

Mr. Hudock regularly:

  • Conducts risk assessments and IT audits for health care and financial services companies following HIPAA, FDIC, Federal Reserve Bank (FRB), OTS, OCC Information Security Guidelines, Gramm-Leach-Bliley Act (GLBA), and other best practices;
  • Designs and implements cost-effective strategies for managing electronic documents, including collecting, preserving, reviewing, analyzing and producing electronic data. Mr. Hudock has broad knowledge of e-Discovery hardware and software technologies, including (traditional) Boolean, conceptual, clustering, and taxonomic search methodologies;
  • Advises clients regarding privacy and security legislation: Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Regulations; Gramm-Leach-Bliley Act; European Union Commission's Directive on Data Protection (95/46) and the Department of Commerce's EU Safe-Harbor; the Personal Information Protection and Electronic Documents Act (Canada); the US Patriot Act; Sarbanes-Oxley; State-based security breach notification legislation (both acquisition- and risk-based variations); OIG Corporate Integrity Agreements and Medicare and Medicaid Patient Protection Act of 1987 (the "Antikickback Statute"); and NIST/ ISO privacy and security standards; and
  • Manages computer security incidents for various clients in both the health care and financial sectors. His work also includes performing and creating procedures for system security audits, penetration tests, and vulnerability assessments to define real metrics by which an organization can evaluate and demonstrate their privacy and security due diligence.

In addition to graduating at the top of his class at Cornell Law School, Mr. Hudock is a Certified Information Systems Security Professional (CISSP). He was awarded this information technology security audit certification by the International Information Systems Security Certification Consortium (see He has held this certification for almost six years. Mr. Hudock is also certified by the National Security Agency to perform INFOSEC Security Methodology (IAM) audits under FISMA and by the Health Information Trust Alliance (HTIRUST) as a Certified CSF Practitioner, an organization that provides training to develop and maintain effective security programs for health care and life sciences companies that comply with security laws, regulations, and standards, including HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, and various other federal, state, and business requirements. Finally, Mr. Hudock is also a Certified Ethical Hacker. The Certified Ethical Hacker (CEH) certification is a professional certification provided by the International Council of E-Commerce Consultants.

Named a "Rising Star" by Washington, DC Super Lawyers in 2013, Mr. Hudock is a skilled security and legal professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker to secure client's information systems. Most noteworthy, Mr. Hudock has also won the internationally recognized capture the flag for the last two years. This competition is held each summer in Las Vegas at Defcon.


  • Cornell University Law School (J.D., 2000)
    • cum laude
  • St. Lawrence University (B.S., 1996)
    • cum laude

Bar Admissions

  • District of Columbia
  • New York


  • American Health Lawyers Association