Hammond named VP on NYSSCPA board of directors

Get our email updates

Stay up-to-date on the companies, people and issues that impact businesses in Syracuse, Central New York and beyond.

Timothy J. Hammond, principal in the Syracuse office of The Bonadio Group, has been elected to serve as a vice president on the board of directors of the New York State Society of CPAs (NYSSCPA). He was one of four elected Society VPs who began their terms of office on June 1, the organization announced. […]

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Masonic Medical Research Institute promotes Kontaridis to executive director

Employee Benefits & Human Resources, Health Care, Nonprofits, People on the Move, Regional News, Technology

UTICA, N.Y. — The Masonic Medical Research Institute (MMRI) on Friday announced that Dr. Maria Kontaridis is now serving as its executive director. Kontaridis, who

Barclay Damon lawyers, staff have option to keep working from home

Employee Benefits & Human Resources, Law, Accounting & Taxes, Subscriber Only

SYRACUSE — Even with most of its Northeast offices reopened, the attorneys and staff of Barclay Damon, LLP have the option to continue working from home for all or part of a given week. The firm has reopened most of its offices, with the exception of its location in New York City, says Connie Cahill,

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

SYRACUSE — Even with most of its Northeast offices reopened, the attorneys and staff of Barclay Damon, LLP have the option to continue working from home for all or part of a given week.

The firm has reopened most of its offices, with the exception of its location in New York City, says Connie Cahill, deputy managing partner of Barclay Damon. The reopening was part of phase 2 of New York State’s regional economic reopening process after closures related to the COVID-19 pandemic.

Cahill credited John Langan, the firm’s managing partner, with the idea to offer the option of working from home.

“We, for a long time, made investments in technology … and teaching people how to use technology. We doubled that effort for training while people have been working from home. For the most part, most people are just as effective, and in some cases, maybe even more effective working remotely,” says Cahill. She spoke with CNYBJ by phone on June 16.

Barclay Damon lawyers have worked from home in the past, including nights and weekends, depending on the work they are handling for a client.

“So they were very comfortable with working remotely,” says Cahill.

Working from home was a change for some staff members, so some people needed time to get updated with technology and computers, she adds.

With nearly 300 attorneys, including 145 partners, Barclay Damon operates from offices located in the Northeastern U.S. and Toronto. It has an overall employee count of 475. Its Syracuse office is in the Barclay Damon Tower at 125 E. Jefferson St.

Reopening plan

Cahill was in charge of leading the firm’s office-reopening plan and assembled a committee of administrators and partners, which met “several times” a week.

The group had someone in charge of procuring hand sanitizer, masks, and gloves. Another colleague put together a checklist of what needed to be done in each office before the reopening process could start.

“And that checklist ended up with 100 items on it,” Cahill noted.

It included the removal of excess chairs in a conference room to maintain social distancing and elimination of the candy dish in the reception office “because we’re obviously not going to have shared candy for a while.”

Committee members attended different webinars, read about best practices, reviewed the website of the Centers for Disease Control and Prevention, and read the New York State safety plans.

As its offices reopened, Barclay Damon limited the office occupancy to 30 percent and will gradually increase the percentage as the governor’s executive orders permit, according to Cahill.

In its health and safety plan, the law firm has a system in which its attorneys and staff members are asked to project where they will be the following week. They also get a daily email to help the firm keep track of where the employees are working from.

“So if someone’s looking for a teammate, they know whether they’re home or in the office,” Cahill says.

Barclay Damon plans to review the policy at the end of the year, which is “sensible” as the COVID-19 pandemic continues, says Langan, who joined Cahill on the June 16 conference call.

Langan says it’s not “revolutionary” to have partners and lawyers work from home, but to offer that option to all staff members is “revolutionary for a law firm.”

If the firm’s attorneys and staff members keep “operating at the high level that they have in the last three months,” then Langan says “our goal is to make [the policy] permanent.”

Utica Mayor introduces new zoning ordinance

Construction, Design & Real Estate, Law, Accounting & Taxes, Nonprofits, Regional News

UTICA, N.Y. — Utica Mayor Robert Palmieri has unveiled a measure that would update the City of Utica’s zoning ordinance. The proposal would bring the

New York extends suspension of state-debt collection

Law, Accounting & Taxes, Subscriber Only

New York State has for a third time renewed an order to halt the collection of medical and student debt owed to the state for an additional 30-day period. The debt has been “specifically referred” to the Office of the Attorney General (OAG) for collection, per a June 16 news release. In response to “continuing

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

New York State has for a third time renewed an order to halt the collection of medical and student debt owed to the state for an additional 30-day period.

The debt has been “specifically referred” to the Office of the Attorney General (OAG) for collection, per a June 16 news release.

In response to “continuing financial impairments” resulting from the spread of COVID-19, the OAG again renewed the orders for a period between June 17 through July 16. After this 30-day period, the OAG will reassess the needs of state residents for another possible extension.

Additionally, the OAG will accept applications for suspension of all other types of debt owed to New York State and referred to the OAG for collection.

“While the number of coronavirus cases across New York may be on the decline, and the number of businesses opening back up may be on the rise, New Yorkers are still very much feeling the economic impact of this public health crisis each and every day,” New York Attorney General Letitia James said. “More than 2.6 million New Yorkers filed for unemployment in the last three months, so we will continue to look for ways to protect each of these individuals’ wallets, and the wallets of millions more across our state. We hope that by, once again, suspending the collection of state student and medical debt referred to my office, we are doing what we can to support New Yorkers and reduce their burden in these difficult times.”

The OAG collects certain debts owed to New York State via settlements and lawsuits brought on behalf of New York and state agencies. A total of more than 165,000 matters currently fit the criteria for a suspension of state debt collection, including patients that owe medical debt due to the five state hospitals and the five state veterans’ homes; students that owe student debt from attending SUNY campuses; and individual debtors, sole-proprietors, small-business owners, and certain homeowners that owe debt relating to oil-spill cleanup and removal costs, property damage, and breach of contract, as well as other fees owed to state agencies.

The temporary policy has also automatically suspended the accrual of interest and the collection of fees on all outstanding state medical and student debt referred to the OAG for collection, so New Yorkers are “not penalized for taking advantage of this program.”

New Yorkers with non-medical or non-student debt owed to New York State and referred to the OAG may also apply to temporarily halt the collection of state debt. Individuals seeking to apply for this temporary relief can complete an application online or visit the OAG’s coronavirus website to learn more about the suspension of payments. They can also call the OAG hotline at (800) 771-7755 for more information.

Gillibrand co-sponsors proposed HEAL Act

Law, Accounting & Taxes, Subscriber Only

U.S. Senator Kirsten Gillibrand (D–N.Y.) says she will co-sponsor a bill that would “remove barriers” to health care for immigrants as the nation and immigrant communities are “grappling with the ongoing impact of COVID-19.” The proposal is titled the Health Equity and Access under the Law (HEAL) for Immigrant Women and Families Act. Gillibrand’s office

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Hancock Estabrook summer associates complete their work virtually

Law, Accounting & Taxes, Subscriber Only, Technology

SYRACUSE — Law students Nabil Akl and Bryan O’Keefe recently spent about a month working with Syracuse law firm Hancock Estabook, LLP as summer associates. Because of the COVID-19 restrictions, their work with the firm has been “100 percent virtual,” Mary Miner, hiring partner with Hancock Estabrook, tells CNYBJ in an email message. Akl and

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

SUNY Morrisville appoints new chief financial officer

Health Care, Subscriber Only

MORRISVILLE — Jamie Cyr, of Chittenango, is the new chief financial officer at SUNY Morrisville, beginning July 1, the college announced. Cyr comes to SUNY Morrisville with broad experience in financial planning and forecasting and leading auxiliary-services organizations in the hospitality and higher-education industries. “Jamie has impressive skills,” SUNY Morrisville President David Rogers said in

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

MORRISVILLE — Jamie Cyr, of Chittenango, is the new chief financial officer at SUNY Morrisville, beginning July 1, the college announced.

Cyr comes to SUNY Morrisville with broad experience in financial planning and forecasting and leading auxiliary-services organizations in the hospitality and higher-education industries.

“Jamie has impressive skills,” SUNY Morrisville President David Rogers said in a statement. “His unique blend of auxiliary services, hospitality, budget, accounting and financial management experience will be an asset to carry out the mission of the college.”

Cyr’s experience includes the fiscal management of operating and capital budgets of $150 million and strategic leadership of diverse teams of more than 2,000 employees.

Most recently, Cyr served as executive director and general manager of the Sheraton Syracuse University Hotel & Conference Center. His position included directing all operations for the hotel and conference center and related properties, including managing the operations at Drumlins Country Club and Minnowbrook Conference Center.

During his tenure, he “revitalized the hotel, conference centers, golf and country club, streamlining operations, and developed a strategic plan and co-branding initiatives for university and corporate properties,” SUNY Morrisville said.

Cyr also served as director of auxiliary services at Syracuse University for more than six years, where he led numerous self-operated departments, identifying opportunities for efficiencies, which led to increased funding for facility renovations.

A certified auxiliary-services professional, Cyr serves as president of the Syracuse University Hotel & Conference Center LLC board of directors and is a member of the Greater Syracuse Hospitality & Tourism Association and the National Association of College Auxiliary Services.

Cyr has an MBA degree in management from Syracuse University and a bachelor’s degree in accounting from Le Moyne College.

State tax receipts fall nearly 20 percent in May, DiNapoli says

Subscriber Only

New York State tax receipts in May declined $766.9 million, or 19.7 percent, from the prior year, according to the monthly state cash report that State Comptroller Thomas P. DiNapoli released on June 15. “With an economy still suffocated by a global pandemic, the state’s finances took another serious hit in the month of May,”

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Board Directors Beware: Potential Liability in Data-Breach Suit

Business Mentors, Law, Accounting & Taxes, Subscriber Only

On April 28, 2020, a shareholder of Laboratory Corporation of America Holdings (LabCorp) started a derivative action against LabCorp, and several of its individual directors and officers. The complaint arises from two major data security incidents and principally alleges that the individual defendants breached their fiduciary duties in a myriad of ways. LabCorp is one of

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

LabCorp is one of the leading providers of diagnostic medical testing services in the world and offers a variety of clinical-testing services. Testing more than 2.5 million patient specimens on a weekly basis, the lab giant processes a staggering amount of personally identifiable information (PII) and personal-health information (PHI). In offering its services to patients, LabCorp generates invoices to bill patients, which are then forwarded to a collection agency, such as American Medical Collection Agency (AMCA), if they are not paid in a timely manner.

It is LabCorp’s relationship with AMCA that led to the first data breach, giving rise to this lawsuit. Analysis from a cybersecurity firm revealed that a large number of compromised payment cards and associated PII from AMCA were on the dark web. The security audit revealed that the information was likely stolen from AMCA’s payment portal during a nearly eight-month breach. The complaint alleges that this breach “directly impacted and affected millions of LabCorp patients.”

On May 14, 2019, LabCorp was notified of the breach, and it informed investors of the matter on June 4, 2019 through an SEC filing. The delay in notifying investors is one of the ways the defendant directors and officers are alleged to have breached their fiduciary duties. The company’s June 4 public disclosure of the data breach (less than one month from receiving notice of the breach) drew national attention and prompted a series of inquiries from U.S. senators, state attorneys general, and various other state and federal agencies. In addition to this derivative action, a class action brought by patients whose information was compromised as a result of the first breach is also pending in the District Court of New Jersey.

LabCorp allegedly suffered a second data breach in January 2020 when “an unprotected web address granted access to LabCorp documentation containing PHI.” The complaint states that LabCorp was informed of this breach on Jan. 28. However, neither the company nor the individual defendants have publicly addressed the second breach or acknowledged that it in fact occurred.

This shareholder derivative action was brought in response to both data breaches.

Specific allegations in complaint

The fundamental claim made in the complaint is that LabCorp had insufficient cybersecurity practices and inadequate oversight of AMCA. Most of the claims relate to the allegation that the individual defendants, directors, and officers of LabCorp, breached their fiduciary duties of care, loyalty, and good faith. The complaint specifically alleges that these duties were breached when the individual defendants:

• Failed to implement effective systems to protect patient PII and PHI;

• Failed to exercise appropriate oversight by not monitoring LabCorp’s compliance with state and federal regulations;

• Provided PII and PHI to a LabCorp business associate with deficient cybersecurity and breach detection;

• Failed to ensure that LabCorp and its business associates used proper cybersecurity safeguards to adequately protect patient PII and PHI;

• Failed to timely notify potentially affected individuals;

• Failed to make adequate public disclosures following the data breaches;

• Allowed LabCorp to violate unspecified state and federal laws; and

• Failed to review and affirm or revise LabCorp’s existing data-security policies and procedures.

Each of these alleged failures is characterized as evidence that the shareholders intend to prove through the litigation and trial, that LabCorp’s directors and officers did not act, and continue to not act in the best interest of the company.

Key takeaways

Though the litigation is in its early stages and dispositive motions have yet to be made, the allegations raise several important points that businesses everywhere would be wise to keep in mind.

• Companies should regularly review their data privacy and cybersecurity policies and revise accordingly. As the legal landscape of cybersecurity is constantly evolving, regular review of internal practices will help prevent internal controls from becoming stale.

• Employees charged with handling and processing personally identifiable information and personal-health information should be properly trained in how to do so in a safe and secure manner. This is an obligation imposed by several laws such as the EU’s General Data Protection Regulation, the California Consumer Privacy Act, and the New York SHIELD Act, and simply is a best practice even in the absence of a legislative mandate. Employees should also be sufficiently well-versed in the data-privacy laws and cybersecurity laws that apply to their employer’s business.

• Third-party risk mitigation and management are critical. The vendors and third parties to which a company discloses PII and/or PHI should be appropriately vetted at the onboarding stage and regularly evaluated and monitored depending on the level of risk associated with the type of data such vendor receives and manages for the company. A third-party’s data-privacy and cybersecurity practice should be assessed for competence prior to disclosing PII and/or PHI. Organizations should impose contractual requirements on third parties even in the absence of a statutory or regulatory obligation to do so.

• Security audits are a critical tool for understanding potential vulnerabilities in an organization’s (and it’s third-party vendors’) data privacy and cybersecurity programs.

• The long-term cost of inadequate data privacy and cybersecurity practices can be exorbitant. For instance, LabCorp spent an estimated $11.5 million in out-of-pocket costs on response and remediation costs following the first data breach. Remarkably, this figure does not include any litigation-related expenses associated with defending this action or the patients’ class action. Giving compliance efforts due attention in advance may be well worth the effort in light of the high cost of rectifying a data breach after the fact.

Jessica L. Copeland is a member (partner) of Bond, Schoeneck & King PLLC. She is co-chair of the firm’s cybersecurity and data privacy practice. Contact Copeland at jcopeland@bsk.com. Hannah K. Redmond is an associate attorney in the Syracuse office of Bond, Schoeneck & King. She focuses her practice on representing employers in labor and employment law matters. Contact Redmond at hredmond@bsk.com

Get our email updates

Stay up-to-date on the companies, people and issues that impact businesses in Syracuse, Central New York and beyond.

Get our email updates

What's New

Upcoming Events

Project Homecoming Job & Career Fair 2025

Annual Nonprofit Conference 2026

2026 CenterState CEO Economic Forecast Breakfast

CNYBJ Job Board

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get our email updates