Phillip counsels public and private organizations in navigating the difficult business decisions and complex legal obligations associated with ongoing cybersecurity incidents.

Get To Know Phillip

Phillip's practice is fully devoted to cybersecurity and data privacy. He appreciates the critical importance of rapid incident response and has counseled numerous clients through the urgent business decisions and legal obligations associated with significant breaches. He understands the complex intricacies of reporting obligations in different industries - Phillip's clients have included publicly traded companies harboring controlled government information, HIPAA covered entities, and large municipalities and school districts.

As a Certified Information Privacy Professional with a U.S. designation (CIPP-US), Phillip also ensures that his clients' business practices comply with an ever-changing regulatory landscape. He has drafted privacy policies, business guidelines, and data protection contracts. His practice constantly evolves to incorporate and understand new developments in technology and the law.

Phillip joined Woods Rogers in 2022 after completing the firm’s summer associate program in 2021. He earned his J.D. from Washington and Lee School of Law. While in law school, he interned for the Office of the Federal Public Defender in the Western District of Virginia. He was awarded the Law Council Law Review Award in recognition of the best student note and the John W. Davis Prize for the student with the highest graduating GPA. Prior to law school, Phillip worked at an economic consulting firm performing quantitative analysis used in expert testimony.

A Roanoke native, Phillip loves to be outdoors. He and his wife met running together for the Washington and Lee track and cross country teams - today Phillip considers himself a hobby jogger.

When he isn't running, Phillip is a regular at the Roanoke Valley Chess Club and River Rock Climbing.

Experience

  • Incident Response: Counsels dozens of organizations, both public and private, through all phases of cybersecurity incidents - including business email compromises, DDOS attacks, and ransomware.
  • FOIA/FERPA: Deep experience navigating post incident inquiries including experience responding to media and to hundreds of requests for information under FOIA/FERPA. 
  • Individual Breach Notifications: Facilitates the issuance of hundreds of thousands of breach notification letters. Develops comprehensive communications packages to support all facets of his clients’ messaging. 
  • Incident Notice Obligations: Assists clients in navigating the murky waters of incident notice obligations, including SEC 10-K disclosures, contractually-obligated alerts to Fortune 100 companies, negotiations with the Department of Defense concerning DFARs compliance, and communications with state regulators and Attorneys General.
  • Preparedness: Counseled a multi-billion-dollar organization on its cybersecurity preparedness and developed a table-top exercise to further hone the organization’s incident response procedures.

Credentials

Education

Washington and Lee University School of Law, J.D., summa cum laude, Order of the Coif

Washington and Lee University, B.A., magna cum laude

Admissions

Virginia

Affiliations

  • American Bar Association
  • Certified Information Privacy Professional
  • Virginia Bar Association

News & Insights

  • Speaking Engagement
    Protecting the Crown Jewels: Construction Law Through the Lens of Cybersecurity|
  • Speaking Engagement
    Operational, Legal, and Communication Issues for School Administrative Leaders

Other Publications & Media

"Data Breach Notification Laws and the Quantum Decryption Problem," 79 Washington and Lee Law Review. 475 (2022).

Matter results depend upon a variety of factors unique to each case. Past results do not guarantee or predict a similar result in any future matter. Some material on this site may be considered attorney advertising in some jurisdictions.

Jump to Page