D.E. Boehling

I devise strategies that Fortune 500 companies rely on to address their information and communications technology (ICT) needs. These include tactics for unexpected business changes such as mergers, acquisitions, divestiture– whether within the enterprise or its' vendors–and with disputes. I also perform transactional and regulatory work, customized to reflect the unique and often complex needs and interests of each business.

This year, I developed short-term and long-term ICT strategies for a Global Fortune 150 retailer to address unexpected compliance obligations from a previous acquisition. I educated the company on possible risks while providing multiple paths to reach their goal.

Most companies do not consider ICT impacts during a merger or acquisition and divestiture (MAD) event, and their ICT professionals are typically unaware until the event has occurred; I have coordinated successful strategies for companies whether I was brought in before or after a MAD event. Over the past decade, multiple Fortune 500 health care companies relied on my advice post-acquisition or divestiture to consolidate and improve contracts for the expanded organization; others for vendor MAD events.

ICT vendors and their contracts are often messy and even the best ICT deals, despite appropriate dispute resolution and governance provisions, may have disputes escalate to high levels within the business and waste time and money. I create strategies to mitigate this risk. I helped a travel subsidiary of a Fortune 200 company avoid writing a check for $1M+. My colleague Laura McDonald and I are presently working with a Fortune 500 retailer on a similarly large dispute.

My transactional work includes structuring the acquisition of ICT services for regulated businesses (e.g., financial, healthcare) that allow them to comply with their legal and regulatory requirements and the requirements imposed on them by their vendors. I address the relationship between the ICT deal and HIPAA and the HI-TECH Acts, Gramm-Leach-Bliley Acts and Interagency Guidelines, SEC cybersecurity rules and PCI-DSS.  Last year, I advised a multinational financial company on several Software-as-a-Service products monitoring wealth/investment advisor communications (with associated customization of the commodity product), which help the company meet its regulatory requirements. The year before, I advised a long-term client on its purchase of cloud-based customer information systems for its customers’ and personal privacy law implications. A year after go-live, the client is sharing its good experience at numerous conferences (e.g., Utilities in the Cloud). I am also well versed with the ins and outs of colocation and hosting services and have negotiated industry-leading colocation and data center contracts with global leaders like Equinix and DRT.

Global businesses have relied on me to determine whether their ICT plans (e.g., wide-area network structure, call center locations, use of encryption, storage of personal data, location of employees) comply with law. For a global Fortune 125 company, I surveyed the legality of UC communications use with and without carrier-provided SIP trunking and the use of encryption in more than 120 countries and analyzed and developed ways to mitigate the business’ risks. My regulatory work includes the European Union but focuses on India, China, Mexico and Southeast Asia where risks can be significant if the services, their use and sharing among related entities or bundling the telecom input with value added service, are not carefully structured. I monitor and generally advise on changes in foreign laws that impact enterprises' risks related to ICT services (e.g., the EU's General Data Protection Regulation).

I am recognized in Who's Who Legal as a Global Leader in Information Technology and Telecoms, Media & Entertainment.