• Georgetown University Law Center, J.D.
  • University of Richmond, B.A., magna cum laude, Phi Beta Kappa


  • District of Columbia
  • Pennsylvania
  • U.S. District Court, District of Columbia
  • U.S. District Court, Western District of Colorado
  • U.S. District Court, Eastern District of Michigan
  • U.S. Court of Appeals, Fourth Circuit
  • U.S. Court of Appeals, Eleventh Circuit

Jeffrey L. Poston


Jeff Poston is a partner in Crowell & Moring’s Washington, D.C. office, where he serves as co-chair of the firm’s Chambers USA-ranked Privacy & Cybersecurity Group and is a member of the Litigation Group. A seasoned trial lawyer with more than 25 years of experience leading investigations and litigation for corporate clients, Jeff counsels and defends clients in complex data protection matters involving class-actions and regulatory enforcement actions, as well as commercial disputes. Jeff also counsels businesses on both domestic and international privacy compliance matters, including the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

Privacy and Cybersecurity

As co-chair of Crowell & Moring’s Privacy & Cybersecurity Group, Jeff leads counseling, investigations, and litigation for clients navigating sensitive data breaches, hacks, and other cybersecurity events. He has represented Fortune 500 companies in some of the largest data breach cases brought under the federal Hi-Tech Act and various state privacy, data security and unfair competition laws, and he has negotiated favorable settlements with state regulators and attorneys general.

Jeff’s recent representative matters include representing Starwood Hotels in a class-action seeking millions in damages arising from an alleged system-wide cyberattack. When the plaintiff alleged a nationwide breach and brought claims under multiple California state laws, Jeff led the team that obtained dismissal with prejudice of the case. Jeff was also a part of a litigation team that obtained a dismissal of nine consolidated class actions in the Eastern District of California, alleging that a national health care company violated the California Medical Information Act (CMIA) by disclosing the data of more than one million members.

Jeff has successfully defended large health care companies in investigations brought by the Department of Health & Human Services’ Office of Civil Rights alleging HIPAA violations.

Jeff regularly helps clients test their cybersecurity readiness and build plans to mitigate future attacks. He counsels clients on front-end compliance issues involving the state and federal privacy laws, including HIPAA, and helps clients prepare incident response plans to guide them through a cyber crisis. Jeff also defends and counsels clients in class actions asserting violation of the Telephone Consumer Protection Act (TCPA).

Commercial Litigation

A trial lawyer with more than 25 years of courtroom experience, Jeff has litigated and tried dozens of cases on behalf of corporate clients, especially in the health care and hospitality sectors, involving a wide variety of commercial disputes.

In the health care sector, Jeff recently represented a national managed care plan in a suit filed by a national hospital system alleging that the health plan had improperly recovered overpayments through offsets of subsequent payments in violation of the Medicare Advantage Act. Jeff obtained dismissal of the claims at the District Court on the grounds that the hospital system failed to exhaust its administrative remedies prior to the filing its federal action. He then successfully argued the appeal at the 11th Circuit, obtaining a unanimous decision affirming the District Court’s decision.

Jeff’s work for the hospitality industry includes a wide range of commercial disputes, ranging from management contracts to joint employment issues to ERISA class actions. In a recent case, Jeff represented a global hospitality company in an action reaching back decades and seeking hundreds of millions of dollars in damages for the alleged violation of ERISA’s “top hat” plan laws. As the lead trial attorney, Jeff obtained summary judgment at the district court and successfully argued for affirmance at the Fourth Circuit, resulting in a unanimous decision in favor of Jeff’s client.

Jeff recently represented a global hospitality company in a class action alleging ERISA violations in the form of excessive fees charged to participants of the company’s 401(k) plan. Jeff successfully argued that the putative class should not be certified resulting in a voluntary dismissal of the claims with prejudice.

Jeff also recently represented a large global hospitality company against claims of tortious interference with contract stemming from a dispute over a management agreement governing a hotel in Beirut, Lebanon. Jeff obtained dismissal of the action in Maryland federal court on grounds that it was a collateral attack on a foreign arbitration award.

He is admitted to practice before the United States District Court for the District of Columbia, the United States District Court for the Western District of Colorado and the United States District Court for the Eastern District of Michigan. He is also a member of the District of Columbia Bar and the Bar of the Commonwealth of Pennsylvania.

Representative Matters

  • Lead defense counsel for a large global hospitality company in class action suit arising from cyber intrusion into multiple hotel servers potentially involving the data of millions of individuals. Obtained dismissal with prejudice in the U.S. District Court for the Southern District of California.
  • Lead defense counsel for a large global hospitality company in suit alleging violations of ERISA’s “top hat plan” provisions and seeking $500 million in damages. After extensive discovery reaching back more than four decades, successfully argued summary judgment motion before the federal district court. Argued the appeal before the 4th Circuit and obtained affirmance of the dismissal. 
  • Lead defense counsel for global hospital company sued in U.S. District Court for the District of Maryland for tortious interference with contract arising from termination of hotel management agreement for hotel located in Beirut, Lebanon. Successfully argued that the Maryland action was collaterally estopped by a parallel arbitration in Paris, France. 
  • Successfully defended health care plan in investigation by the Office of Civil Rights of the Department of Health and Human Services alleging improper disclosure of PHI in violation of HIPAA. OCR closed the case and declined to issue any fine.
  • Successfully obtained dismissal of fraud claims in New York State Court on behalf of large data center in action seeking millions in damages for alleged failure to develop platform for new mobile gaming application. 
  • Lead counsel in ERISA class action alleging that a Global Hospitality Company violated multiple provisions of ERISA in connection with the company’s 401(k) plan. Obtained dismissal of majority of claims at pleading stage and defeated class certification motion leading to voluntary dismissal with prejudice of remaining claims.
  • Jeff successfully obtained dismissal of a multi-million dollar claim against a national health care company involved in the Medicare Advantage Program. The U.S. federal court dismissed the action due to the plaintiffs’ failure to exhaust administration remedies under the Medicare Advantage Program. Jeff argued the appeal at the 11th Circuit, which affirmed the victory at the District Court.
  • Represented a hotel owner in an arbitration challenging the inclusion of “service changes” as part of Gross Operating Revenue.
  • Represented DuPont against monopolization counterclaims brought by Kolon Industries. On the eve of the trial, the Eastern District of Virginia granted summary judgment for DuPont and dismissed the claims with prejudice. This was the second major win in Crowell & Moring's work for DuPont stemming from trade secrets litigation against Kolon. The first was a jury award of $919.9 million for DuPont for theft of trade secrets related to Kevlar® business and technology used by DuPont and the class against the current owners finding that they could not be liable for the actions of the prior owners.
  • Represented the current owners of a power plant against claims by the EPA and a private class that they should be held liable for the conduct of the prior owners relating to the current emissions of the plant. This matter involved the Prevention of Significant Deterioration (PSD) Program of the Clean Air Act. The Federal District Court for the Western District of Pennsylvania dismissed the claims of the EPA and the class against the current owners finding that they could not be liable for the actions of the prior owners.
  • Defended, as lead trial counsel, a national health care company against claims alleging over $17 million in damages stemming from the alleged systematic underpayments to non-contracted healthcare providers. At the conclusion of trial, the court granted the company's motion for judgment and rejected all of the plaintiffs' claims.
  • Represented the Enron Creditors Recovery Corporation in its litigation against two global financial institutions alleging that they aided and abetted Enron's demise through structured finance transactions that misled investors and the credit rating agencies. The resulting settlement, valued at nearly $6 billion, is reputed to be the largest bankruptcy settlement in U.S. history.
  • Successfully defended a Class 1 freight railroad in multiple actions arising from a collision with a commuter train in Massachusetts that injured hundreds of passengers. On the eve of the trial, the owner and operator of the commuter lines faced with potential spoliation sanctions settled the case on favorable terms to the client.
  • Obtained a multi-million dollar award for a managed behavioral healthcare organization whose contract was improperly terminated by a national health plan.
  • Successfully sued the federal and state governments for violating their own respective regulations in awarding a joint federal-state highway contract.
  • Represented a consortium of health care companies and providers in enjoining the federal government from implementing an unauthorized Medicare "demonstration project."
  • Recently, he defended two large health plans in separate OCR investigations, both of which were closed without any fines being levied.


Speeches & Presentations

  • "Are you Prepared for a Ransomware Attack? Preparing for Threats and Managing the Crisis" (July 21, 2021). Presenters: Michael K. Atkinson, Caroline E. Brown, Laura Foggan, Kristin J. Madigan, CIPP/US, Jeffrey L. Poston, Evan D. Wolff.
  • "Anatomy of a Cyber Incident," Investigations: Readiness and Response Webinar Series (April 30, 2021). Presenters: Kate M. Growley, Jeffrey L. Poston, Paul M. Rosen, Evan D. Wolff, and Matthew B. Welling.
  • "GDPR, CCPA, and other Hot Topics in Data Privacy," Silicon Legal Strategy, Santa Monica, CA (November 12, 2019). Presenters: Jeffrey L. Poston, Paul M. Rosen, Maarten Stassen, Jarno Vanto, and Heidi Waem.
  • "GDPR, CCPA, and other Hot Topics in Data Privacy," Silicon Legal Strategy, San Francisco, CA (November 11, 2019). Presenters: Jeffrey L. Poston, Maarten Stassen, Jarno Vanto, Kristin J. Madigan, and Heidi Waem.
  • "The ICO Bares its (Sharp) Teeth: What You Need to Know About GDPR One Year On," Crowell & Moring, London (October 17, 2019). Moderator: Jeffrey L. Poston; Panelists: Ambassador Robert Holleyman, Maarten Stassen, and Laurence Winston.
  • "Telemedicine from the Privacy Perspective," Telemedicine: Legal Issues Conference, NYC Bar, New York, NY (June 18, 2019). Panelist: Jeffrey L. Poston.
  • "Investing in the Internet of Things – How to Turn Data into Value," ACG Intergrowth 2019, Orlando, FL (May 13, 2019). Panelist: Jeffrey L. Poston.
  • "Investing In The Internet Of Things – How To Turn Data Into Value," ACG: Intergrowth 2019, Orlando, FL (May 8, 2019). Presenter: Jeffrey L. Poston.
  • "Preparing for and Dealing with Cyber Security Breaches: Best Practices for Chief Litigation Counsel," Spring 2019 CLCA Meeting, Houston, TX (May 2, 2019). Presenter: Jeffrey L. Poston.
  • “Data Privacy and Emerging Technologies Aimed at Enhancing the Passenger Experience,” IATA Legal Symposium 2019, Rome, Italy (March 7, 2019). Panelist: Jeffrey L. Poston.
  • "Data Privacy and Emerging Technologies Aimed at Enhancing the Passenger Experience," IATA Legal Symposium 2019, Rome, Italy (March 7, 2019). Panelist: Jeffrey L. Poston.
  • "GDPR and Beyond," Crowell & Moring's Trade Association Breakfast Series, Washington, D.C. (July 31, 2018). Speakers: Maarten Stassen, Jeffrey L. Poston, and Peter B. Miller.
  • "AV Quarterback Session," Crowell & Moring, Washington, D.C. (May 8, 2018). Presenters: Crowell & Moring Autonomous Vehicles Team.
  • "Cybersecurity," ALIS Law Conference, Los Angeles, CA (January 22, 2018). Moderator: Jeffrey L. Poston.
  • "Consumer Privacy Protection Update," Silicon Valley Association of General Counsel 28th Annual All Hands Meeting, Santa Clara, CA (November 16, 2016). Presenters: Jeffrey L. Poston and Kristin J. Madigan.
  • "Selected GDPR Topics and the Privacy Shield: Putting Theory into Practice and International Panel Discussion," Crowell & Moring Brussels (October 20, 2016). Speakers: Frederik Van Remoortel, Jeff Poston, Emmanuel Plasschaert, Jan Baas, Frédéric Sardain, Peter Huppertz and Cynthia O’Donoghue.
  • "Cybersecurity and Data Protection," Crowell & Moring Seminar, Brussels, Belgium (November 18, 2015). Presenters: Emmanuel Plasschaert, Jeffrey L. Poston, and Frederik Van Remoortel.
  • "Privacy & Cybersecurity," Association of Commercial Finance Attorneys CLEW 2015, National Harbor, MD (May 14-17, 2015). Presenter: Jeffrey L. Poston.
  • "Liability Trends in Cybersecurity and Data Privacy," Crowell & Moring's Corporate Counsel Litigation Forum Webinar Series (February 24, 2015). Presenters: Jeffrey L. Poston and Clifford J. Zatz.
  • "New Liability Trends in Data Privacy and Security," Crowell & Moring's Healthcare Ounce Of Prevention Seminar (HOOPS), Washington, D.C. (October 27-28, 2014). Presenters: Jeffrey L. Poston and Robin B. Campbell.
  • "2013: The Year of the Data Breach; 2014: The Year of Lessons Learned or Warnings Ignored?" Blue Cross Blue Shield 2014 Blue National Summit (May 19, 2014). Presenter: Jeffrey L. Poston.
  • "Retail Privacy and Cybersecurity Seminar: How to Avoid Making the Headlines," Crowell & Moring Seminar (May 15, 2014). Presenters: Robin B. Campbell, Christopher A. Cole, Jeffrey L. Poston, and Evan D. Wolff.
  • "Higher Risk in Higher Education: How to Lower Your Cyber and Data Risk," AllClear ID and Crowell & Moring Webinar (April 22, 2014). Presenters: Jeffrey L. Poston, Evan D. Wolff, and Louisa K. Marion.
  • "Privacy in the 21st Century: Definition, Regulation, Litigation, and What Is on the Horizon," Bloomberg BNA Webinar (February 20, 2014). Panelist: Jeffrey L. Poston.
  • "How to Manage a Data Breach ('Incident') Crisis," Association of Corporate Counsel, Southern California Chapter (ACC-SoCal), 2014 ACC-SoCal In-House Counsel Conference, Los Angeles, CA (January 29, 2014). Presenters: Jeffrey L. Poston and Jennifer S. Romano.
  • "Recent TCPA Developments," Privacy & Information Security Update, ABA Section of Antitrust Law (November 19, 2013). Presenter: Jeffrey L. Poston.
  • "Guess What? You're Now Subject to HIPAA (Yes, You!): The Broad Reach of HIPAA over Business Associates," AllClear ID Data Breach Response Services Webinar (November 12, 2013). Presenters: Jeffrey L. Poston, Robin B. Campbell, and Elliot Golding.
  • "Data Incidents and Litigation," National Association of College and University Attorneys (NACUA) November 2013 Symposium & CLE Workshop, Washington, D.C. (November 7, 2013). Presenter: Jeffrey L. Poston.
  • "Not Your Parents' Data Breach: Litigation, Insurance, and Notification Twists," Blue Cross Blue Shield Association 47th Annual Lawyers Conference, Phoenix, AZ (October 29, 2013). Presenter: Jeffrey L. Poston.
  • "How to Manage a Data Breach Crisis (and Prevent the Next One)," ABA Section of Science and Technology Law, Information Security Committee Fall Meeting, Washington, D.C. (October 26-27, 2013). Presenters: Jeffrey L. Poston, Elliot Golding, and Amelia Schmidt.
  • "Data Breaches: Inevitable, but Salvageable," Blue Cross and Blue Shield Western Operations Conference (July 8, 2013). Presenter: Jeffrey L. Poston.
  • "Cyber-Security and Privacy: Breach Response and Litigation in the Financial Services Industry," Independent Bankers Association of New York State (May 1, 2013). Presenter: Jeffrey L. Poston.
  • "Managing the Cyber Threat Crisis: An Interactive Workshop on Cyber Threats and Cyber Security," Crowell & Moring, Washington, D.C. (April 4, 2013). Panelists: David Z. Bodenheimer, Bryan Brewer, Stephen M. Byers, Robin B. Campbell, Morris F. DeFeo Jr., Cheryl A. Falvey, Jeffrey L. Poston, Jeffrey L. Snyder, Michael J. Songer, and Scott L. Winkelman.
  • "The Privacy Mega Reg: Understanding and Implementing Substantial Changes," America's Health Insurance Plans (AHIP) Webinar (March 21, 2013). Presenters: Jeffrey L. Poston, Robin B. Campbell, and Barbara H. Ryland.
  • "The Dish on Data and Disks: HIPAA Privacy and Security Breach Developments," Crowell & Moring's 2012 Healthcare Ounce of Prevention Seminar (HOOPS), Minnesota (September 13, 2012). Presenter: Jeffrey L. Poston.
  • "Attacks on Health Reform and Developing Litigation Issues in the Managed Care Arena," Crowell & Moring's Healthcare Ounce Of Prevention Seminar (HOOPS) (April 26-27, 2010). Presenters: Chris Flynn and Jeffrey L. Poston.
  • "Current and Emerging Trends in Managed Care Litigation," Crowell & Moring's 2007 Healthcare Ounce of Prevention Seminar (HOOPS) (October 2007). Co-Presenters: Julie A. Barnes, William J. Flanagan, Chris Flynn, David Florin and Jeffrey L. Poston.
  • "HIPAA for Behavioral Health Organizations," Institute for International Research (June 11-12, 2002). Co-Presenters: Jeffrey L. Poston and Julie A. Barnes.
  • American Managed Behavioral Health Association HIPAA Seminar, (October 30, 2001). Co-Presenters: Jeffrey L. Poston and Julie A. Barnes.


Client Alerts & Newsletters

Press Coverage

Firm News & Announcements

November 2, 2021 Crowell & Moring Secures Victory for Marriott International in High-Profile Jury Trial
July 27, 2015 Crowell & Moring Receives Two American Lawyer 'Global Legal Awards' for Global Dispute of the Year in U.S. Litigation and Pro Bono
January 13, 2015 Crowell & Moring Releases Third Annual Litigation Forecast Report and Inaugural Regulatory Forecast
June 5, 2014 Crowell & Moring Releases "Data Law Trends & Developments" Report
April 8, 2014 Crowell & Moring Named Finalist in Global Competition Review's Fourth Annual "GCR Awards"
April 6, 2012 Crowell & Moring Client DuPont Granted Summary Judgment in Kolon Antitrust Claim