Privacy and Cybersecurity
Our attorneys act as proactive and strategic legal partners with our clients to address the demanding and often-changing privacy and cybersecurity requirements that our clients face. Many of our privacy and cybersecurity attorneys have also practiced in-house, and as such bring a unique understanding of our clients’ need to manage strict regulatory compliance requirements with internal business infrastructures.
Our privacy attorneys have deep experience in a wide range of industries, including highly-regulated industries such as banking, healthcare, financial services, pharmaceutical and securities. We regularly counsel on state, federal and international privacy and data breach laws, and also advise on privacy implications from data use and storage; emerging technologies such as biometrics, chatbots and artificial intelligence: and the use, anonymization and aggregation of data. In addition, we guide clients on privacy implications in transactional matters, including merger and acquisitions, vendor relationships, and securities disclosures, and regularly draft and review privacy policies, procedures and notices. Many of our privacy attorneys are members of and some are also certified by the International Association of Privacy Practices (IAPP).
Cybersecurity risks are skyrocketing globally, largely due to increased interconnectivity and reliance on cloud-based systems, networks, mobile devices, and apps. We represent both companies trying to minimize cybersecurity risks as well as companies that are providing solutions to such risks.
Our attorneys counsel clients on how to minimize the legal risks of theft or damage to data and systems, and how to allocate that risk among business partners. In addition, our attorneys draft and review policies and procedures to establish cloud-based security protocols to protect data and decrease targeted attacks; employee training to reduce response to phishing, vishing and other attacks; disaster response programs and redundant systems; vendor and outsourcing management, including business associates in healthcare; and assessment of data flow through interconnected systems. We also provide guidance on cutting-edge security protocols such as blockchain and smart contracts, and help clients identify the cybersecurity obligations of executives and governing boards.
In addition, we help companies that are providing solutions for cybersecurity risks with issues in technology, commercialization, patents and other intellectual property protections, licensing, governance, and entity formation.
Our expertise includes:
- HIPAA and state healthcare privacy laws
- Fintech, Graham Leach Bliley Act, Fair Credit Reporting Act and other financial privacy laws
- Federal Trade Commission Act, CANSPAM, Telephone Consumer Protection Act (“TCPA”) and other federal privacy laws
- International privacy laws, such as General Data Protection Regulation (“GDPR”)
- State Privacy Laws
- State Data Breach Laws
- Breach Response
- Connected Technologies
- Corporate Account Takeovers
- Cyber-liability Insurance
- Digital Health and Telemedicine
- Internet of Things (IoT)
- Phishing, Vishing and Whaling
- Policies and Procedures
- Regulation S-P
- Risk Management
- Trade Secrets
- Vendor and Outsourcing Management