Industries & Practices

Privacy & Data Protection

Privacy & Data Protection

    We are experienced and responsive privacy and data professionals, helping clients ensure compliance, mitigate risks and protect their data. 

    Our multidisciplinary privacy and data protection team has a defined and proactive approach to helping clients stay up-to-date on constantly evolving state and federal laws and regulations, establishing compliance and minimizing the risk of data compromise or cyber incidents. In the event of a breach, our reliable team will protect and defend those that have experienced a cyberattack.

    Our attorneys have a wide range of experience in state, federal, and international regulations, as well as industry best practices related to privacy and data security, including:

    • Healthcare privacy: Health Insurance Portability and Accountability Act (HIPAA), Electronic Health Records (EHR), Health Information Technology for Economic and Clinical Health (HITECH)
    • Financial privacy: Gramm-Leach-Bliley Act (GLBA), Fair Credit Reporting Act (FCRA)
    • International privacy: General Data Privacy Regulation (GDPR)
    • Technology privacy: Children’s Online Privacy Protection Act (COPPA)
    • Information security privacy: Payment Card Industry (PCI), Family Educational Rights & Privacy Act (FERPA)
    • Communications privacy: Telephone Consumer Protection Act (TCPA), Telemarketing Sales Rule (TSR)

    Our team also serves clients in the following areas:

    • Data risk and privacy impact assessments
    • Data incident investigation, data breach response and ransom response
    • Record retention policies and procedures
    • California Consumer Privacy Act (CCPA) counseling
    • Agreements for technologies and services
    • Cyber insurance review, negotiation and claims recovery
    • Complex litigation and financial class action defense
    • Website policies and terms of use
    • Vendor due diligence
    • Employment information confidentiality and handbook provisions
    • Restrictive covenants and enforcement of restraints of trade

    Areas of Focus

    Compliance Advice

    We monitor legislation, regulations and court decisions to ensure that our clients abide by the latest rules. We also identify areas of need by analyzing the strength of existing compliance systems, technical controls and procedures. We create policies and procedures, implement them and conduct training to prevent a breach.

    Crisis Response

    If private information becomes unexpectedly compromised, we respond effectively and rapidly to retain resources and recover lost information. We stand with our clients, walking them through a checklist of actions and considerations to lessen the impact and increase resiliency. Should the media get involved, we facilitate the proper partnerships and assist in crafting a sound public relations strategy.

    Litigation Defense

    In the event of data security-related litigation, we seek to gain control from the start. We are committed to delivering results while conserving our clients’ resources and protecting their most important relationships. In particular, our class action team devises timely and effective defense strategies with the goal of early dismissal.


    Privacy & Data Risk Assessments

    Our team has broad experience in assisting clients with assessing their data risks and developing legally compliant mitigation policies and procedures. Keeping our clients' resources in mind, we analyze the strength of existing compliance systems, technical controls and procedures to identify compliance requirements and best practices.

    Online Policies

    We provide experienced counsel on online privacy issues, including privacy policies, website terms of use and cookie policies. Our team is committed to ensuring that our clients are compliant with state, federal and international laws requiring specific disclosures and policies handling personal data.