Privacy Programs

Our data privacy practice attorneys are well-versed in the challenges companies face in securing and managing their sensitive data. Our clients encounter serious threats from a variety of sources that can easily disrupt or cripple normal business operations. We regularly counsel clients with respect to issues and concerns relating to security, confidentiality, privacy and data protection. We assist clients with website privacy policies, the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act, the FTC’s Red Flags Rule and GDPR accountability.

Suite of Offerings

We routinely draft and negotiate vendor agreements, including those for cloud computing and SaaS, with a particular focus on issues vital to businesses, including data security and confidentiality concerns and the handling of personally identifiable information. We regularly help our clients design, refine and implement the full suite of internal policies necessary to support an IG program including information governance policies, written information security policies, data maps, BYOD policies, data breach response plans, privacy policies, and website terms and conditions. We also provide guidance on privacy issues related to M&A activity and due diligence. We are highly experienced regarding consumer-facing and internal privacy notices.

Experienced and Credentialed Team

Our data privacy team includes attorneys with vast experience in the data security and privacy arenas who have earned the designation of Certified Information Privacy Professional (CIPP/US and CIPP/EU) by the International Association of Privacy Professionals, indicating a comprehensive understanding of U.S. and European privacy and security laws, regulations and requirements. In addition, the group is bolstered by consultants with deep knowledge and understanding in IT, knowledge management and administration of internal policies.