Cybersecurity and Privacy

Because we’re one step ahead, you can always be the same.

The laws governing cybersecurity and privacy are rapidly evolving and can seem overwhelming. Our Firm helps clients identify, address, and comply with applicable laws and other requirements by offering practical advice regarding these complicated legal issues, including the following:

Compliance with state, federal, and internal laws containing privacy and security requirements, such as:

  • The Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health (HITECH)
  • Family Education Rights and Privacy Act (FERPA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Children’s Online Privacy Protection Act
  • State laws governing privacy including the California Consumer Privacy Act (“CCPA”) California Privacy Rights Act (“CPRA”), Colorado Privacy Act (“CPA”), Virginia Consumer Data Protection Act (“VCDPA”), Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”), and Utah Consumer Privacy Act (“UCPA”)

Building a privacy program, including the drafting and implementation of:

  • internal data security policies and procedures
  • incident response plans and business continuity plans
  • records management and data retention policies
  • privacy policies, notice and consent statements, and other consumer-facing documents

Counseling regarding data security incidents, including:

  • preservation of confidentiality over privileged communications
  • coordination with IT vendors regarding remediation and investigation of incidents
  • analysis regarding breach notification and reporting requirements
  • evaluation regarding reasonable security measures
  • response to regulatory inquiries regarding incidents
  • defense of damage claims related to security incidents
  • navigation of cyberinsurance claim process

Conducting compliance audits and risk assessments of confidential and sensitive data.

Negotiation of vendor agreements to define privacy and security expectations and responsibilities.

Drafting employer/employee policies, procedures, handbooks or other internal guidelines for social media, Internet, and technology issues occurring at the workplace.

Procurement of appropriate insurance coverage over cybersecurity incidents.

Assistance with global data protection and international data transfers.

Counseling regarding personal privacy torts, including slander, defamation, harassment, and First Amendment privacy rights claims.

We Can Help

Meet the capable attorneys who specialize in this practice area.