Practice Area
Cyber &
Data Privacy
CYBER & DATA PRIVACY
The term “data protection” encompasses both data security & data privacy. We are experts in each area.
For example, we manage data breaches and stakeholder notifications and advise on cyber insurance coverages. We also coach clients through ransomware attacks and intrusion remediation.
We also advise U.S. and international companies on the full range of data protection laws, including GDPR, the EU AI Act, the EU-US Data Privacy Framework and all Federal and state data privacy, artificial intelligence and consumer protection laws & regulations.
Most state laws now regulate “sensitive personal information” and the transfer or sharing of data for targeted advertising and profiling. A new category of consumer health data is blurring the lines of HIPAA-protected health Information. Violations of these laws can result in substantial fines and penalties; some contain private causes of action.
Representative Engagements:
- Data inventories
- Data & privacy assessments, including DPIAs, PIAs & algorithm assessments
- Website privacy notices, policies & data subject access requests and forms
- GDPR, Federal, state, Canada, Mexico and other laws & regulations
- Implementation of consumer consent, opt-out and global consent mechanisms
- Analysis of website tracking technologies for HIPAA / FTC compliance
- Third-party data protection agreements re-sharing of personal information
- Investor & private equity due diligence support
- Management of data breaches and cyber insurance claims
- Data breach remediation and compliance actions
- Representation in regulatory and stakeholder investigations
- Board of directors and senior management support