Privacy and Data Protection

An ever-increasing area of risk management for companies around the globe, privacy and data protection issues create thorny thickets that can lead to major fines, loss of reputation, regulatory pitfalls and expensive litigation.

Our work includes data issues bespoke to specific industries, such as healthcare providers, as well as general consumer data privacy regulatory compliance. We help clients respond to government agency investigations into data breaches, as well as lawsuits between private parties related to the mishandling of secure information and trade secrets. We counsel clients in matters related to:

  • Advertising and marketing
  • SAAS and subscriptions
  • Data rights markings for government contractors
  • Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM)
  • Payment Card Industry (PCI) compliance for credit card data
  • Gramm-Leach-Bliley Act (GLB) for financial services
  • HIPAA for healthcare providers
  • FTC investigations and enforcement actions
  • EU General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Consumer opt-out policies, including right to privacy and right to be forgotten procedures
  • Recordkeeping and processing
  • Data breach reporting and incident response

Firm Highlights