Data Security & Privacy
Data Security and Privacy represent ever-evolving aspects of nearly every business (at least they should). And they present ever-evolving risks, as regulators issue piecemeal and contradictory guidance that’s usually outdated.
Combat the uncertainty with robust data security and privacy policies that ensure Security and Privacy by Design. We understand technology and business, and can help implement or overhaul your security and privacy frameworks.
And if things go sideways, we’re here to help.
Our Data Security & Privacy Expertise
Response & Mitigation
Laws and Regulations of Interest
Computer Fraud & Abuse Act (CFAA): Federal law providing criminal and civil penalties for unauthorized access or damage to computer resources.
Children’s Online Privacy Protection Act (COPPA): Restricts certain data collection and information sharing by online services directed to children under age 13.
California’s Privacy Rights for California Minors in the Digital World Act: Requires erasure of data related to minors upon request.
California’s Online Privacy Protection Act (CalOPPA): Requires websites to display privacy policies for California consumers.
The Gramm-Leach-Bliley Act: Requires financial institutions and providers to disclose information-sharing practices.
They find the strength in your case, the weakness in the other side’s case, and concentrate on those issues — not the ancillary issues that other lawyers at other firms tend to litigate that result in nothing more than bloated bills.
Federal Trade Commission (FTC) Rules on Privacy and Data Security: Prohibit unfair and deceptive trade practices related to privacy and data security issues.
Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act: Impose security and privacy rules governing the storage and use of Protected Health Information (PHI) on healthcare providers and business associates, including data breach notification requirements.
State Data Breach Notification Laws: Over 47 states have enacted such laws; California was the first.
EU-U.S. Privacy Shield Framework: Outlines mechanisms for data transfer between the U.S. and European Union that comply with EU data protection rules.