Every business collects, shares and stores information. All businesses have personal information about employees. Retail business have information about customers, which products have been purchased, and often the credit card and bank account information the customer uses. Health care providers have sensitive information about patients and their diagnoses.
Protecting that information and sharing it properly is no longer the sole responsibility of the information technology professionals. Senior corporate executives and directors of all businesses are now responsible. We hear news reports daily about hackers and unauthorized disclosures or loss of sensitive information by businesses of all sizes. In addition, most states and certain federal agencies also have laws and regulations in place with which businesses must comply.
Our cyberliability and data security attorneys comprise a multi-disciplinary team with significant experience in corporate law, employment law, intellectual property law, technology, privacy, risk management and litigation. We assist clients both in up-front counselling to mitigate risk and in pursuing and defending litigation claims when disputes arise.
Some of the ways we assist clients are:
- Advising with respect to compliance obligations under international, U.S. and state laws and regulations
- Developing and reviewing policies and procedures for data privacy, protection, retention, and destruction
- Reviewing and developing policies and procedures for the work place
- Evaluating insurance policies and identifying gaps in coverage
- Reviewing and negotiating Master Services Agreements and related software and technology agreements with third party vendors and cloud service providers
- Advising with respect to the implementation of data breach response plans
- Evaluating obligations, liability and possible sources of recovery when a breach occurs