We counsel companies, executives, boards of directors, and service providers on developing and implementing strategies to protect their data, mitigate risk, respond to data breaches, and manage crises. Our team guides clients in balancing security and privacy compliance with business priorities.
Crisis Management and Breach Response
We have significant experience in counseling and navigating clients through data breaches, including those involving malware (including ransomware), payment card fraud, malicious insiders, loss of physical devices, business email compromises, miswired funds, and unintended disclosures. As breach coaches, we counsel clients through incident response, providing access to and coordinating the internal and external response team resources, working with clients to help them to resume their day-to-day operations while guiding them through the stages of incident response. Our relationships with Federal and State law enforcement and regulators across industries enable us to facilitate effective reporting to ensure appropriate compliance across jurisdictions. We work with our clients and crisis communication resources, where appropriate, to prepare the necessary and appropriate breach notifications to customers, personnel and others.
Policy and Regulatory Counseling
Our team excels in ensuring clients and their supply chain partners are compliant with industry-specific privacy and data security laws and regulations including the Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act), the Children’s Online Privacy Protection Act (COPPA), Payment Card Industry Data Security Standards, Family Educational Rights and Privacy Act (FERPA), and Gramm-Leach-Bliley Act (GLBA).
Further, we are well equipped to lead our clients through the myriad of state privacy, security and data breach laws and regulations, as well as international standards, such as the EU and UK General Data Protection Regulation (GDPR). We are able to quickly leverage our international relationships, for our multinational clients, whether for proactive privacy and data resources or in connection with breach response through our working relationships with relevant organizations, including the International Association of Privacy Professionals, ISACA (the Information Systems Audit and Control Association), and InfraGard.
For additional information regarding our extensive experience in the privacy and data security industry, click here.