Privacy and Information Security Attorneys

cybersecurity concept image keyboard with lockInformation, especially electronic data, is central to our personal and professional lives and vital to every business in the 21st century. Whether you run a multinational corporation, a small business, or a start-up, you will likely collect, analyze, and profit from information relevant to your customers and industry. How you gather and store your data is a critical consideration.

Now more than ever, your data must be kept secure from competitors, hackers, and careless insiders. We’ve all seen an organization’s reputation critically damaged by a security breach in just a single day. Unfortunately, lack of trust is only the beginning of the damage caused by lost, stolen, or mishandled electronic data. Cyber attacks often trigger breach notification statutory duties and consumer class action litigation as well as state and federal regulatory action.

We understand the role data security plays in your business. It’s why we created the Privacy and Information Security Practice Group to help businesses of all sizes develop reasonable, cost-effective solutions to help reduce the risk of data breaches. We provide comprehensive privacy and security risk assessments and compliance audits as well as employee education and training. We help clients develop and draft privacy notices for consumers as well as internal privacy policies and procedures for the appropriate collection, use, disclosure, storage, and destruction of electronic data throughout the information life cycle. We also assist clients with the creation of administrative, technical, and physical safeguards for the protection of their sensitive information.

Our team of seasoned attorneys is experienced in a variety of specialized privacy and information security areas including:

Personal Information Security and Medical Privacy

We regularly advise a wide range of enterprises with protected electronic data regarding compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Genetic Information Nondiscrimination Act of 2008 (“GINA”), and other applicable federal and state laws dealing with data privacy. While our healthcare clients typically recognize their regulatory obligations, many businesses are surprised to learn that these laws impact nonmedical businesses as well. To that end, our work in this area extends beyond healthcare.

Our skilled attorneys represent a wide range of businesses, including healthcare and wellness solutions, software companies, and other organizations and providers requiring compliance support.

We draft privacy notices, consent documentation, policies, and procedures. We also evaluate and modify website content notices, terms of use, and license agreements to access or utilize software/Internet platforms to improve compliance. We conduct breach response investigations, train employees to investigate breach events, advise on incidents that may have constituted breaches under federal and state breach notification laws, and interface with state and federal regulators.

Workplace Privacy

Privacy considerations play a critical role in the workplace, especially in the establishment of the employment relationship. Background screening of prospective employees raises a number of privacy-related legal issues that employers must consider in the hiring process, including application of the Americans with Disabilities Act, the Fair Credit Reporting Act (FCRA), “investigative consumer reports,” and the Fair and Accurate Credit Transactions Act (FACTA) to persons being considered for hire. Privacy issues continue to be present during the employment relationship, including the use of polygraphs, psychological testing, substance testing, monitoring of the workplace, and investigations of alleged employee misconduct.

Employment termination or voluntary departures are a regular part of every business. We assist employers with the development of appropriate policies and procedures to protect and secure company assets, including IP and trade secrets, while respecting the rights of departing employees.

Cloud Computing and Emerging Technology Privacy and Data Protection

We regularly assist companies involved with cloud-based services by preparing and negotiating key contracts, developing best practices, and planning and preparing for privacy and data breach issues. We counsel new and emerging technology companies involved in the Internet of Things with planning and designing their products and services to satisfy the latest privacy and data protection laws and regulations.

Privacy and Data Breach Litigation

We help businesses that have been the victims of data breaches. The risk of litigation stemming from a cyber attack is growing exponentially and has become a key concern for businesses in the digital age. Our team includes experienced trial lawyers capable of handling a wide range of privacy-related litigation, including data breach lawsuits, consumer class actions, and administrative or other actions brought by state or federal regulators. We stand shoulder-to-shoulder with our clients and work aggressively to resolve data breach litigation or administrative proceedings through settlement or trial in a reasonable, cost-effective manner.
 


Contact our Privacy and Information Security Practice Group.

Whether your business is a large corporation, a small business, or a start-up, our team of experienced privacy and information security attorneys are ready to help. Contact Higgs Fletcher & Mack LLP, today.

Click Here to Get Started