Privacy & Information Security

Our Privacy and Information Security Practice Group was created to help businesses of all sizes develop reasonable, cost-effective solutions to help reduce the risk of data breaches.

Trusted Legal Expertise

Proven Privacy Attorneys

HFM understands how vital information, especially electronic data, is to our personal and professional lives and every modern business nowadays.

Whether you run a multinational corporation, a small business, or a start-up, you will likely collect, analyze, and profit from information relevant to your customers and industry. How you gather and store your data is a critical consideration.

Our Privacy and Information Security Practice Group was created to help businesses of all sizes develop reasonable, cost-effective solutions to help reduce the risk of data breaches. We provide comprehensive privacy and security risk assessments and compliance audits as well as employee education and training. We help clients develop and draft privacy notices for consumers as well as internal privacy policies and procedures for the appropriate collection, use, disclosure, storage, and destruction of electronic data throughout the information life cycle. We also assist clients with the creation of administrative, technical, and physical safeguards for the protection of their sensitive information.

We regularly advise a wide range of enterprises with protected electronic data regarding compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Genetic Information Nondiscrimination Act of 2008 (“GINA”), and other applicable federal and state laws dealing with data privacy. While our healthcare clients typically recognize their regulatory obligations, many businesses are surprised to learn that these laws impact non-medical businesses as well. To that end, our work in this area extends beyond healthcare.

HFM attorneys represent a variety of businesses, including healthcare and wellness solutions, software companies, and other organizations and providers requiring compliance support. We draft privacy notices, consent documentation, policies, and procedures. In addition, we evaluate and modify website content notices, terms of use, and license agreements to access or utilize software/Internet platforms to improve compliance. We conduct breach response investigations, train employees to investigate breach events, advise on incidents that may have constituted breaches under federal and state breach notification laws, and interface with state and federal regulators.

It goes without saying that privacy considerations play a critical role in the workplace, especially in the establishment of the employment relationship, and we can assist you an all labor and employment-related privacy matters. HFM regularly assists companies involved with cloud-based services by preparing and negotiating key contracts, developing best practices, and planning and preparing for privacy and data breach issues. We counsel new and emerging technology companies involved in the Internet of Things with planning and designing their products and services to satisfy the latest privacy and data protection laws and regulations.

The firm’s attorneys also have significant experience in helping businesses that have been the victims of data breaches. The HFM team includes experienced trial lawyers capable of handling a wide range of privacy-related litigation, including data breach lawsuits, consumer class actions, and administrative or other actions brought by state or federal regulators. We work alongside our clients to aggressively resolve data breach litigation or administrative proceedings through settlement or trial in a reasonable, cost-effective manner.