Data Privacy & Cybersecurity

Data breaches are a concern for all companies, regardless of the size or the industry.  As we store more and more information in the digital realm – including trade secrets and other intellectual property, financial information, company know-how, and the like – our networks become greater targets for thieves, competitors, and hackers.  In addition to external threats, data breaches are often the result of insiders acting either innocently or maliciously.  Regardless of the nature of a breach, without proper planning the effects can be devastating, subjecting victims to regulatory penalties, litigation, and severe reputational harm.

Now more than ever, companies need a skilled cybersecurity and data privacy team backing their operations.  Our firm strives to stay abreast of relevant regulations such as the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA), the Electronic Communications Privacy Act (ECPA), CAN-SPAM, the Children’s Online Privacy Protection Act (COPPA), the Fair Credit Reporting Act (FCRA), the Federal Trade Commission Act, Sarbanes-Oxley, breach notification laws, and other federal and state laws and best practices.  Clients depend on us to:

  • Develop relevant policies.  Having appropriate policies in place is more than just a good idea.  We help clients individually tailor policies, such as: incident response, acceptable use, mobile tools / BYOD, code of conduct, social media, record retention, and more.
  • Plan for the inevitable attack.  It is commonly said that there are two types of companies: those that have fallen victim to a data breach, and those that will.  We advise key company personnel regarding risk assessment and planning, help to tailor an incident response plan, advise clients regarding risk mitigation measures such as cyberinsurance, and coordinate with vendors to test and maintain company servers in hopes of preventing an attack;
  • Incident response.   We coordinate with forensic and crisis PR teams to understand and quickly address a data breach, to answer the relevant questions, and to develop an incident response strategy that is tailored to the client’s individual risk profile;
  • Deal with potential regulatory issues and litigation.  Once a data breach occurs, we will analyze the requirements for breach notifications, agency reporting requirements, and the like.  We’ll also help respond to inquiries and investigations by regulatory agencies such as the FTC, and authorities such as state attorneys general.  Finally, in the event of litigation, we can help defend against a variety claims that may arise, including privacy, regulatory, and class action claims.

Intellectual Property

Shane E. Olafson
Shane E. Olafson
Partner
Phoenix
solafson@​lrrc.com
602.262.5327 / vCard
Ryan B. Kennedy
Ryan B. Kennedy
Of Counsel
Albuquerque
rkennedy@​lrrc.com
505.764.5477 / vCard
Ryan M. Swank
Ryan M. Swank
Senior Associate
Silicon Valley
rswank@​lrrc.com
626.795.9900 / vCard
Drew Wilson
Drew Wilson
Associate
Los Angeles
dwilson@​lrrc.com
626.795.9900 / vCard

Litigation

Joy Allen Woller
Joy Allen Woller
Partner
Denver
jwoller@​lrrc.com
303.628.9504 / vCard

Related Industries

Health & Life Sciences

Related News

09/27/2016
Kennedy joins firm's Albuquerque office
Intellectual Property practice group adds Of Counsel Ryan Kennedy in New Mexico

Blog

PDF Print

Blog(s)

Primary Services

Technology & Internet

Key Contacts

Shane E. Olafson
Shane E. Olafson
Partner
602.262.5327