Data Privacy & Cybersecurity

Data breaches are a concern for all companies, regardless of the size or the industry.  As we store more and more information in the digital realm – including trade secrets and other intellectual property, financial information, company know-how, and the like – our networks become greater targets for thieves, competitors, and hackers.  In addition to external threats, data breaches are often the result of insiders acting either innocently or maliciously.  Regardless of the nature of a breach, without proper planning the effects can be devastating, subjecting victims to regulatory penalties, litigation, and severe reputational harm.

Now more than ever, companies need a skilled cybersecurity and data privacy team backing their operations.  Our firm strives to stay abreast of relevant regulations such as the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA), the Electronic Communications Privacy Act (ECPA), CAN-SPAM, the Children’s Online Privacy Protection Act (COPPA), the Fair Credit Reporting Act (FCRA), the Federal Trade Commission Act, Sarbanes-Oxley, breach notification laws, and other federal and state laws and best practices.  Clients depend on us to:

Develop relevant policies

Having appropriate policies in place is more than just a good idea.  We help clients individually tailor policies, such as: incident response, acceptable use, mobile tools / BYOD, code of conduct, social media, record retention, and more.

Plan for the inevitable attack

It is commonly said that there are two types of companies: those that have fallen victim to a data breach, and those that will.  We advise key company personnel regarding risk assessment and planning, help to tailor an incident response plan, advise clients regarding risk mitigation measures such as cyberinsurance, and coordinate with vendors to test and maintain company servers in hopes of preventing an attack;

Incident response

We coordinate with forensic and crisis PR teams to understand and quickly address a data breach, to answer the relevant questions, and to develop an incident response strategy that is tailored to the client’s individual risk profile;

Deal with potential regulatory issues and litigation

Once a data breach occurs, we will analyze the requirements for breach notifications, agency reporting requirements, and the like.  We’ll also help respond to inquiries and investigations by regulatory agencies such as the FTC, and authorities such as state attorneys general.  Finally, in the event of litigation, we can help defend against a variety claims that may arise, including privacy, regulatory, and class action claims.

Intellectual Property

Ryan M. Swank
Ryan M. Swank
Senior Associate
Silicon Valley
rswank@​lrrc.com
626.795.9900 / vCard
Drew Wilson
Drew Wilson
Associate
Los Angeles
dwilson@​lrrc.com
626.795.9900 / vCard

Litigation

Joy Allen Woller
Joy Allen Woller
Partner
Denver
jwoller@​lrrc.com
303.628.9504 / vCard

Related Industries

Health & Life Sciences

Related News

03/31/2017
Olafson earns prestigious data privacy certification
Certified Information Privacy Professional designation granted to attorney

Related Events

Past Events

Other Publications

08/31/2016
BIS Final Rule On Cloud Computing
Lewis Roca Rothgerber Christie

Blog