Businesses today face the challenge of compliance with more and more privacy rules, as well as growing threats to the security of their valuable data. Privacy compliance involves an expanding web of laws and agencies that regulate how businesses handle sensitive information—information about customers, employees, and patients; finances, internet-use and health. Because a failure of data security can bring grave legal consequences, attorneys can play an important role in responding to, and helping to prevent, a data breach.
Miller & Martin’s Privacy & Data Security team includes a former FBI Criminal Division Assistant Director and former Global Security Director of a multinational bank, as well as the former CEO and general counsel of a venture-backed internet retailer and the firm’s own Privacy Officer. These and other attorneys in the group can help your business with such challenges as:
- Has your company done a security risk assessment? Does it have an incident response plan?
- Working in coordination with select security vendors, we can provide attorney-client privileged assistance with these processes.
- Is your company subject to HIPAA? Does it do business with a HIPAA covered entity?
- We can prepare, consult and train on HIPAA/HITECH policies, including privacy and security standards, business associate requirements, breach notification and reporting.
- Do you know where your data is?
- We can consult on information governance, including advice and drafting of document retention policies, litigation-hold management, and data preservation and retrieval.
- Do you have an internet site?
- Does a third-party host your data?
- We can review and negotiate the rights, obligations and warranties of the vendors who should be responsible for protecting your data.
- Do you have the right insurance coverage?
- We can assist with the application for and review of cyber-insurance policies and, when necessary, pursue insurance companies to obtain coverage for losses.
- What are your employees doing?
- The Department of Labor takes a restrictive view of what you can tell your employees about their online activity. We can draft and advise on social media and work-place privacy policies.
Worst of all, if you suffer a hack or data breach, be sure to have a plan in place—we can help—that includes attorneys, as well as trusted security professionals.
- In one of the first HITECH matters in the country, coordinated response to significant breach of healthcare records, assisting with immediate response, investigation, remediation, notices of breach, response to and negotiation with regulatory agencies, and handled insurance coverage issues.
- Managed data breach response and remediation affecting national non-profit, coordinated notice to multiple state attorneys’ general.
- Advice, notice and remediation following data breach caused by employee malfeasance for commercial general liability insurer.
- Represent client facing class action for use of software alleged to collect consumer personal information.
- Telephone Consumer Protection Act class action defense.
- Represent client facing class action for alleged violation of Fair Credit Reporting Act background-check provisions.
- Routine advice to clients on customer privacy questions and claims.
- Respond to investigations and negotiation with state attorneys’ general over alleged unfair and deceptive trade practices.