Our Privacy & Data Security Group understands that the effective protection and management of information is critical for an organization to operate successfully. Businesses must comply with an increasingly complex web of state, federal, and international laws and regulations designed to protect commercially sensitive data and personally identifiable information. Our inter-disciplinary group of attorneys provides clients with practical solutions to comply with the requirements governing the gathering, storage, transfer, and use of information. We help companies implement preventive and loss mitigation measures as well as appropriate responses in the case of actual or potential release of or improper access to such information.
Our attorneys counsel clients regarding legal and practical techniques intended to maximize protection and minimize or avoid risks that may compromise sensitive and proprietary business information. Strategies to prevent data breaches include: updating and implementing comprehensive policies; reviewing contract terms and the contracting process; providing applicable training, training tools, and methods to proactively communicate expectations and requirements to employees and vendors; and confirming that relevant internal departments (IT, HR, Benefits, etc.) are aware of relevant risks. These groups must be committed to coming together as a team to best protect the company and those individuals whose personal or confidential information is held by the company.
We work closely with clients and internal and external response teams, including forensic investigators and accountants, computer consultants, press and media advisors, and other crisis management providers, to efficiently and effectively address the company’s immediate and long-term needs in the event of a data security breach. Our trial attorneys have the courtroom experience needed to address our clients’ privacy and data security litigation needs. We also provide the skills and experience in dealing with obligations of immediate disclosure, response, and remedial measures in the face of a data privacy or security breach. Our attorneys have handled internal investigations, government agency investigations, regulatory reporting, media communications, litigation, and customer/stakeholder service recovery when a breach has occurred.
Tucker Ellis attorneys have extensive subject matter knowledge in intellectual property and trade secrets, healthcare, banking and financial services, insurance, and human resource and benefits. Our team has substantial experience in drafting and addressing internal policies and investigations, and handling external and civil investigations under Sarbanes-Oxley, the Gramm-Leach-Bliley Act, HIPAA, PCI-DSS, GDPR, the Foreign Corrupt Practices Act, the False Claims Act, RICO, Qui Tam litigation, and similar statutes that can be implicated by data, privacy, and security concerns. Our lawyers also have hands-on business proficiency that enables us to provide strategic business consulting on all aspects of information policies, data privacy and security, incident response, internal audits, and records management.
For a description of our HIPAA and Medical Privacy Practice, click here.
View More >
areas of emphasis
Tucker Ellis assists clients of all sizes across industries in data privacy incidents that implicate:
- Business Litigation (individual and class action litigation)
- Financial Services Counseling (Gramm-Leach-Bliley Act/Sarbanes-Oxley)
- PCI-DSS
- GDPR
- HIPAA/HITECH Enforcement and State Medical Privacy Laws
- OCR Audit Preparation
- Information Technology (storage, use, and access to personal and confidential information, both internal
- and external)
- Risk Avoidance (technological and legal initiatives)
- Regulatory Compliance Reporting
- Trade Secrets
- White Collar Criminal Defense
- Internal Corporate Investigations and Counseling