Data Privacy and Security

The Data Security Threat

As we continue to evolve from paper-based data storage to electronic data storage, we find ourselves awash in an ever-increasing amount of data, which is then shared and transmitted among data storage servers, network hubs, portable laptops, network computers, and hand-held smartphones, both internally behind firewalls and externally over the Internet. While innovations and advances in technology have increased our access to information, it has also created new challenges to managing and protecting confidential and personal data. The potential business and legal implications of data security breaches are complex and can include the confiscation of data, loss of customer loyalty and brand value, negative press, litigation, and regulatory and compliance pressures and enforcement actions (at the state, federal, and international levels).

Our Purpose

The vast majority of businesses in the United States face expanding compliance responsibility and risk in the area of data security. At Prince Lobel, we have formed a multidisciplinary team of lawyers to help clients review their data privacy and protection practices and policies, and draft and implement new policies where needed. We will also design an effective plan to help clients quickly and efficiently respond to a data security breach or disclosure, and provide vigorous representation in any resulting litigation. We work closely with in-house legal counsel, compliance officers, IT management, senior management, accountants, independent auditors, insurance companies, data breach preparation and remediation consultants, crisis responders, and boards of directors on these tasks. Our goal is to provide practical and timely advice in the face of a constantly changing data privacy and protection landscape.

Our Services in Data Privacy and Protection

Providing legal protection of private and personal information has become increasingly complex over the past 15 years. In the United States, a labyrinth of state and federal legislation has been developed, including The Health Insurance Portability and Accountability Act of 1996 that addresses health care and medical information, and the Gramm-Leach-Bliley Act of 1999 and Sarbanes-Oxley Act of 2002 that address financial information. In addition, the Federal Trade Commission, other federal agencies, and many states have passed laws providing legal protections for personal information. Plus, many industries have developed self-regulatory requirements and procedures aimed at protecting private customer information. Evolving technology, however, makes it increasingly difficult to effectively create a strategic plan for data protection and also incorporate the required guidelines and policies.

Widespread public concern about data security breaches, identity theft, and class action litigation has created a tremendous focus on business data protection practices, and a growing awareness of the risks resulting from lax practices. Boards of directors have demanded that management increase their oversight and reporting on company-wide data privacy and protection practices. Companies of all sizes have begun regular reviews of existing data privacy and protection policies and crisis management planning.

At Prince Lobel, we believe that companies need to develop new strategies in order to cost-effectively review existing data privacy and protection policies, design and implement new policies where needed, and plan for the effective management of the crises/litigation that might arise as a result of proscribed data disclosures. To support our clients in this important undertaking, firm attorneys work closely with clients and other professionals to focus on the complex task ahead. Our attorneys, drawing upon their broad experiences in the fields of law, compliance, information technology, finance, and public policy, are well-situated to provide sound, innovative advice on evolving privacy and data protection issues.

We stand prepared to assist our clients in connection with the necessary strategic thinking and fast response required to develop and implement an effective data privacy and protection plan or response.