Privacy Compliance and Breach Response

The flow of digital information – from around the corner to around the world – has transformed the way businesses and economies operate. The proliferation of digital devices and other technologies offers an unceasing array of platforms and delivery methods through which financial and health care information, customer and employee records and other sensitive data seamlessly flow.

The very technology that enables businesses to operate with such tremendous efficiency and speed also puts them at tremendous risk. Every business – large or small, multinational or local – that collects and stores sensitive personal information is at risk for exploitation.

A data breach can hit an organization hard: loss of reputational integrity and public trust; remediation efforts are time-consuming and costly; and lost business. And data thieves are relentless, always searching and successfully finding a new way to penetrate and steal information no matter how seemingly secure a company strives to keep it.

With so much at stake, companies turn to Fox Rothschild’s team of Privacy and Data Security professionals to implement preventative measures to mitigate the risk of a breach and to navigate the complex federal and state statutes and regulations that govern responding to a breach.

Our team has extensive experience handling federal and state investigations, enforcement actions and lawsuits arising from data security and privacy issues. We track federal and state enforcement initiatives that regulate the gathering, use, retention and disposal of private information. We also help companies and institutions develop and implement privacy policies, incident response plans, training programs and negotiate contracts to safeguard proprietary information and PII, as well as to ensure compliance with state and federal laws.

Our attorneys handle all aspects of responding to a data breach (in electronic and paper form), including incident investigation and response, compliance with state notification statutes, working with law enforcement and regulatory agencies and resulting litigation.

Our Team

Fox’s national network of Privacy and Data Security attorneys frequently speak to national audiences on the balance between the government’s need to gather information to safeguard national interests and an individual’s right to privacy under the Fourth Amendment. They provide commentary on new developments in the privacy arena – enforcement actions by state and federal enforcement agencies, litigation and regulatory initiatives. They also lecture throughout the United States, speaking to companies and in-house counsel on data protection and effective responses to a data breach.

Our attorneys publish a Privacy Compliance & Data Security Blog where they highlight information and developments related to privacy and data security issues. In addition, the firm publishes a HIPAA, HITECH and Health Information Technology Blog, which provides information on legal and practical developments that health care providers and businesses must consider with regard to the handling and sharing of health information.

Navigating the National Patchwork of Laws: Yes, We Created an App for That

Since 2002, states have worked to enact their own laws on how organizations should best prepare for and respond to the loss or theft of data. Currently, 47 states have notification laws in place, which vary by jurisdiction, are interpreted inconsistently and routinely – and frequently - change. Federal lawmakers have yet to set a security standard that would apply across all industry sectors.

To help our clients navigate this array of laws, the firm created Data Breach 411, available for free download in the AppStore in iTunes. Our app provides a comprehensive, centralized, at-your-fingertips resource so that should a data breach occur, clients can easily look up the applicable notification laws in the affected states at a moment’s notice.