Cybersecurity and Privacy

PDF

Overview

Robinson Bradshaw's Cybersecurity and Privacy Practice Group brings together a multidisciplinary team of attorneys to help clients navigate the rapidly evolving areas of cybersecurity and privacy law. We partner with clients across the country and across industries to provide solution-driven legal guidance and resolve disputes arising out of cybersecurity incidents and privacy concerns.

We counsel clients regarding developments in cybersecurity and privacy laws, both domestically and abroad, and develop business-friendly solutions to manage legal risk and obligations. Our experience includes advising clients on the collection and handling of personal information, including under Europe's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and on implementing privacy by design and utilizing data assets and analytics. When clients face compliance concerns, we guide them on online and e-commerce privacy obligations, and on privacy and data security obligations specific to the financial services and health care industries and other highly regulated businesses.

Our team prepares clients for data breaches and other cybersecurity incidents, and we assist in navigating the complexities of responding when these incidents do occur. We have also represented multiple clients in related disputes and government investigations.

Experience

  • Cybersecurity & Data Breach

  • Represented a large manufacturing company regarding an attempted ransomware attack, directing its response to thwart the attack and subsequent forensic investigation, advising on relevant legal obligations and strategy, and handling several government investigations related to the incident.

  • Represented a technology company regarding a suspected network intrusion and payment fraud scheme, conducting an internal investigation that led to the arrest by federal law enforcement of the person responsible.

  • Assisted a consumer products and beverage company in preparing a written information security program and implementing cybersecurity by design for consumer products connecting to the internet.

  • Represented a manufacturing company affected by a ransomware attack, counseling on state breach notification obligations and legal risk management.

  • Represented a large financial services company concerning a third-party vendor's breach of confidential records.

  • Conducted an internal investigation of cybercrime and successfully helped a technology company recover significant funds that had been stolen through a business email compromise scheme.

  • Routinely advise clients on their written data breach response plans, and participate in tabletop exercises for data breach preparedness.

  • Privacy

  • Advised an advertising technology company on privacy by design, managing HIPAA de-identification, and complying with the Digital Advertising Alliance principles and related self-regulatory frameworks.

  • Routinely advise covered entities and business associates on HIPAA privacy and security obligations, including review of business associate agreements.

  • Routinely advise companies across industries (including highly regulated industries like health care and finance) in preparing website and mobile app privacy policies, and advise on collection and handling of consumer data.

  • Advised multiple clients on compliance with GDPR, particularly as it relates to scientific research.

  • Routinely conduct privacy and cybersecurity diligence in M&A transactions and negotiate related contractual representations and warranties.

  • Routinely review and negotiate information security addendums for clients in a wide range of industries.

News & Events

Events

Insights

Main Menu