A Data Protection Officer is the lead authority on data security, GDPR compliance, and liaising with government agencies, both in the US and the EU. We provide clients the necessary skills, expertise, and relationships they need by combining the responsiveness of an internal DPO and the perspective of an outside counsel.
Many businesses are not familiar with the requirements of the EU’s General Data Protection Regulation (GDPR), which applies to any business processing EU citizen data in any way. The GDPR imposes strict penalties for failure to comply, but we help clients implement “data security by design.”
Regulatory agencies, such as the FTC or the NY Department of Financial Services, oversee privacy and data security in the US. Our familiarity with these agencies and the law allows us to craft compliance policies and establish best practices that anticipate, rather than merely respond, to agency expectations and demands.
No one wants to be the subject of a data breach, but even the most secure companies can still be at risk. The most important step is the one you take before the breach occurs — creating an incident response protocol and planning for the worst. We create breach response and compliance protocols so that our clients always have a plan.
There has been an explosive growth in data-related litigation in the last ten years, with no signs of slowing. Our deep experience in litigation allows us to seamlessly move from trusted advisor to zealous advocate, whether as a plaintiff or in defense. We can manage a case from inception through appeal, and tirelessly advocate for our clients’ rights.
Compliance requires more than lip service to protecting information. Boards have affirmative obligations to engage meaningfully with data regulations and privacy law, or they risk regulatory or shareholder lawsuits. We advise boards on how to make data security a component of their duties, and how to make their company smarter about data.