Privacy & Data Security Counsel and Defense


Our clients operate in a world that requires agility to navigate an unprecedented and ever-changing landscape of risk, obligations, and regulation related to privacy and data security.

Michael Best’s lawyers help clients find the right path. We advise and represent clients in different industry sectors including media, education, healthcare, financial services, consumer products, manufacturing, science, and technology.


Our clients rely on us to:

  • Analyze and negotiate contractual provisions related to privacy and data security
  • Evaluate compliance with and/or defend regulatory or civil actions involving a wide range of regulatory schemes, including:
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Genetic Information Nondiscriminatory Act (GINA)
    • Fair Credit Reporting Act (FCRA)
    • Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act)
    • Fair and Accurate Credit Transactions Act (FACTA)
    • Gramm-Leach-Bliley Act
    • Dodd-Frank Wall Street Reform and Consumer Protection Act
    • Anti-money-laundering laws
    • Family Educational Rights and Privacy Act (FERPA)
    • Protection of Pupil Rights Amendment (PPRA)
    • Telephone Consumer Protection Act (TCPA)
    • Telecommunications Act of 1996
    • Children’s Online Privacy Protection Act (COPPA)
    • Various state laws guaranteeing consumer privacy
  • Create companywide privacy policies, including for websites and apps
  • Provide advice related to cross-border privacy and data security regulations, including the EU-US Privacy Shield (governing data transfers between the United States and European Union) and EU Cookie Directive
  • Guide them through preparing for and responding to privacy events, including data breach incidents
  • Negotiate cyber-liability insurance provisions to ensure the best possible coverage and, if necessary, secure coverage under those insurance policies for privacy events
back to top