Today’s world requires agility to navigate an unprecedented and constantly evolving array of risks, obligations, and regulations related to privacy and data security. To help you stay one step ahead, Michael Best can provide a wide range of counseling.
Data Breach and Incident Preparation – Before a data breach ever occurs, our attorneys help clients audit existing protocols, create effective procedures for timely and efficient incident response, and educate response teams.
Cyber Insurance – Our Privacy & Data Security team is uniquely able to provide guidance on obtaining insurance coverage for data breach risks, including the need for coverage, whether coverage may be available under other types of policies, and scope of coverage and exclusions.
Employee and Workplace Privacy – We advise on compliance with laws that impact employee privacy rights and employer practices, such as the FCRA (background checks), HIPAA (employee medical information), ECPA, and ADA (drug testing and rehabilitation), and laws governing security breach notification.
Privacy Policies and Technology – We help clients develop and audit companywide privacy and cybersecurity policies and practices, including information handling policies and employee handbooks, as well as policies and practices related to websites and mobile apps, online marketing, e-commerce, software agreements, connected devices (or the “Internet of Things”), and other emerging methods of data collection and analysis.
M&A, Data Sharing Agreements, Business Contracts – In conjunction with business deals and contracts, we help identify and address potential privacy-related risks, negotiate contractual protections related to privacy and data security, and audit existing agreements. Our experience includes advising on issues specific to a variety of data-sharing arrangements and cross-border transactions.
Cross-Border Issues – Our team counsels clients on cross-border data protection and information transfers involving international privacy and data security regulations, including the EU-US Privacy Shield (governing data transfers between the United States and European Union) and EU Cookie Directive.
Financial Privacy and Security – Michael Best has extensive experience with the financial industry, an area that is heavily regulated and subject to governmental oversight. We advise on compliance issues related to the FCRA, FACTA, Gramm-Leach-Bliley Act (governing personal information collected or held by financial institutions), and Dodd-Frank Act.
Healthcare Privacy – An important part of our privacy practice involves counseling clients on their compliance with HIPAA and other federal and state privacy laws related to personal health information. These laws apply to healthcare companies, as well as to all employers that collect, retain, and use health information or biometric data.
Energy Security – Our Privacy & Data Security team works with energy utility compliance personnel on interpretation of NERC standards, including CIPS, and helps clients develop or audit compliance training materials, compliance reports, and violation self-reporting procedures.