Overview
Navigating the intricate landscape of domestic and international privacy and data security regulations is an increasingly difficult challenge. Not only does our team stay on top of this challenge, but they are thought leaders and are regularly called upon to share their insight on how to stay compliant in an era of change. For clients, our focus is to help identify which laws apply and how to find a manageable and scalable compliance program. One that can withstand scrutiny from consumers and regulators alike.
Our skills include:
- International Data Privacy Regulations (GDPR, PIPEDA, PIPL)
- Federal Privacy Laws (FERPA, HIPAA/HITECH, GLBA, FCRA, TCPA, CIPA, COPPA)
- State Data Privacy Laws
- Data Analytics
- Cookie Compliance (ePrivacy Directive)
- Industry Standards (PCI-DSS)
- Data Transfers and the U.S./EU Data Privacy Framework
- Cybersecurity (NIST, SOC1, SOC2, FedRAMP, SEC)
- EdTech
We advise clients on the following:
Compliance Programs: Comprehensive data privacy compliance programs tailored to your business that include policies, training, audits, and vendor oversight to meet legal obligations.
Risk Assessments: Evaluating infrastructure, apps, and data flows to reveal vulnerabilities, map data, analyze risk exposure, and provide risk treatment roadmaps.
Data Governance: Architecting data governance frameworks encompassing retention, classification, subject request procedures, vendor assessments, data transfers, and contracting.
Privacy by Design: Building privacy into processes, technologies, and product development from the start to minimize downstream issues.
Data Mapping: Data mapping to identify where personal data resides within your systems, vendors, and business processes.
Compliance Audits: Assessing your privacy program against legal requirements and industry best practices and making improvement recommendations.
Vendor Oversight: Assessing vendor compliance capabilities during onboarding and through audits, questionnaires, certifications, and due diligence processes.
Privacy Training: Tailored privacy and security training programs for your workforce.
Regulatory Engagement - Representing clients in interactions with regulators related to investigations, inquiries, guidance, and enforcement actions.
Technology Contract Reviews: Negotiating privacy provisions across various contracts, encompassing payments, cloud services, and analytics.
Additionally, we guide clients through the complex landscape of negotiating cyber insurance policies and providing coverage for data breaches and other cyber-related issues. Our aim is to equip clients with the tools and insights needed to navigate the intricate terrain of vendor relationships, emerging technologies, and evolving legal frameworks, ensuring they are well-prepared to manage privacy and data security effectively.
Professionals
- office 614.227.4846
- office 614.227.2307
- office 614.227.2332
- office 216.523.5468
- office 614.227.2346
- office 513.629.2831
- office 937.535.3892
Insights
Publications
Blog Posts
Contacts
- office 614.227.2346
- office 513.629.2831