The Importance of Privacy & Data Security in a Changing World



Similar documents
Year in Review: Top Privacy and Data Security Developments of 2013

Introduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery

E-Discovery and Data Management. Managing Litigation in the Digital Age. Attorney Advertising

Privacy Law Basics and Best Practices

Cyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014

How To Help Your Business With Data Security And Privacy

EmploymEnt law.

Data Privacy and Cybersecurity Task Force

Insights into Cloud Computing

BUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM RECITALS

Cyber Risks in the Boardroom

Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec.

Adding Cloud Solutions to Customer Contracts Robert J. Scott

Long Term Care.

Welcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013

Bloomberg BNA Professional Learning Legal Course Catalog OnDemand Programs

Cloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns. Privacy and Information Management Practice / Washington, DC

Page 1 of 15. VISC Third Party Guideline

The Legal Pitfalls of Failing to Develop Secure Cloud Services

Cyber, Security and Privacy Questionnaire

Data Privacy and Security: A Primer for Law Firms

plantemoran.com What School Personnel Administrators Need to know

CYBER & PRIVACY LIABILITY INSURANCE GUIDE

Please Read. Apgar & Associates, LLC apgarandassoc.com P. O. Box Portland, OR Fax

Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00)

Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity. Amy Mushahwar, Esq.

Brief. The BakerHostetler Data Security Incident Response Report 2015

Information Security Law: Control of Digital Assets.

How To Deal With Cloud Computing

Privacy & Data Security

Privacy and Data Breach Protection Modular application form

Course Content Summary ITN 267 Legal Topics in Network Security (3 Credits)

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures

Impact of Legal and Regulatory Compliance on Higher Education Information Security Management. Dan Han Virginia Commonwealth University

Data Security Best Practices for In-House Counsel

Clients Legal Needs in HIPAA Security Compliance

The Impact of HIPAA and HITECH

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

HCCA Compliance Institute 2013 Privacy & Security

This form may not be modified without prior approval from the Department of Justice.

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS Data Breach : The Emerging Threat to Healthcare Industry

what your business needs to do about the new HIPAA rules

Cyber Security: Compliance and Protection 2012 A Complimentary LexisNexis Webinar December 11, 2012

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers

Data Privacy Considerations When Conducting E-Discovery

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

CSR Breach Reporting Service Frequently Asked Questions

How To Prepare For The Challenges Of 2014

HITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What?

Overview of Topics Covered

Information Governance Roadmap

White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES

Special Report The HITECH Act

Educa&onal Event Spring Cyber Security - Implications for Records Managers Art Ehuan

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

HIPAA compliance audit: Lessons learned apply to dental practices

Taking a Data-Centric Approach to Security in the Cloud

Insulate Your Company from a Cyber Breach: Proactive Steps to Minimize Breach Risks & Impact. February 10, 2015

CYBERCRIME AND INFORMATION GOVERNANCE ARE YOU PREPARED?

[Company Name] HIPAA Security Awareness and Workforce Training Program Manual

Every Cloud Has A Silver Lining. Protecting Privilege Data In A Hosted World

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

Why HIPAA Compliance Should Scare You and What You Should Ask Your Business Phone Service Provider NOW

Technological Evolution

CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013

New Privacy Laws Impacting the Health Care Work Place

HEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES

2/9/ HIPAA Privacy and Security Audit Readiness. Table of contents

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked

Mastering Data Privacy, Social Media, & Cyber Law

Business Associates, HITECH & the Omnibus HIPAA Final Rule

The CIO s Guide to HIPAA Compliant Text Messaging

Law & Ethics, Policies & Guidelines, and Security Awareness

The Keys to the Cloud: The Essentials of Cloud Contracting

HIPAA Compliance in Litigation and Discovery 10 Key Concepts Click to edit Master title style

THE BEST PRACTICES FOR DATA SECURITY AND PRIVACY IN VENDOR/ CLIENT RELATIONSHIPS

DATA SECURITY AGREEMENT. Addendum # to Contract #

Privacy Legislation and Industry Security Standards

Are You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style.

HIPAA Omnibus Rule Reference Chart

Auditing your institution's cybersecurity incident/breach response plan. Baker Tilly Virchow Krause, LLP

BUSINESS ASSOCIATE AGREEMENT

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

IAPP Privacy Certification

ACE Advantage PRIVACY & NETWORK SECURITY

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

Texas Medical Records Privacy Act

Shipman & Goodwin LLP All rights HARTFORD STAMFORD GREENWICH WASHINGTON, DC

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Mastering Data Privacy, Protection, & Forensics Law

HIPAA and HITRUST - FAQ

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices

Cybersecurity and Insurance Companies

BUSINESS ASSOCIATE AGREEMENT. Recitals

Best Practices for DLP Implementation in Healthcare Organizations

Transcription:

Cyber, PrivaCy & Data SeCurity 360 www.mpplaw.com

about our PraCtiCe Data is the lifeblood of our global economy. Collected, stored and transmitted, digital data not only imparts great opportunities, but unprecedented privacy and security challenges for businesses in all industry sectors. Privacy and cyber risks require businesses to contend with a complex web of state, federal and international laws. Best practices and self-regulatory standards further complicate the picture for companies attempting to navigate the cyber, privacy and data security maze. With the government giving companies security and privacy practices greater scrutiny, businesses need to be prepared to meet their evolving obligations in these fields. Constantly changing technology affects the competitive environment and privacy and security requirements. Failure to respect privacy and data security may lead not only to serious economic consequences, but adverse publicity and loss of business. Businesses therefore increasingly consult professionals with expertise to meet the challenges of the cyber, privacy and data security environment. Morris Polich & Purdy LLP s Cyber, Privacy & Data Security team collaborates closely with clients to take a comprehensive approach to managing, responding and mitigating privacy and data security risks. Our team proactively develops, implements and assesses privacy and data security for companies in numerous business sectors. From preparing initial policies and procedures governing privacy and data security and performing baseline privacy and risk assessments, to implementing programs and performing compliance analyses, the team s expertise allows it to respond effectively and efficiently. Our team is equipped to respond to government inquiries, investigate and comply with data breach notification requirements and to handle any litigation or regulatory actions arising from alleged privacy violations or data breaches. MPP s Cyber Privacy & Data Security team is comprised of attorneys specializing in the key areas of cyber and social media law, professional liability, insurance coverage, health and long term care, litigation, employment, commercial transactions, electronic discovery and intellectual property. The team works on a national basis and has knowledge and experience regarding a wide variety of laws affecting privacy and data security. The team is involved in advising and providing litigation support for numerous federal provisions, including the Computer Fraud and Abuse Act (CFAA), the US/EU Safe Harbor, the Fair Credit Reporting Act (FCRA), the Health Information Portability and Accountability Act (HIPAA), the Children s Online Privacy Protection Act (COPPA), the Gramm-Leach-Bliley Act (GLB), the Electronic Communications Privacy Act (ECPA), the

about our PraCtiCe (ContinueD) Stored Communication Act (SCA), the Red Flags Rule, and a myriad of other provisions. Team members have also been involved in numerous matters involving state law, including those arising under California s Song-Beverly Act, the California Medical Information Act (CMIA), the California Invasion of Privacy Act (CIPA), the California Online Privacy Protection Act (CalOPPA), and the California Shine the Light law, among others. MPP s lawyers have also been involved in handling matters dealing with legal provisions relating to cyber security and data breaches, including federal and state laws relating to data breach notification, laws mandating security and encryption, and best practices and self-governing security standards, such as the Payment Card Industry Data Security Standards (PCI DSS). Because digital data is today readily transmitted across national boundaries, members of MPP s team are also knowledgeable regarding international privacy and data security laws, including those of the European Union (EU), Canada, Mexico and Asia. The team is headed by a lawyer who is a United States Certified Information Privacy Professional (CIPP/US) and a European Union Certified Information Professional (CIPP/E) and team members regularly monitor legal developments affecting businesses operating domestically and internationally. Privacy and data security matters are constantly evolving as technology continues to develop. MPP s Cyber, Privacy & Data Security team has both the technical and legal knowledge to monitor these changes and advise clients regarding resulting risks. The team has handled matters involving cloud computing, Big Data, biometric identifiers, the Internet of Things (i.e. smart devices), social media, online behavioral advertising (OBA), and other technologies. Team members have also advised and assisted with numerous privacy issues in the workplace, including Bring Your Own Device (BYOD), pre-employment screening, internal investigations, employee use of social media and electronic devices, employee monitoring, and other aspects of the employment relationship. Complimentary to their work in privacy and data security, MPP s Cyber, Privacy & Data Security team also has expertise in other aspects of cyber law in addition to their work in privacy and data security. The team includes attorneys specializing in trademark and copyright law, intellectual property, the Digital Millennium Copyright Act (DMCA), government subpoenas of electronic information, trade secrets, and protection of proprietary information. Team members have also handled a wide variety of other cyber matters, including licensing disputes,

about our PraCtiCe (ContinueD) preservation of electronic evidence, protection of intellectual property against piracy, and registration of domain names. The team has also dealt with numerous e-discovery issues, particularly those regarding the interplay between electronic collection of documents and relevant privacy and security requirements. To provide leading information and updates on important changes in the cyber, privacy and data security arena, the team launched their specialist website http://www.privacydatasecurity.com, which includes a library of reference sources, articles, and details of services available.

a CroSS SeCtion of our experience Services provided by our Cyber, Privacy & Data Security team include: responding to Data breaches and Security incidents: Designing and implementing Corporate risk analyses and Strategies: Baseline privacy and data security surveys and analyses, including privacy and security of personal and proprietary information collected, maintained and distributed by businesses Privacy and security risk audits and assessments Privacy and data security practices and procedures Response protocols and contingency plans for privacy and security breaches Establishing appropriate corporate privacy and data protection infrastructure Training to promote and comply with best practices in privacy and data security, including privacy by design Compliance with ongoing requirements and best practices in light of changing technological and legal requirements Establishing data breach notification procedures Complying with breach notification requirements of relevant federal and state jurisdictions Working with investigators, consultants, and law enforcement authorities to analyze and contain breach and security incidents Mitigating damages and remediating harm from breach incidents Providing notices to affected individuals Revising practices and procedures to help prevent future breach incidents implementing business Solutions: Negotiating and drafting contracts, including HIPAA business associate agreements, vendor agreements, and agreements involving cloud computing providers Selecting and managing vendors and other third parties handling personal or proprietary information

a CroSS SeCtion of our experience (ContinueD) Protecting personal information of employees, customers, and consumers Protecting privacy and security of personal health information (PHI) under HIPAA and HITECH, including HIPAA Omnibus Rule Use of social media and electronic devices in the workplace Use of personal information for marketing and advertising purposes, including online behavioral advertising and COPPA compliant websites Online privacy notices and user agreements Management of privacy security of electronic information, including proper document retention procedures and compliance with electronic discovery obligations Evaluating insurance coverage issues E-Discovery evaluation and compliance

attorneys at Law M a i n C o n t a C t: timothy J. toohey 213.417.5324 ttoohey@mpplaw.com o f f i C e L o C a t i o n S: Los angeles 1055 West Seventh Street, Suite 2400, Los Angeles, California 90017 T: 213.891.9100 F: 213.488.1178 San Diego One America Plaza, 600 West Broadway, Suite 500, San Diego, California 92101 T: 619.557.0404 F: 619.557.0460 San francisco One Embarcadero Center, Suite 400, San Francisco, California 94111 T: 415.984.8500 F: 415.984.8599 Las vegas 500 South Rancho Drive, Suite 17, Las Vegas, Nevada 89106 T: 702.862.8300 F: 702.862.8400 www.mpplaw.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information