Equally varied are the perpetrators of these crimes, a diverse assembly of lone-wolf hackers, business competitors, organized crime, foreign adversaries, and terrorist groups. Further complicating the picture, companies targeted by cyber attackers are often penalized twice: first as a direct result of the initial breach, then subsequently by lawmakers, regulators, and the public, who often blame the victim of the crime for having insufficient safeguards in place.
The Privacy & Data Security Team at Jones Walker LLP helps clients identify, prevent, and respond to the full spectrum of data-breach and privacy risks. Our inter-disciplinary team brings together highly experienced attorneys with professional backgrounds in the banking and financial services, healthcare, technology and telecommunications, energy, petrochemical, maritime, government, and retail sectors. We help our clients:
We advise clients on their compliance obligations under all privacy-related U.S. federal and state laws, including the Health Insurance Portability and Accountability Act (HIPAA), the Children’s Online Privacy Protection Act (COPPA), the Federal Information Security Management Act (FISMA), the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act (FCRA), the Federal Communications Act of 1934, SEC disclosure guidelines, FTC data/privacy regulations, the CAN-SPAM Act, and other data-breach, privacy, and cybersecurity laws. Additionally, as the global regulatory environment for privacy and data becomes increasingly complicated and our clients expand internationally, our attorneys help clients adapt their existing data management practices to meet these new compliance changes without stressing their resources.
Our attorneys help clients better understand their data, where it is located, and where and with whom it is shared. We assess, develop, and revise information collection, storage, disposal, and sharing policies and procedures to make sure they meet regulatory obligations without compromising business workflows, data security and integrity, and identify potential threats and compliance issues. We also help clients develop and implement comprehensive security programs that document policies and procedures clearly and limit access to personally identifiable information, electronic health records, and other key data.
When a data security breach or data theft occurs, we respond to the event quickly and effectively. We help clients stop or contain the incident, analyze the facts and impact of the situation, and ensure compliance with federal and state notice requirements. Our attorneys assemble teams of key in-house staff, outside IT and public-relations experts, and data security professionals to develop a plan for preventing future thefts or breaches and to communicate with the public in an appropriate manner.
A company victimized by a data breach can quickly become the target of litigation and state or federal investigations. Jones Walker attorneys represent clients in related privacy and data security disputes and litigation, such as with shareholders, customers, and credit card agencies. We also represent our clients in related regulatory proceedings.
Follow-on disputes, including shareholder and class-action litigation against corporations and their directors and officers, often arise after a data breach. Our experienced litigators and trial lawyers help clients resolve disputes in federal and state court, as well as through alternative procedures such as arbitration and negotiated settlements.