Our multidisciplinary team has the experience to help your organization address these risks, risks such as developing data privacy compliance programs, preparing for and responding to data breaches, and handling public policy and legislative issues. Varnum’s Data Privacy and Cybersecurity Team assists organizations large and small with development of sound data privacy and security practices, along with real-time advice to address the evolving regulatory environment.
We advise clients on a wide range of matters, including:
- State privacy laws, including the California Consumer Privacy Act (CCPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA) and the Virginia Consumer Data Protection Act (VCDPA)
- Europe’s General Data Protection Regulation (GDPR)
- Data privacy policies and consumer-facing statements
- Data licensing agreements, terms of use and other data-related agreements
- Drafting and negotiating contracts consistent with company policies and best practices
- E-commerce issues
- Mobile apps
- Public policy and legislative advocacy and counsel
- Data security breach preparedness and compliance that also includes working with forensic companies and insurers as well as developing internal and external communications
- Data breach response and assessment
- Privacy-related claims and disputes
- Employee privacy and data handling training
- Health care privacy, including Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH) and Protected Health Information (PHI) data breach responses
- Investigations and e-discovery privacy management
- Cybersecurity guidance and internal policy development
- Due diligence and warranty negotiation for mergers and acquisitions as well as cross-border data transfers
- Records management and data retention policies