Main Menu

Data Privacy and Cybersecurity Law


In today's information-driven economy and changing regulatory environment, companies need cohesive strategies to manage data privacy and cybersecurity risk. Our multidisciplinary team has the experience to help your organization address these risks, ranging from developing data privacy compliance programs, preparing for and responding to data breaches, and handling public policy and legislative issues. Varnum's Data Privacy and Cybersecurity Team assists organizations large and small with development of sound data privacy and security practices, along with realtime advice to address the evolving regulatory environment.

We advise clients on a wide range of matters including:

  • Europe's General Data Protection Regulation (GDPR) and California's Consumer Privacy Act of 2018 (CCPA) as well as other regulatory obligations
  • Data privacy policies and consumer-facing statements
  • Data licensing agreements, terms of use and other data-related agreements
  • Drafting and negotiating contracts consistent with company policies and best practices
  • E-commerce issues
  • Mobile apps
  • Public policy and legislative advocacy and counsel
  • Data security breach preparedness and compliance that also includes working with forensic companies, insurers as well as developing internal and external communications
  • Data breach response and assessment
  • Privacy-related claims and disputes
  • Employee privacy and data handling training
  • Health care privacy, including HIPAA, HITECH and PHI data breach responses
  • Investigations and e-discovery privacy management
  • Cybersecurity guidance and internal policy development
  • Due diligence and warranty negotiation for M&A as well as cross-border data transfers
  • Records management and data retention policies

For more information, please contact either your Varnum attorney, Adam Brody at 616/336-6461 or or John Rolecki at 616/336-6398 or

News & Publications

Related Practices

Back to Page
{ footer Image }