The combination of privacy, cyber security, and data breach represents one of the most rapidly evolving areas of the law and a significant concern facing businesses of all types in an ever-increasing digital world.
From financial services companies and multinational corporations, to smaller local businesses, and just about everything in between, privacy and information security must be at the forefront of any company’s business plans and strategic objectives. At SGK, our Privacy & Cyber Security Services Group offers comprehensive legal services to the widest range of business entities to address these complex and evolving issues. We use a multi-disciplinary approach within the firm to identify and minimize potential exposure that could result from a data breach or the legal exposure from regulators for having inadequate information security programs. Our Privacy & Cyber Security Services team includes attorneys who are highly experienced in data security and privacy, litigation, cyber insurance coverage, human resources and business counseling, to provide a holistic approach to representation in all areas related to cyber security and privacy.
Data Breach Response Plans
The best time to prepare for a data breach is before it happens. The multifaceted skill sets of the SGK attorneys in this practice group can assist our clients by developing meaningful and regulatory compliant data breach response plans. These plans include formulating information security policies appropriate to the business, advising and assisting with configuring detailed information security programs to implement the business’ policy, corresponding training, and its disaster recovery plans, audit standards, and appropriate crisis management plans. Our team monitors and analyzes applicable federal and state law, as well as emerging international standards to ensure that the most up-to-date, comprehensive and compliant data security programs are integrated into the client’s business. We work to identify and minimize potential exposure resulting from potential or actual data breaches, while making sure the programs are “right-sized” for the particular client and the client’s unique needs and risk profile.
In this regard, cyber security and privacy matters are no longer the sole domain of financial institutions or health care practices. The law continues to rapidly evolve and expand its reach on both a national and international level to encompass all types of industries which have not historically been targeted. These evolving threats to data of all types and the complex legal requirements extend to most any type of business that transacts in, or stores and transmits data, including data on customers, employees’ HR data that may be stored or transmitted across affiliate lines, or data stored by or transmitted to subcontractors and vendors, among other scenarios.