For over 20 years, Phillips Lytle has been handling complex data issues for our clients, long before “data security and privacy” was trending in the news or became a formal legal discipline. We counsel our U.S.-based clients on compliance with various statutory, regulatory and contractual requirements; insurance evaluation; best practices regarding data preservation, protection and destruction; cross-border data transfers; disaster recovery; emergency response planning; business continuity planning; digital forensic examinations; third-party/vendor risk management; data incident management; and government investigations, litigation or dispute resolutions.
Phillips Lytle’s Data Security & Privacy Team uses a multidisciplinary approach to develop comprehensive solutions that are tailored to each client’s particular needs and resources. Our seasoned cybersecurity attorneys have extensive transactional and litigation experience related to data security and privacy, including former data security and technology in-house counsel from a Fortune 500 financial institution. Our attorneys are supported by a technical team with over 20 years of experience regarding secure data management. Therefore, we are well-positioned to counsel clients regarding the evolving complexity of cybersecurity, data privacy laws and regulations amidst emerging technologies and critical business considerations.
Phillips Lytle’s Data Security & Privacy Team advises many sophisticated clients on data security and privacy issues in various industries, including health care, education, banking, manufacturing, construction, e-commerce, government contracting, and energy. Our team also represents cybersecurity service providers and cyber solution developers.
Phillips Lytle attorneys have been awarded the following ANSI-accredited credentials by the International Association of Privacy Professionals (IAPP): Certified Information Privacy Professional/Europe (CIPP/E); Certified Information Privacy Professional for the U.S. Private Sector (CIPP/US); and Certified Information Privacy Manager (CIPM). CIPP/E and CIPP/US are preeminent certifications for advanced concentration in European data protection laws and U.S. private-sector laws, standards and practices, respectively. CIPM certification demonstrates an understanding of privacy program governance and the skills necessary to establish, maintain and manage a privacy program across all stages of its operational life cycle.
Phillips Lytle’s Data Security & Privacy Team provides a wide array of services to our clients, such as:
Data incidents can take on many forms, including trade secret theft, inadvertent data disclosure, ransomware, phishing or other cyberattacks. Our Cybersecurity Team has more than 20 years’ experience responding to data incidents, and works quickly and efficiently to respond to data incidents and mitigate suspected damages.
In the event of a cyber incident, our Data Security & Privacy Team can manage the digital forensics investigation to mitigate potential harm. We have working knowledge on when, and how best, to seek law enforcement assistance, and/or to pursue civil litigation. We can also assist with any necessary reporting and notification following a data incident, both internally to employees or investors, and externally to clients, customers, insurance carriers, government authorities/agencies, business partners or the general public.
We also have represented many small and large businesses and institutions in internal data breach investigations as a result of actions by competitors, disgruntled employees and other bad actors. Our attorneys and staff regularly conduct time-sensitive digital forensic investigations into ongoing fraud, theft of confidential information, and other improper or unlawful conduct. Our services include identification, collection and forensic analysis of electronic devices to recover or reconstruct deleted information, locate converted assets and track theft of confidential information through metadata and other tracking mechanisms.
If any data security or privacy issue results in government inquiries, investigations or litigation, our Data Security & Privacy Team’s experienced litigators are ready to pursue and defend our clients’ interests. Our litigators are efficient, creative and aggressive, and possess the technical knowledge necessary to represent clients regarding a variety of issues, including:
Our Cyber/Data Security & Privacy Team has extensive experience in pursuing bad actors to mitigate harm, enjoining ongoing wrongful conduct, recovering damages, securing insurance coverage and counseling clients on steps to take to avoid future problems.
We regularly review state, national and international regulations to ensure we are aware of the latest data security laws and regulations. We send our clients regular updates on pending legislation and regulations, novel issues, and/or high-profile litigation. We also present with other industry leaders at Continuing Legal Education and other programs, and regularly publish on these topics.
If you are experiencing or have experienced a data breach, cyberattack, or data-related incident, please do not hesitate to contact us. For other time-sensitive situations, we also have a dedicated Crisis Response & Management Team.