Data Protection & Privacy

Data Privacy Law Firm

Data protection is an issue for most businesses as many countries now strictly stipulate how businesses are able to collect, record, exchange data and safeguard its usage. Our firm is often asked to advise on these matters and prepare the necessary protocols, customer notices and other internal documents to ensure corporate compliance. Some of our lawyers have also been involved in high-level inter-governmental discussions on these matters and have been asked to assist resolve the occasional alleged data-misuse dispute.

HGL provides cutting edge solutions to its clients with the practical advice necessary to navigate the evolving cybersecurity and data security issues. The team handles litigation, compliance and regulatory counseling and internal investigations. Our lawyers have experience assisting companies in ensuring that their data collection and processing practices, data transfer procedures, privacy policies, and marketing activities are compliant with the relevant domestic, international, privacy, and data security regulations and laws. We work with our clients to provide comprehensive advice and representation in all areas related to cybersecurity, data privacy and data security. We have a wealth of experience assisting in data and breach-related issues, data protection, information security, Internet and computer law, e-commerce, consumer protection, information management and records retention and responding to cybercrimes and network intrusions.

Areas of Focus

• Cybersecurity Preparedness and Governance
• Incident Response and Crisis Management
• Regulatory Enforcement and Counseling
• Data Protection and Data Privacy

The Cybersecurity and Data Privacy Group works closely with leading cybersecurity technical experts and industry specialists experienced in compliance, corporate governance, insurance and litigation.

Our Cyber Services are as follows:

a. Pre-Breach Services- Compliance with Data Security and Privacy Regulations and Laws

As companies come under regulatory regimes that impose legal requirements to develop and implement an adequate data security program to safeguard the confidentiality, integrity and availability of information and the Client’s information systems. Data security programs include written policies and procedures, documented employee training and vendor oversight. HLG assists clients with developing and implementing comprehensive data security and privacy programs to meet their legal needs under growing data protection laws and regulations. Our lawyers help clients’ draft policies and procedures, including incident response plans, respond to requests for certification of compliance from regulators and business partners, conduct training and tabletop exercises, and establish third-party vendor management programs.

b. Mergers, Acquisitions, and Corporation Disclosures

An entity’s cybersecurity health is critical to its value in the context of a merger or sale. A prior cybersecurity incident or lax safeguards that fail to mitigate risk represent significant potential liability (and decreased value). HLG helps clients conduct the required and critical due diligence to assess and evaluate cybersecurity policies, programs, and incidents, whether they are the subject of a potential sale and looking for fair value, or to provide an evaluation of risks a client may inherit through a transaction. Our lawyers also review technology contracts and transactions to strengthen our client's interests and protection.

c. Cybersecurity Incident Response and Notification

When an organization sustains a suspected cybersecurity incident they are required by law (or sometimes by contract, or both) to undertake a prompt investigation and provide notification of the incident in a short period of time. Sometimes, a company's notification window is a mere 72 hours after knowledge of the event. HLG provides clients with critical crisis management to investigate and respond to cybersecurity incidents. From ransomware to data breaches, our lawyers work with forensic investigators to determine the “who, what, why and how” of an incident. We help companies with coordinated public relations efforts, potential interactions with law enforcement, and determination of required third-party notifications to consumers, business partners, regulators, government investigators, and others.

d. Litigation & Arbitration

A dispute involving a cybersecurity incident can devolve into litigation, whether a business-to-business lawsuit or a data breach class action. HLG represents companies in a wide variety of business sectors in litigation and arbitration internationally. The firm’s approach to complex litigation matters is to staff them with senior litigators who assemble efficient teams of attorneys.

e. Insurance

Insurance carriers long have turned to HLG for first-party and third-party coverage matters. For cyber liability, it is no different. Our lawyers provide exposure analysis and litigate complex coverage matters for cybersecurity incidents, from data breaches and business email compromises (BECs) to wrongful collection and use of personal identifiable information (PII), media liability, and e-surveillance.