5 Key Privacy Considerations for All Companies


Adam C. Solander, a Member of the Firm in the Health Care and Life Sciences practice, and Patricia M. Wagner, a Member of the Firm in the Health Care and Life Sciences and Litigation practices, in the firm's Washington, DC, office, authored an article in Law360, titled “5 Key Privacy Considerations for All Companies.” (Read the full version — subscription required.)

Following is an excerpt:

Organizations of all sizes and types are dealing with security breaches. There are steps that organizations can take to ensure that when a breach happens, the organization is ready to address the breach quickly and effectively. To meet that goal, organizations should have an incident response plan in place.

This plan should identify those who need to be involved as soon as a breach is suspected. It may be that the incident response plan identifies different types of incidents and the different team members that are best equipped to handle the incident. For example, the team addressing a network intrusion incident may be very different than the team that handles a lost laptop.

The plan might also identify those vendors that the organization will want to utilize in a breach; for example, notification vendors, public relations vendors, forensic experts, and counsel. In some cases, organizations may want to have those vendor arrangements in place before a breach. In the rush of responding to an incident, negotiating terms of an agreement with appropriate vendors can take valuable time. In addition, anticipating the vendors that will be used gives an organization the time to determine whether the preferred vendors will be acceptable to an insurance carrier that may be providing coverage; and may give the organization time to get preferred vendors approved by the carrier.

For more information, see Mr. Solander and Ms. Wagner’s recent webinar video, "The Age of Data Breaches: How to Avoid Being the Next Headline."