A company’s data is one of its most valuable assets. A breach of sensitive or proprietary data can have costly legal, financial, and public relations consequences for a company.

Unfortunately, due to constantly changing security threats, insulating a company’s valuable data from unauthorized or unwarranted use or disclosure can be extremely challenging. Additionally, increasing state and national government scrutiny has raised the stakes in data protection.

Epstein Becker Green’s Privacy, Cybersecurity & Data Asset Management Group is experienced at devising client-specific data protection strategies to help clients prevent or mitigate the occurrence of a data breach, safeguard confidential and proprietary information, and comply with applicable laws.

Read more

Our Services

We provide legal advice and guidance on all aspects of data protection. For example, our services include:

  • advising on compliance with applicable data privacy and security, consumer protection, and marketing laws, regulations, and notification requirements, including, among others, the CAN-SPAM Act of 2003, the Children’s Online Privacy Protection Act, the Consumer Privacy Bill of Rights, the European Union’s General Data Protection Regulation, the Federal Trade Commission’s Privacy Report, the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act of 1996, the Payment Card Industry Data Security Standard, the Telephone Consumer Protection Act, and state data security and breach notification laws;
  • drafting and counseling on implementing compliant contracting strategies to protect data rights and support data sharing and use;
  • advising on identifying and managing internal and external data security threats and risks;
  • conducting privacy impact assessments and other security risk assessments based on industry standards frameworks that examine IT systems and data flows to evaluate the sufficiency of existing protections and options to strengthen privacy and security safeguards;
  • designing and implementing privacy and data protection plans, policies, and procedures to place clients in a defensible posture;
  • creating and implementing education and training programs related to privacy, cybersecurity, and data asset management;
  • conducting privacy and security due diligence of service providers, and supporting ongoing vendor management activities;
  • devising strategies for communicating about a crisis with clients, consumers, regulators, law enforcement, and the media; and
  • advising on the legal issues and risks associated with outsourcing personal data processing operations, cloud computing, offshoring, and other data storage options.

Read less

Focus Areas







Jump to Page

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.