Overview
A company’s data is one of its most valuable assets. A breach of sensitive or proprietary data can have costly legal, financial, and public relations consequences for a company.
Unfortunately, due to constantly changing security threats, insulating a company’s valuable data from unauthorized or unwarranted use or disclosure can be extremely challenging. Additionally, increasing government scrutiny, including state and national, has raised the stakes in data protection.
Epstein Becker Green’s Privacy, Cybersecurity, and Data Asset Management Group is experienced at devising client-specific data protection strategies to help clients prevent or mitigate the occurrence of a data breach, safeguard confidential and proprietary information, and comply with applicable laws.
Our Services
- Advise on compliance with applicable data privacy and security, consumer protection, and marketing laws, regulations, and notification requirements, including, among others, the CAN-SPAM Act of 2003, the Children’s Online Privacy Protection Act, the Consumer Privacy Bill of Rights, the European Union’s General Data Protection Regulation, the Federal Trade Commission’s Privacy Report, the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act of 1996, the Payment Card Industry Data Security Standard, the Telephone Consumer Protection Act, and state data security and breach notification laws, including the California Consumer Privacy Act
- Draft and advise on implementing compliant contracting strategies to protect data rights and support data sharing and use
- Advise on identifying and managing internal and external data security threats and risks
- Conduct privacy impact assessments and other security risk assessments based on industry standards frameworks that examine IT systems and data flows to evaluate the sufficiency of existing protections and options to strengthen privacy and security safeguards
- Design and implement privacy and data protection plans, policies, and procedures to place clients in a defensible posture
- Create and implement education and training programs related to privacy, cybersecurity, and data asset management
- Conduct privacy and security due diligence of service providers and support ongoing vendor management activities
- Devise strategies for communicating about a crisis with clients, consumers, regulators, law enforcement, and the media
- Advise on the legal issues and risks associated with outsourcing personal data processing operations, cloud computing, offshoring, and other data storage options
Read less
Focus Areas
Experience
Contacts
Member of the Firm
Member of the Firm
General Counsel / Chief Privacy Officer
Media
Events
Past Events
- April 13, 2022
Insights
Insights
- Blogs
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
42 minute read - Media CoverageAlaap Shah Quoted in “Don’t Worry, You (Probably) Won’t Have to Deal with ONC: Algorithm Transparency Rule May Have ...2 minute read
- BlogsVideo: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week2 minute read
- Media CoverageAlaap Shah Quoted in “2024 Outlook: The Cybersecurity Trends Health System Leaders Need to Know”3 minute read
- PublicationsUSA: Future of Cybersecurity Law and Regulation2 minute read
- Media CoverageAlaap Shah Featured in “You Gotta Get the Data Right! Talking EMPI”2 minute read
- BlogsWhite House Releases National Cybersecurity Strategy Implementation Plan7 minute read
- BlogsWhite House Releases National Cybersecurity Strategy Implementation Plan7 minute read
- Media CoverageRobert Hearn Quoted in “Surveying Laboratory Tests from a Health IT Perspective”3 minute read
- Media CoverageAlaap Shah Featured in AHLA Podcast, “Health Care Data Governance: How to Build a Culture of Compliance”2 minute read
- Media CoverageLisa Pierce Reisz Featured in “People on the Move”1 minute read
- Media CoverageLisa Pierce Reisz Featured in “Wake Up Call: Laterals, Moves, In-House”1 minute read
- Media CoverageLisa Pierce Reisz Featured in “Epstein Becker Brings On Health Care Atty in Ohio”2 minute read
- Firm AnnouncementsHealth Care Attorney Lisa Pierce Reisz Joins Epstein Becker Green in Columbus4 minute read
- PublicationsTwitter Whistleblower Claim Is Cautionary Tale for Employers2 minute read
- PublicationsUSA: Employee Monitoring and Regulatory Frameworks for Keylogging Technology2 minute read
- Media Coverage
Alaap Shah Featured in AHLA Connections Magazine: Member Spotlight
3 minute read - Media CoverageAlaap Shah Quoted in "Source: FDA Guidance Takes More Nuanced Approach to Cybersecurity"1 minute read
- Media CoverageAlaap Shah Quoted in “HHS Guidance Addresses HIPAA and Emergency Protective Orders”3 minute read
- Firm Announcements
Epstein Becker Green’s Brian Cesaratto and Francesco DeLuca Named 2022 BTI Client Service All-Stars
3 minute read - PublicationsDOJ’s Civil Cyber-Fraud Initiative: What Contractors Need to Know About Novel Use of False Claims Act3 minute read
- PublicationsThe Employers Guide to Privacy and Requiring Proof of Employee Vaccination2 minute read
- PublicationsSenior Industry Leaders Need to Learn About AI3 minute read
- Media CoverageThe Ransomware Plague Continues, but the Response Model Is Changing2 minute read
- Media CoverageAlaap Shah, Nivedita Patel Provide Insight on Data Stewardship as Truveta and Microsoft Form Cloud AI Partnership with ...4 minute read
- PublicationsHealth Cos. Must Prepare for Growing Ransomware Threat2 minute read
- Media CoverageAlaap Shah Quoted in “Wanted: Your Respiratory Data, But Not Without Privacy Risks”5 minute read
- PublicationsDesigning a Trusted Framework for the Application of AI in Health Care2 minute read