Data Privacy and Cybersecurity
Navigate the Evolving Landscape of Data Privacy and Cybersecurity with Confidence
In today's data-driven world, your information is among your most valuable assets. Threats and vulnerabilities can emerge from anywhere, so protecting your sensitive information requires a comprehensive, proactive strategy to give you peace of mind.
Reinhart’s Data Privacy and Cybersecurity Group is here to guide you every step of the way. The firm brings together best-in-class services across multiple practice areas to empower our clients with the tools, extensive knowledge and control they need when navigating the complex, ever-changing landscape of data privacy and cybersecurity. Our team of data privacy and cybersecurity attorneys regularly counsels clients on compliance with existing and emerging data privacy laws enacted at the local, state, federal and international levels.
We work with you to confront relevant industry challenges and prevailing regulations to build a robust response, whether you're a consumer product market leader, health care provider or tech startup. From manufacturing to professional services to the financial sector, we understand your industry and its unique challenges, crafting strategies and defenses tailor-made for you. Clients trust our commitment to deliver comprehensive solutions to any challenge or issue that arises, enabling your organization to operate confidently in the digital age.
Reinhart is, at its core, a multidisciplinary firm, and we provide clients a powerful advantage in data privacy and cybersecurity legal counsel. Our integrated team of attorneys specialize in corporate law, health care, banking and finance, employee benefits, labor and employment, litigation and intellectual property, ensuring a holistic approach to address all aspects of your organization that may be affected by data privacy and cybersecurity issues.
As seasoned, highly credentialed professionals dedicated to the practice, our team members collectively hold the following industry-leading privacy and cybersecurity certifications:
- Fellow of Information Privacy (FIP)
- Certified Information Privacy Professional/United States (CIPP/US)
- Certified Information Privacy Manager (CIPM)
- Certified Information Systems Security Professional (CISSP)
- Certified in Cybersecurity (CC)
- Partnership: Our dedicated team of attorneys are your strategic partners, not just legal advisers. We collaborate with a wide range of representatives, including upper management, general counsel, data privacy officers and chief information officers, at all stages of the data lifecycle.
- Risk Mitigation: We provide invaluable support in mitigating risk through meticulous policy drafting, contract negotiation and counseling on using, securing and disclosing personal data in compliance with the latest regulations.
- Legal Landscape Navigation: Staying ahead of the curve is critical. Our team stays abreast of the evolving legal landscape. We translate complex legal requirements into clear, actionable insights that inform your decision-making and help protect your organization.
- Incident Investigation and Response: Incidents happen, but our team is prepared – and so are our clients. We work proactively to minimize the damage and conduct thorough evaluations, ensuring a rapid and decisive response. We seamlessly collaborate with your response team and cyber insurer to uncover the source and scope of the incident, while managing the aftermath with a path forward. We leverage attorney-client privilege as we guide clients through investigations and seamlessly partner with external specialists like forensic analysts.
- Breach Assessment and Notification: Our team stands ready to act swiftly to assess whether an incident rises to the level of reportable breach. We assist with preparing breach notifications and ensuring all notifications are sent to individuals, regulators and media outlets in a timely manner.
- Litigation: When disputes arise, our team is prepared to represent our clients’ interests zealously in all aspects of litigation, whether in state and federal courts or administrative agencies. We help our clients protect their rights and data by handling complex cases involving biometric privacy, wire fraud, trade secrets, intellectual property and computer crimes under the Computer Fraud and Abuse Act.
- Investigating and responding to security incidents, such as ransomware, network intrusions and other cybersecurity attacks
- Assessing potential breaches of protected information and, if necessary, preparing and sending required notifications
- Permissibly using and disclosing personal information, including cross-border data transfers
- Adopting information security programs, cybersecurity best practices and risk management strategies
- Implementing reasonable security measures designed to protect confidential and proprietary information and trade secrets
- Preparing and negotiating data processing agreements (DPAs), business associate agreements (BAAs) and nondisclosure agreements (NDAs)
- Conducting cybersecurity due diligence in mergers and acquisitions
- Responding to agency audits and investigations
- Handling wire fraud disputes and litigation under the Computer Fraud and Abuse Act and its state equivalents
- Preparing and updating policies, procedures and terms of use to fit unique technological and workforce needs
- Analyzing the terms, conditions and limits of cyber insurance policies
- Implementing supply chain risk management programs for critical risk vendors
- Educating employees on security awareness and compliance
- Developing Artificial Intelligence (AI) governance and compliance strategies
- European Union's General Data Protection Regulation (GDPR)
- Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
- California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Gramm-Leach-Bliley Act (GLBA)
- Employee Retirement Income Security Act (ERISA)
- Computer Fraud and Abuse Act (CFAA)
- Comprehensive data protection statutes enacted at the state level, such as the Colorado Privacy Act (CPA), the Utah Consumer Privacy Act (UCPA) and the Virginia Consumer Data Protection Act (VCDPA)
- State breach notification statutes
- Medical information privacy statutes, such as 42 CFR Part 2 (Confidentiality of Substance Use Disorder Patient Records) and California's Confidentiality of Medical Information Act (CMIA)
- Biometric privacy statutes, such as Illinois' Biometric Information Privacy Act (BIPA)
- Payment Card Industry Data Security Standards (PCI-DSS)
- Telephone Consumer Protection Act (TCPA)
Data Privacy and Cybersecurity News & Insights
SEC Adopts Cybersecurity Disclosure Rules for Public Companies
Alerts & Updates
Covered Entities Must Comply with FTC Safeguards Rule
Alerts & Updates
Reinhart Welcomes 10 New Associates
Press Releases