Our attorneys advise businesses of all sizes regarding a broad range of laws, regulations, and legal issues that apply to the collection, storage, use, and sharing of information concerning customers, employees, and patients, including:
- The Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH) Act, and other requirements related to patient information and electronic health records.
- Privacy rights and restrictions concerning personal data pursuant to Federal and state privacy laws and international data privacy regulations, including the EU’s General Data Protection Regulation (GDPR), The California Consumer Privacy Act (CCPA) a,nd The Children’s Online Privacy Protection Act (COPPA).
- The privacy and security of financial and banking information pursuant to the Gramm-Leach-Bliley Act (GLBA).
- Restrictions on marketing and other phone or text message communications pursuant to the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act and Telephone Consumer Privacy Act (TCPA) and compliance with Do Not Call Registry obligations and other Federal Trade Commission (FTC) regulations.
- Responding to data breach incidents by providing notices required by state data breach notification laws.
We advise our clients regarding commercial transactions that involve privacy and data security concerns, and help to negotiate, draft and implement transaction documents such as:
- Agreements with data processing or data storage vendors.
- Data licensing agreements and related security exhibits.
- Payment processing and merchant account agreements.
- Outsourcing, e-commerce order fulfillment and distribution agreements.
- HIPAA Business Associate Agreements.
- Website privacy policies and terms of service.
- Marketing and advertising agreements that require the sharing of information about customers or potential customers.
- Agreements involving the sharing or transfer of personal information concerning customers or employees, including transfers related to a sale, merger or acquisition of a business.
We also help companies adopt internal policies concerning data privacy and security, identify areas of risk or non-compliance, and train employees regarding the proper handling of confidential information or personal data. Our lawyers understand technology and work closely with IT professionals to help detect and correct technological risks related to data privacy and security.
We see every company as a technology company. Whether you develop technology yourself, or you rely on vendors to provide solutions that keep your business running, our goal is to identify and address technology risks while increasing value to your business.
We leverage a team of diverse lawyers, intentionally selected from across practice areas and industries, to provide practical advice on a wide range of technology-related issues. We regularly counsel clients, from startups to global businesses, on matters such as:
- SaaS, software, and end user license agreements
- Computer hardware
- Technology transfer and licensing
- Hosting agreements and outsourced IT infrastructures
- Emerging technologies
- Procurement and vendor management