Nutter’s interdisciplinary Privacy and Data Security team has years of experience providing counsel, regulatory advice, and litigation services to businesses and institutions across a range of industries, including banking and financial services, educational institutions, health care, insurance, life sciences, nonprofit, and retail. We have an exceptional track record handling all legal aspects of privacy and data security matters, ranging from compliance with HIPAA and banking regulations to responses to data security breaches. Clients trust our strategic guidance and experience. With Nutter at their side, our clients can stay focused on core business activities, minimize potential risks, and respond effectively to security incidents.
Compliance Counseling and Risk/Security Assessment
Our team routinely addresses and mitigates privacy and data security concerns. We are skilled at asking the right questions, mapping and understanding the flow of sensitive data through an organization, spotting compliance issues, and drafting policies and recommended practices to safeguard data. We help clients develop training programs and website privacy policies, and also represent clients when they face issues involving global compliance, cross-border data transfers, and compliance audits.
Our team specializes in negotiating the terms of vendor services agreements relating to the exchange and protection of personal data (both from the “data controller” and “data processor” perspectives), advising on best practices in the e-commerce context, and managing the complexities inherent in cross-market data transfer compliance obligations and related issues.
Security Breach Response
We are experienced in addressing network intrusions and responding to data breaches. We help clients that have learned of a data breach manage their immediate legal responsibilities and develop a response plan for the affected consumers, clients, employees, or other individuals. Our response team assists clients in coordinating with regulatory authorities, meeting public disclosure requirements, assessing a company’s response to the incident, evaluating remedial measures, and responding to civil litigation or government enforcement actions.
Our team stays abreast of the latest developments in the industry by participating in organizations such as the International Association of Privacy Professionals (“IAPP”). Our Privacy and Data Security team includes a Certified Information Privacy Professional (“CIPP”), the preeminent credential in the field. We have the knowledge and experience to help businesses understand and comply with the evolving laws and standards that regulate the collection, use, sharing, and protection of personal data.
The interdisciplinary nature of our team—made up of transactional and litigation attorneys—makes Nutter adept at counseling clients across a broad range of industries on compliance with, and defending against, alleged violations of privacy and data security laws.