Privacy and Data Security
Areas Of Focus
Nutter’s interdisciplinary Privacy and Data Security team has years of experience providing counsel, regulatory advice, and litigation services to businesses and institutions. We work closely with our clients, immersing ourselves in their business so that we can provide the best possible value, and strategic guidance. This approach allows our clients to stay focused on core business activities, minimize potential risks, and respond effectively to security incidents. Our attorneys have an exceptional track record in a broad range of privacy and data security matters ranging from compliance with HIPAA and banking regulations to responses to data security breaches.
Compliance Counseling and Risk/Security Assessment
Our team routinely addresses and mitigates privacy and data security concerns. We are skilled at asking the right questions, mapping and understanding the flow of sensitive data through an organization, spotting compliance issues, and drafting policies and recommended practices to safeguard data. We help clients develop training programs and website privacy policies, and also represent clients when they face issues involving global compliance, cross-border data transfers, and compliance audits.
Our team specializes in negotiating the terms of vendor services agreements relating to the exchange and protection of personal data (both from the “data controller” and “data processor” perspectives), advising on best practices in the e-commerce context, and managing the complexities inherent in cross-market data transfer compliance obligations and related issues.
Security Breach Response
We are experienced in addressing network intrusions and responding to data breaches. We help clients that have learned of a data breach manage their immediate legal responsibilities and develop a response plan for the affected consumers, clients, employees, or other individuals. Our response team assists clients in coordinating with regulatory authorities, meeting public disclosure requirements, assessing a company’s response to the incident, evaluating remedial measures, and responding to civil litigation or government enforcement actions.
Our team stays abreast of the latest developments in the industry by participating in organizations such as the International Association of Privacy Professionals (“IAPP”). Our Privacy and Data Security team includes attorneys designated by IAPP as Certified Information Privacy Professionals (“CIPP/US”), the preeminent credential in the field. We have the knowledge and experience to help businesses understand and comply with the evolving laws and standards that regulate the collection, use, sharing, and protection of personal data.
The interdisciplinary nature of our team—made up of transactional and litigation attorneys—makes Nutter adept at counseling clients across a broad range of industries on compliance with, and defending against, alleged violations of privacy and data security laws.
View Practice Team
News & Insights
- Leading Cybersecurity/Privacy and White Collar Defense Authority Seth P. Berman Joins Nutter as Partner09.06.2017
- Pat Concannon Serves as Contributing Author on Highly Regarded Data Security Book, Reports Mass Lawyers Weekly07.14.2016
- Nutter Partner Patrick Concannon Authors “Congressional Response to the Internet” Chapter for MCLE Data Security and Privacy Book11.20.2015
- Ron Cahill and Pat Concannon Present on Protecting Trade Secrets and Employee / Customer Data from Data Breaches11.15.2016
- Wire Fraud Scams and Corporate Email Attacks: Beware of Tricks, Not Treats, During Cyber Security Awareness Month10.11.2017 | Legal Update
- 09.27.2017 | Advisory
- 09.12.2017 | Article
- Equifax Breach is a Category 5 Incident Affecting You – Our Recommendations on How to Safeguard Your Data09.11.2017 | Advisory
- Writing for ABI Journal, John Loughnane Analyzes Mediating Cybersecurity Disputes in Distressed SituationsJuly 2017 | Article
- Writing for Law360, John Loughnane Outlines Lessons for Lenders and IP Licensees from Sixth Circuit Ruling01.25.2016 | Article