Privacy, Security and Data Protection

LEADERSHIP: Sharon R. Klein

Technology has allowed businesses to collect vast amounts of personally identifiable information and other sensitive data, and use that data to work better, faster and more efficiently with their customers, employees, business partners and others. Unfortunately, too often that sensitive information is not secure, leading to identity theft, intellectual property and trade secret theft, attacks on critical information systems, counterfeiting of valuable goods, and detrimental or even criminal activity.

To help combat those problems, businesses must comply with an increasingly complex array of state, federal and international laws designed to protect the privacy and security of personally identifiable or competitively sensitive information.

Pepper Hamilton LLP advises businesses on planning, drafting and implementing privacy, security and data protection policies and “best practices,” compliance with applicable laws, regulations and rules, and crisis management and litigation strategies for non-compliance. We counsel on such issues as data security and breach of security issues, online security and privacy, domestic and international anti-spam legislation, and issues specific to industries such as health care, financial services, and manufacturing and retail. We have defended litigation stemming from breaches of personally identifiable information and have defended executives and corporations in white collar investigations relating to compliance issues.

Our Lawyers

Members of Pepper’s Privacy, Security and Data Protection Group have diverse backgrounds and practices, but a common goal: helping businesses understand and comply with the complex and fast-moving area of privacy, security and data protection laws and regulations. The group includes experienced corporate and transactional lawyers, intellectual property counselors, health care lawyers, veteran trial lawyers and government contracts/regulatory and white collar attorneys.

Many of our lawyers have significant experience as in-house counsel for private corporations or the government, which offers a unique and valuable perspective when approaching privacy, security and data protection. In addition, our clients have immediate access to our more than 500 lawyers experienced in a wide range of related areas, such as intellectual property, health care, financial services, employment, international trade, technology and government contracts, to handle any legal issues as quickly and efficiently as possible.

Our Work

We help clients develop privacy, security and data protection policies and practices tailored to their businesses. We advise on implementation and enforcement of privacy and security policies in transactions and agreements with vendors, business partners and other third parties. We help clients protect against and respond to security and privacy breaches.

Pepper lawyers also identify and address privacy, security and data protection issues in mergers, acquisitions and other corporate transactions, including those with the U.S. government. Additionally, we help clients navigate complex issues regarding e-discovery issues and employee surveillance in the workplace. As businesses increasingly move into online and digitized markets, we counsel them about new and continuing online privacy, security and consumer protection issues and litigate related compliance issues.

Pepper lawyers are knowledgeable about developments in U.S. federal, state and industry-specific privacy, security and data protection laws, regulations and practices, as well as global laws and regulations in the European Union, Asia, Canada and other jurisdictions.

We have experience analyzing and applying privacy, security and consumer protection laws and regulations, including the Gramm-Leach-Bliley Act, the Electronic Communications Act, the Computer Fraud and Abuse Act, the Privacy Act of 1974, the Video Privacy Protection Act, the Fair Credit Reporting Act, the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), the Children’s Online Privacy Protection Act and the CAN-SPAM Act. We also are experienced in analyzing and assisting with compliance with international laws, such as the EU Data Protection Directive.