Data Security & Breach Response



We offer prompt and efficient data breach response and clear practical guidance in the face of complex regulatory requirements and negative brand reputation.

Our approach

The compromise of confidential customer, patient or employee information can have a serious impact on your company’s reputation and finances and has serious consequences for those whose privacy is violated.

We take the stress out of the situation. Our team helps clients protect their data long before an incident occurs, plan for situations beyond their control and respond quickly and appropriately to data breaches.

We have the systems and assets already in place that make the difference between a scramble and an efficient and compliant response. We manage media responses and coordinate with trusted vendors who provide high-volume breach notification, call center functions, credit monitoring, forensic analysis and remediation efforts. Our team also provides step-by-step navigation of any litigation or government investigation.

The combination of many well-meaning federal and individual state laws means increasingly complex requirements for data security, data breach notification and data destruction/disposal. We clarify your compliance needs, analyze your risk of data breach, evaluate your existing privacy policies and practices, train employees and help you put best-practice procedures into action.

Who we work with

  • Companies at any stage of data theft or loss, whether intentional or accidental, including victims of hacking, disgruntled or careless employees and natural disasters
  • All businesses, organizations and government entities that collect, transmit or store sensitive or personally identifiable information
  • All industries including technology, health care, finance, infrastructure, defense, energy, big data, social media, data storage and professional services
  • Health care providers, business associates and others impacted by the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Law firms, accounting firms and other professional advisors working with sensitive client information

Recognition

  • Recognized by Chambers USA as a nationwide leader in the Field of Privacy Law

Recent experience

  • Provided emergency response and strategy for numerous clients following the theft or loss of large amounts of sensitive information
  • Represented multiple companies in incidents involving misdirected e-mails containing personal information and requiring notification under state law
  • Represented several manufacturers, food service companies and service providers in data breach response
  • Helped a large corporation respond to a hacking incident
  • Helped various companies address the theft of personal information by employees
  • Provide ongoing counseling to various areas of the health care industry, helping with security risk assessments following an unauthorized access, use or disclosure of data and helping determine whether notification is required under state and federal breach notification regulations

HIPAA spotlight: key stats from a banner year

Law360 | January 17, 2017

This article recaps HIPAA stats and highlights from the past year. Chicago health care partner Valerie Montague is quoted throughout discussing privacy breaches and how health care organizations react.

No immunity from cyberattacks and data breaches in 2016 and beyond

Rochester Business Journal | January 13, 2017

Rochester private equity and investment funds partner Jeremy Wolk and labor and employment associate Jenny Holmes co-authored this column about cyber security. The column provides an overview of the risks and potential legislative changes that could help small businesses and tips for creating a privacy policy.

Ransomware is Rampant & Your Risk Analysis Might Save You

Health Information Compliance Alert | June 01, 2016

Providence commercial litigation counsel Steven Richard is quoted in this article focused on the results of a new study highlighting a new trend toward specialized data breach insurance policies.

The Risk of Data Misuse by Health Care Co. Employees

Law360 | May 25, 2016

Government Investigations & White Collar Defense partner Tina Sciocchetti, health care partner Laurie Cohen and commercial litigation associate Michal Ovadia co-authored this column discussing the risks companies that collect or maintain sensitive personal information face when a rogue employee compromises data security.

Retailers Must Not Ignore Security Alerts, Court Says

CSO | December 15, 2014

San Francisco Commercial Litigation partner Karl Belgum is quoted in this article on the implications of a Minnesota federal court's decision regarding Target’s data breach litigation indicating expansive retailer liability for stolen credit card data.

Back to top