Data Security and Privacy

Our lawyers are at the forefront of the rapidly developing legal and regulatory framework pertaining to privacy and information security. A myriad of federal and state laws, regulations and regulatory guidance dictate the security and privacy requirements and standards by which businesses must operate. Financial institutions in particular are affected by these requirements. Such institutions, for example, must provide notices to their customers regarding their information collection and sharing practices, and must grant consumers the option to “opt out” if they do not want their personal information shared with non-affiliated third parties. Our attorneys have made these requirements a focus of their attention. Another area of particular relevance to this industry are rules governing security breach deterrence and response. Certain legislation requires financial institutions to develop and maintain comprehensive response programs to address security issues and to notify each affected customer upon detection of unauthorized access to, or use of, that customer’s information. We actively work with our clients to ensure that they have established the policies and procedures necessary to comply with the evolving standards in this area, and to meet the challenges of the 21st century with respect to privacy and security. If a breach occurs, we assist clients in examining and responding to the event, including identifying all applicable regulations, responding to regulators and notifying affected consumers.