If a business or governmental entity retains data that is subject to privacy laws or regulation, the organization is required by law to have reasonable cybersecurity measures to protect that data from breach by hackers. Unfortunately, in the ever-changing world of cyberspace and the laws that govern it, “reasonable cybersecurity” is not only unclear, but keeps changing. Trenam Law’s team of cybersecurity and data privacy attorneys can help you figure out what measures you need to take right now, and how to keep you on the right track moving forward. From conducting pre-breach privacy and security assessments, to coordinating crisis management and incident response, to advising on breach notification, to defending organizations in litigation and regulatory proceedings, Trenam attorneys guide our clients through the cybersecurity puzzle.
What We Do
Responding to a Data Breach
If an organization has been the victim of a data breach, we provide rapid and comprehensive incident response under the protection of the attorney-client privilege. Our firm will triage the incidents to counsel clients on the appropriate response. Often an organization will be able to resolve data security incidents without litigation or even public disclosure, through experienced understanding of applicable statutes or through strategic engagement with regulators. The legal components of post breach response are varied and complex and may include:
- Notification of Affected Individuals
- Law Enforcement
- Forensic Investigation
- Notifying Insurer
- Public Relations
- Litigation
A Proactive Approach to Cybersecurity and Data Privacy – Privacy, Information Security and Cybersecurity Posture Improvements
Trenam offers clients a comprehensive look at the organization’s information management and security practices, and recommends necessary steps to not only comply with the law but to ensure greater protections by implementing best practices for the organization’s particular business sector. This includes design of protocols for data security, sharing and use of data, e-discovery readiness, and records retention, among other things. We can help organizations formulate or revise privacy policies to comply with new laws or adjust to new technologies or changes in operations. Most importantly, we can act as a vital part of an organization’s team that includes C-level, technology, human resources, and public relations professionals.