Sandberg Phoenix’s Cybersecurity team understands that your business must protect its information assets. Our team can assist you with an effective information management policy. Our skilled team leverages the support of legal services, technology risk expertise, third-party insurance and third-party public relations to aid organizations.
Cybersecurity Incident Response and Compliance
We use government and industry best practices as a guide to set baselines and reduce risk without the fear of increasing their liability from regulatory enforcement, private litigation, or class action litigation that can lead to significant financial and reputational harm by providing the following services:
- Incident Response
- 24/7 incident response team
- Coordination of multidisciplinary responses to data breaches
- Advise and oversee data breach notices
- Advice concerning incident response, forensic investigation assistance, reporting/disclosure obligations and crisis management with respect to breach incidents
- Response to government investigations
- Regulatory Compliance + Prevention
- Design effective systems and protocols including cybersecurity programs and Incident Response Plans
- Provide relevant advice to corporate officers and boards of directors regarding fulfillment of their risk oversight responsibilities
- Advise and audits regarding the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) protect patient personal health information (PHI)
- Compliance for financial services institutions
- Review cyber insurance policies to assess terms and adequacy of coverage
- Creating and implementing customer privacy notices and policies, including those related to marketing, data security policies, website privacy policies and email and Internet monitoring policies and protocols
- Compliance with state and federal privacy statutes including children’s, education, consumer, and employment
- Compliance with GDPR and California Privacy Act
- Draft personnel policies
- Business Transactions
- Cybersecurity assessments in M&A due diligence
- Review and negotiate third-party vendor and outsourcing contracts to ensure adequate risk allocation and security of confidential and proprietary information.
- Advice regarding the appropriate patent, copyright, trademark, and trade secret strategies to protect data, databases, networks, sales and financial information and other proprietary intellectual property or business enterprises
- Training + Support
- Conduct comprehensive in-house training and compliance programs
- Day-to-day advice concerning compliance with applicable privacy federal, state and local laws and regulations and relevant industry standards
Cybersecurity & Privacy Risk Management Litigation Team
Our Cybersecurity & Privacy Risk Management litigation team is a collective of highly experienced litigators that represent organizations, insurers and reinsurers throughout the United States in complex litigation, including class actions, involving:
- Civil claims and government enforcement actions under specific privacy laws, such as:
- FTC Act, HIPAA/HITECH, FCRA, GLBA, FIRREA, Dodd-Frank, FACTA, FERPA, CAN-SPAM, VPPA, and GDPR (EU) and Illinois Biometric Information Privacy Act
- State data breach notification and disposal laws
- Misappropriation of trade secrets
- Non-disclosure and non-compete agreements
- Computer tampering
- Copyright trademark and patent infringement
- Common law privacy tort claims
- Breach of contract claims (Cyber Agreements and Addendums)
Contact our Cybersecurity Team for more information on how to best protect your business.