RSS Feed LinkedIn Instagram Twitter Facebook

Data Security, Privacy & Technology

FMG's Data Security, Privacy, & Technology practice group is an interdisciplinary team of attorneys across the firm's office locations that stays on the edge of legal developments affecting our clients in the digital age. We advise and represent businesses in all facets of data security, privacy, and technology litigation. We work with our clients proactively to implement the best practices and policies with respect to data security and privacy to avoid legal problems before they start. When a data security incident occurs, we serve as breach counsel to provide comprehensive assistance to our clients to navigate the investigation and notification requirements that must be followed. After an incident, we defend clients against government investigations or enforcement actions, as well as third-party litigation such as class action lawsuits by customers or clients and all manner of Technology Errors & Omissions (Tech E&O) claims.

Data Security, Privacy & Technology Professionals
Section Co-Chair - David A. Cole
Section Co-Chair - John S. Ghose

Compliance and Data Breach Preparedness

The attorneys in our Data Security, Privacy & Technology practice group take a proactive approach by working with clients to ensure compliance with data security and privacy laws and to prepare for data breaches before they occur. Studies routinely show that organizations with strong security postures and a written data breach response plan in place beforehand experience less interruption and have lower costs when responding to a data breach. In addition, various laws and regulations require some organizations to implement data security and privacy policies and procedures, to have third party vendors agree to certain contractual provisions, and to train their staff on data security and privacy issues.

Our team works with clients to develop the right policies and procedures, and to conduct the right training, to ensure legal compliance and protect them in these situations. Our work in this area includes advice and counseling on legal compliance; review and preparation of written policies and procedures, including incident response plans; execution of table top exercises; presentation of workforce training; and drafting and negotiation of vendor contracts. As part of our services in this area, we have developed the FMG Cyber Toolkit, which is a package of essential policies and procedures and training exercises designed to provide your organization with the framework needed to prepare for and respond to a data breach.


24/7 Emergency Data Incident Response

When an organization experiences an actual or potential compromise of data security, it faces a number of legal requirements to investigate and respond, typically in a very short time. The attorneys in our Data Security, Privacy & Technology practice group are approved panel counsel for many insurance carriers and have experience serving as breach counsel in hundreds of data security incidents around the country and involving all types of data.

We provide comprehensive legal counsel in response to a data breach, including advising clients during the investigative process to determine the nature and scope of the breach and then formulating the best strategy for a response. We advise clients on compliance with notification laws and help prepare required communications to affected individuals, customers, and employees. Following an incident, we also represent clients in response to state and federal regulatory investigations or other administrative or legal actions that may be brought. Our goal is to help minimize the impact the breach has on your business and the potential for any legal exposure.


Cyber Risk Insurance Coverage Services

Our team of attorneys is experienced and prepared to assist insurance carriers and reinsurers in policy and contract wordings, coverage analysis, coverage litigation, claims investigations, training, and bad faith and extra contractual defense. Attorneys on our team have specific experience with counseling insurers on new cyber insurance policy forms and manuscript endorsements, and they have experience with resolving coverage disputes concerning cyber policy wordings. Our team has keen insight into the evolving risks and coverage issues significant to cyber insurers based on their prior engagements with carriers as coverage counsel and based on their engagements with insureds as breach coach. Drawing on the combined expertise of our Insurance Coverage and Bad Faith practice group and our Data Security, Privacy & Technology practice team, our attorneys have earned the trust of insurance carriers and reinsurers in the U.S. and London market to provide sophisticated legal advice and advocacy in cyber risk insurance coverage matters.


eDiscovery & Records Management

With most information now stored electronically, businesses face new challenges in the discovery of electronic information in litigation and in the management of the large volume of data stored within their organizations. They have to manage where and how electronic information is stored and implement and follow information governance programs to comply with legal obligations regarding discovery in litigation and the security and privacy of customer and employee data.

FMG's Data Security, Privacy & Technology practice group advises and represents clients in all aspects of electronic discovery and information governance. We provide counsel on eDiscovery issues including pre-litigation preparedness and the preservation, collection, review, and production of electronic information in litigation, as well as information governance issues related to data security, privacy and records management. Our multi-disciplinary team of attorneys help clients meet these legal obligations while at the same time managing costs and facing the realities of and need for the continued operation of your business. Our attorneys also help clients develop data preservation, document retention, and information technology usage policies, including privacy and information security plans. We also provide workplace training and help coordinate the work of computer forensic investigations and other technology experts and vendors.


Tech E&O, Regulatory Actions and Litigation

An organization that has experienced a data breach is often required to self-report to certain regulators. In addition, some laws allow regulators to launch investigations into an organization's systems and security practices even when there has not been a reported data breach. These investigations can take years, involve voluminous requests for documents and information, and result in lengthy and sometimes tense negotiations with regulators. The FMG Data Security, Privacy & Technology practice group is experienced in representing organizations with matters before state and federal regulators, including attorneys general, state agencies, the Federal Trade Commission, the Department of Health and Human Services, and the Office for Civil Rights. Our attorneys also have represented many clients in credit card breaches, assisting with the response to the complex and often lengthy investigation done by the Payment Card Industry.

Data breaches and other technology disputes also sometimes result in litigation. When that happens, our team of attorneys represent business organizations in all manner of third-party litigation involving data security, privacy, and technology. Whether it is a single-plaintiff or class action lawsuit based on a data breach, an enforcement action brought by a government agency, or a Technology Errors & Omissions (Tech E&O) claim, our attorneys are admitted across the county and have the knowledge and experience to provide the best legal defense possible.