Data Privacy and Cyber Security

Cyber security and data privacy are critically important as cyber crime and data privacy breaches increasingly create liability for businesses of all sizes.

Zarwin Baum’s Data Privacy and Cyber Security Practice Group is focused on the growing risks and rapidly evolving liability exposure associated with the security and storage of PII, PHI, PCI, and proprietary information data. Our attorneys are equipped to handle disputes arising from cyber risks and privacy breaches for a diverse group of industries, including technology, retail, healthcare, financial, banking, insurance, and education.

We support clients before and after a data breach, identifying and advising on strategies that address and minimize potential liabilities and protect the client’s reputation in a cost-effective manner. Through preemptive consulting, including privacy and security assessments, our attorneys work with clients to develop best practices and incident response plans to minimize the risk of a data breach and put the client in the best position to respond to a breach. To minimize a client’s potential legal exposure, we assist with creating internal policies and procedures, employee training and can guide the purchase of cyber insurance coverage.

A complete understanding of a client’s insurance program is vital to maximizing protection against cyber risk. Our attorneys are highly skilled in considering the adequacy of existing insurance programs, analyzing new insurance products, and drafting and negotiating cyber insurance policy placements. When necessary, we will monitor cyber claims and represent clients in coverage litigation.

Breach Response Team

A prompt and well-planned breach response is essential when cyber attacks occur. Zarwin Baum’s Breach Response Team is positioned to immediately respond to time-sensitive situations with a 24/7 incident response service to meet a client’s urgent needs.

Using cyber forensic investigators and experts, the Breach Response Team provides rapid and comprehensive incident response to minimize exposure and mitigate the number of regulatory and litigation related problems that may arise. The team works with the client to coordinate and implement breach notification to affected individuals. This includes assisting the client in ensuring compliance with a wide variety of consumer and data protection laws, including the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act of 2002, Gramm-Leach-Bliley Act (GLBA), and the 2009 Health Information Technology for Economic and Clinical Health Act (HITECH). In addition, our team will assist with preparing crisis communications designed to inform the public and protect the client’s brand.

Areas of Expertise

  • Compliance with state, federal, and data privacy laws
  • Development of client-specific policies to manage emerging risks
  • Data breach incident and response notification
  • Data privacy risk assessments
  • Management of insurance coverage matters
  • HIPAA/HITECH violations responses