- Develop procedures and response plans to guide the implementation of IT security and use policies
- Counsel clients that develop mobile applications on data security issues
- Monitor breach notification and other consumer protection laws in all 50 states, as well as pending and anticipated legislation worldwide
Additional Offerings from the Information Privacy, Security and Governance Team
- Act as the “Virtual Privacy Security Officer (VPSO)” for clients without a chief privacy officer to project manage and train personnel to implement programs internally
- Scalable assessments for privacy, security and information governance (from quick hits to holistic assessments)
- Tool Box – Draft and/or revise company policies around information privacy, security, and/or governance – OBA, digital marketing agreements, etc.
- Information Governance Framework design and implementation
- Information Inventory – work with IT to understand all ways information is created and maintained
- Litigation support, including through Drinker Biddle’s wholly-owned eDiscovery subsidiary, Tritura IG
- Data Strategy – using content governance as a tool to design data flows for improved/optimal use of data
- Data Analytics
- Data Migration and Classification
- Compliance Programs
- Technology Consulting
- Training – CLE, employee onboarding, boards
Data Breach and Ransomware Response
We guide clients through data breach preparation, response and ongoing prevention measures. We provide services to:
- Prepare clients with an incident response plan for a data breach, including ransomware readiness preparation
- Investigate data incidents and breaches in conjunction with forensic experts where necessary and oversee the implementation of appropriate remedial measures
- Provide real-time breach/ransomware response and support with execution of incident response plan
- Assist clients in preventing data breaches via vulnerability assessment management, transactional counselling, CISA information sharing, and security policies
- Counsel clients in connection with data incidents and breaches regarding the implementation of contingency plans and notification efforts to affected persons and relevant law enforcement authorities
- Defend companies in class actions and other enforcement proceedings and develop settlement programs involving thousands of claimants
- Negotiate consent decrees and post-settlement oversight with regulatory authorities
- Engage with cyber-liability insurers as needed to implement remediation plans that protect clients from future breaches
Consortia Management
We have managed collective efforts to advance science and policy for pharmaceutical, biotechnology and medical device industries for more than 20 years through our Consortia Management team.