Data Privacy and Security

Data privacy and security protection impacts nearly every type of enterprise. Personal data is an increasingly complex asset requiring strategic risk management to meet the challenges and opportunities presented by today's global information economy. A comprehensive approach to protecting the various forms of data is essential to minimize exposure to liability and maintain customer relationships.

Holland & Knight regularly provides the full range of data privacy and security services to a wide variety of industry sectors, including financial services, education, government contracts, information technology, health care, insurance, travel services, e-commerce, communications and content providers.

United States Compliance

In the United States, state and federal regulators have highlighted information security and data privacy as a consumer protection issue, particularly in the health care and banking industries. Holland & Knight has a wealth of expertise in the following areas, to name few:

• Children’s Online Privacy Protection Act (COPPA)
• Fair Credit Reporting Act and FACTA
• Gramm-Leach-Bliley Act
• Health Insurance Portability and Accountability Act (HIPAA)
• Section 5 of the Federal Trade Commission Act (unfair and deceptive practices)
• Uniform Electronic Transactions Act (UETA)
• Electronic Signatures in Global and National Commerce Act (ESIGN)
• CAN-SPAM and telemarketing restrictions
• national security-related privacy issues
• state privacy and data breach notification laws
• pending federal and state legislation

International Compliance

Multinational and e-commerce companies must be especially rigorous regarding data compliance, because their data flows across the borders of many countries. Full implementation of the European Union Data Protection Directive by its member states has created a complex network of privacy and data protection regulation. Additionally, countries outside the European Union have developed or are considering their own privacy regimes.

Organizations contemplating multinational and e-commerce undertakings must understand and comply with privacy and data protection requirements for all countries where data is collected, processed and stored. Reconciliation of laws across many different countries is required. Holland & Knight's international offices and global network of local counsel and multilingual attorneys can assist with your compliance needs.

The Full Range of Services You Need

Our data privacy and security lawyers understand that a holistic approach is necessary to develop and implement a data compliance plan that furthers your enterprise-wide objectives. Let our team assist you with:

• strategic advice and counsel on local, national and international privacy and data protection law
• design and implementation of data and records management and retention policies,
• integration with comprehensive corporate compliance programs
• internal investigations
• crisis management
• defending class action law suits
• legislative drafting, advocacy, congressional investigations and testimony
• enterprise-wide risk management
• on-site data security training
• independent auditing services
• privacy policies and terms of use
• recourse and liability
• security, encryption and authentication