Menu
Summary
Attorneys
Events
Publications

Minimizing exposure and managing risk—that's how Hinshaw helps.

Data helps to fuel today's information economy. The ease of information sharing has led to new opportunities. It has also increased complexity and risk.

With data breaches on the rise and privacy laws continually evolving, even the most conscientious companies find it hard to keep up. Today's reality is that even a single misstep can result in serious and costly consequences.

Given these risks, you need a partner you can rely on. Our Data Privacy & Cybersecurity team helps clients manage the full array of issues and matters that arise from the collection, use, storage, commoditization, disclosure, and transfer of data. Hinshaw can help.

Our attorneys work with clients to identify and anticipate risks and obligations, design and implement customized plans and policies, and proactively create and implement data incident response procedures. We also work hand in hand with clients to assess and establish safeguards around the use of data.

We draw on our team's unique experience to help our clients understand the intersection of laws and technology, identify threats, and implement policies and compliance frameworks to satisfy best-practice standards, minimize the risk of cybersecurity events, and respond quickly to any incidents that may arise.

Our team is comprised of attorneys with backgrounds in techno-legal issues, digital forensics, cybercrime investigations, government and regulatory investigations, and litigation. Many also possess backgrounds in a full range of data-dependent and highly regulated industries, including the financial services, insurance, and health care sectors.

Your data privacy and cybersecurity needs don't stop at the border, and neither does our experience. With offices across the U.S. and in London, our team is ready step in whether you need compliance and counseling, response guidance during a cyber incident, or litigation defense after an incident has occurred.

Compliance, Counseling & Risk Management

Many of today's data privacy and security regulations apply to both businesses with and without a physical presence. Which is why our clients look to us to help them navigate applicable federal and state privacy laws and regulations. We also believe that data security risks can be minimized with proper policies, training, and safeguards. Our proactive approach encompasses a detailed assessment with practical guidance followed by a tailored response plan that minimizes risks, safeguards data, and reduces exposure to security incidents.

Our interdisciplinary team:

  • Develop and update privacy programs and policies
  • Counsel on industry, legislative and regulatory developments, requirements, and standards
  • Perform cybersecurity and privacy risk assessments and audits
  • Perform due diligence on third-party vendor relationships and contracting
  • Draft and negotiate privacy, confidentiality, license, and vendor agreements
  • Develop incident-response plans and tabletop training exercises
  • Advise on cyber insurance coverage

Incident Response

Despite best practices, data security incidents still occur and can be costly.

Companies worldwide have learned the hard way that cybersecurity incidents demand an immediate response. You must act quickly to stop financial bleeding, restore public confidence, and minimize the impact of follow-on litigation—which is why our clients appreciate the speed in which we come to their aid to minimize the disruption and damage associated with a cyber incident. We also act swiftly and collaboratively to stem the damage from cyber incidents.

Our incident response services includes:

  • Coordination of initial incident assessments, the securing of networks, and evidence preservation
  • Coordination of necessary security, forensic, and incident response vendors
  • Counsel on ethical issues related to data incidents and data breaches
  • Evaluation of state specific obligations
  • Coordination of vendors, call centers, and third-party forensic teams
  • Steering public relations or crisis management efforts
  • Drafting notifications to compromised individuals and government regulators
  • Counsel on remediation strategies
  • Defense of litigation/government inquiries, investigations, and development of regulatory responses

Litigation Defense

Even when companies are prepared and have responded properly to an incident, claims of privacy violations and/or cybersecurity failures often follow. Which is why, if an incident does occur, our deep bench of trial attorneys can spring into action. As litigators, our team is able to quickly master the facts to assert or defend the interests of our clients. This includes representation related to federal and state regulatory and civil claims. Our team also handles the class-action litigation, regulatory investigations, and related disputes and lawsuits that often result from privacy or cybersecurity incidents and situations.

Cyber and Privacy Services for Insurance Companies

We know insurance. As legal counsel to insurers across the globe, we understand the unique and often complex challenges that cyber and privacy-related regulations and laws have on their business. We draw upon decades of industry insights and experience to help insurers navigate and manage privacy compliance and best practices advice to help insurers navigate and respond to these evolving compliance and operational challenges.

We assist insures with:

  • Cyber insurance coverage and monitoring for insurers
  • Defense before regulatory bodies
  • Defense of policyholders in cyber data privacy litigation
  • Incident response for policyholders
  • Cyber and privacy risk management

Publications