Overview
The complexity of data use and management demands seasoned industry professionals who can help you make the right decisions. The attorneys in Foley Hoag’s Data Privacy & Security Practice Group can help you understand and navigate the risks inherent in the maintenance and management of sensitive data. We are dedicated to keeping you a step ahead, using hands-on experience to guide your business through every facet of the privacy and data security challenges it may face.
Challenges presented by data privacy and security can be difficult to categorize. Sensitive corporate and personal data is a necessary element of 21st century business, non-profit and government organizations. In the past decade, there has been an explosion of data, innovative uses for data, and internal and external threats to the privacy and security of data. As a result, data privacy and security challenges often involve many different fields of law, including state and federal regulatory compliance, risk management, contract negotiation, intellectual property, corporate governance and litigation.
More »
Foley Hoag’s Data Privacy & Security Practice Group have deep experience in all of these areas, having advised a variety of organizations -- from start-ups to Fortune 100 companies -- for many years. We have helped clients draft policies, train personnel, defended against data breach claims, manage breach reporting and governmental investigations, and appropriate actions to take in response to unique privacy and security scenarios. Foley Hoag’s deep bench and broad experience is a valuable asset in this complex and shifting environment.
HIPAA Expertise
Foley Hoag has additionally developed specific and vast knowledge with regard to HIPAA (the Health Insurance Portability and Accountability Act of 1996) which been one of the most influential pieces of legislation for the health care industry. In particular, the burden of compliance with HIPAA’s privacy and security requirements threatens to overwhelm many providers.
Foley Hoag has addressed these complicated issues on behalf of clients from all ends of the health care spectrum, from traditional health care providers to companies developing cutting edge eHealth and big data applications. We have worked on behalf of clients across the United States and around the world, and have extensive experience in the integration of HIPAA and individual state health information law.
Our Data Security & Security Practice Group provides a comprehensive suite of services that address these myriad challenges:
- Complying with state, federal and international laws that govern information security, identity theft, and surveillance
- Complying with HIPAA’s privacy and security requirements
- Assisting with state and federal investigations (including by the FTC, SEC, HHS, and OCR)
- Developing privacy and information security policies
- Negotiating third-party data security agreements
- Investigating, litigating and resolving security incidents, including competitive espionage and proprietary data leaks
- Counseling on corporate governance
- Advising clients on safeguarding company records, financial information and other valuable information assets
Our attorneys are also well-versed regarding compliance with federal laws and regulations, including the FTC Act, the Computer Fraud & Abuse Act (CFAA), the Electronic Communications Privacy Act as amended by the U.S. PATRIOT Act, the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Children’s Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA).
For the latest developments in privacy and data security, turn to Foley Hoag’s blog, Security, Privacy and the Law , which focuses on the security and privacy issues encountered by businesses that often require immediate and discreet solutions. Here we cover topics that arise from guiding our clients through the process of complying with the ever-growing number of state, federal and international laws governing information security, identity theft, HIPAA compliance, surveillance and other privacy issues.