Data Privacy & Security

Foley Hoag’s Data Privacy & Security Practice Group have deep experience in all of these areas, having advised a variety of organizations -- from start-ups to Fortune 100 companies -- for many years.  We have helped clients draft policies, train personnel, defended against data breach claims, manage breach reporting and governmental investigations, and appropriate actions to take in response to unique privacy and security scenarios.  Foley Hoag’s deep bench and broad experience is a valuable asset in this complex and shifting environment.

HIPAA Expertise

Foley Hoag has additionally developed specific and vast knowledge with regard to HIPAA (the Health Insurance Portability and Accountability Act of 1996) which been one of the most influential pieces of legislation for the health care industry.  In particular, the burden of compliance with HIPAA’s privacy and security requirements threatens to overwhelm many providers. 

Foley Hoag has addressed these complicated issues on behalf of clients from all ends of the health care spectrum, from traditional health care providers to companies developing cutting edge eHealth and big data applications.  We have worked on behalf of clients across the United States and around the world, and have extensive experience in the integration of HIPAA and individual state health information law.  

Our Data Security & Security Practice Group provides a comprehensive suite of services that address these myriad challenges:

• Complying with state, federal and international laws that govern information security, identity theft, and surveillance
• Complying with HIPAA’s privacy and security requirements
• Assisting with state and federal investigations (including by the FTC, SEC, HHS, and OCR)
• Developing privacy and information security policies
• Negotiating third-party data security agreements
• Investigating, litigating and resolving security incidents, including competitive espionage and proprietary data leaks
• Counseling on corporate governance
• Advising clients on safeguarding company records, financial information and other valuable information assets

Our attorneys are also well-versed regarding compliance with federal laws and regulations, including the FTC Act, the Computer Fraud & Abuse Act (CFAA), the Electronic Communications Privacy Act as amended by the U.S. PATRIOT Act, the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Children’s Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA).

For the latest developments in privacy and data security, turn to Foley Hoag’s blog, Security, Privacy and the Law , which focuses on the security and privacy issues encountered by businesses that often require immediate and discreet solutions. Here we cover topics that arise from guiding our clients through the process of complying with the ever-growing number of state, federal and international laws governing information security, identity theft, HIPAA compliance, surveillance and other privacy issues.