Cybersecurity and privacy are ongoing and pressing concerns for today’s businesses. Information is value. Technology is value. Both can present large risks. The protection and management of information and technology infrastructure are key. Legal decisions are becoming increasingly complex and affect a variety of significant regulatory, transactional, civil liability, and reputational risks.
Bradley’s multidisciplinary Cybersecurity & Privacy Practice Group has more than two decades of experience in privacy and information security law.
Our team is composed of attorneys from various practice groups, based in office locations in multiple states and the District of Columbia. Our diversity and breadth of experience allow us to quickly and efficiently assemble the right team to provide tailored counsel to clients of various sizes across industry sectors and regulatory schemes at each point of the data management lifecycle. These services are critical to our clients’ operations; companies that fail to protect proprietary business information or sensitive customer information face great potential losses and liability exposure, as well as serious public relations problems.
The dynamics of our team help our clients keep pace with and look ahead to the rapidly evolving and complex legal world of cybersecurity and privacy.
Medical Privacy Laws and Regulations, including the Health Insurance Portability and Accountability Act (HIPAA) as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the corresponding privacy and security regulations adopted by the U.S. Department of Health and Human Services.
Consumer Protection Laws, including federal statutes, such as the Federal Trade Commission (FTC) Act, Fair Credit Reporting Act (FCRA) and its Fair and Accurate Credit Transactions Act (FACTA) amendment, Children’s Online Privacy Protection Act (COPPA), Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (CAN-SPAM), and Telephone Consumer Protection Act (TCPA), as well as state statutes, such as security breach notice laws; state unfair and deceptive trade practices acts; and state-level analogs to the FCRA, TCPA, and similar federal statutes.
Financial Privacy and Bank Secrecy Laws and Regulations, including the Gramm-Leach-Bliley Act (GLBA) and its Safeguard Rule, FFIEC Cyberassessment Tool, FACTA Red Flag Rules, Right to Financial Privacy Act (RFPA), Bank Secrecy Act, and PATRIOT Act, including establishing information security and protection procedures and information security and privacy policies.
Litigation, in federal and state courts, in data breach and other privacy-related litigation, such as FACTA, FCRA, TCPA, GLBA, unfair or deceptive trade practices, and other statutory and common law claims, on both an individual and class action basis.
Our team further counsels clients in a diverse array of industries on online advertising and marketing; data-sharing programs; direct marketing relationships; privacy and data security program assessments and reviews (including NIST and FFIEC); payment card data security; online and electronic transactions; contracting and disclosures; data retention policies; joint marketing and service provider agreements; and social media, BYOD, and e-mail policies and training.