Cybersecurity Privacy Practice

Cybersecurity Privacy

About Our Cybersecurity Privacy Practice

Law & Forensics Cybersecurity Privacy practice recognizes that cybersecurity continues to affect the bottom line. Organizations are confronting not only a daunting cybersecurity regulatory landscape, companies are facing growing liabilities and substantial penalties even when there is no data breach because of regulatory and statutory guidelines all over the globe that dictate how data is to be stored and used. (e.g., CCPA, DFS, Singapore Data Protection Act, GDPR, SEC, FTC, FCC, etc.)

Law & Forensics Cybersecurity Privacy practice is composed of experienced legal and privacy engineers that have a track record of working with in-house and outside lawyers to solve complex cyber and privacy issues. Our legal and privacy engineering teams have a track record of delivering solutions that allow organizations to understand where consumer and employee data is stored, how they collect the data, what means they use to collect the data, whether they are entitled to possess the data, and other questions organizations must be able to demonstrate to regulators to show compliance.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Cybersecurity and Data Privacy California Consumer Privacy Act HIPAA Healthcare Privacy Readiness Consulting

Cybersecurity and Data Privacy Advisory Services

Work with organization key stakeholders to identify, assess, manage and remediate risks arising from gaps in existing IT environment with respect to cyber and privacy regulatory frameworks.
Collaborate with organization privacy, compliance, technology, and legal stakeholders to ascertain an organization’s needs and advise on the appropriate standards with respect to build or review a privacy or cyber program.
Work with organizations to review existing controls, policies, procedures to identify gaps in existing privacy program, as well as, develop a goal state and a roadmap to achieve the goal state.

California Consumer Privacy Act (CCPA) Consulting

Work with clients to perform an assessment leveraging our proprietary privacy assessment tool that ascertains an organizations privacy posture against the CCPA, delivering a roadmap on to achieve compliance, and a framework to ensure going forward compliance.
Perform a review of all existing systems and create a robust and appropriate data map for these systems in a fashion that allows the company to support and maintain the data map without requiring any additional licenses fees or agreements.
Analyze existing data map, controls, policies, and related materials to identify gaps that an organization must address to demonstrate CCPA compliance
Collaborate with compliance, legal, and business stakeholders to perform a review of the current privacy program, specific to CCPA, and create and execute a program that will raise awareness and engagement across the company regarding CCPA requirements.

HIPAA Healthcare Privacy and Security Assessments and Solutions

Work with healthcare organizations (Covered Entity or Business Associate) that create, receive, maintain, or transmit protected health information (PHI) to periodically conduct a HIPAA risk assessment in order to comply with §164.308 of the HIPAA Security Rule.
Collaborate with an organization’s internal IT, compliance, and legal stakeholders to review existing controls, policies, procedures, test security and privacy controls, and interview appropriate staff.
Consult with an organization and outside counsel in responding to Health and Human Services (HHS) Office for Civil Rights (OCR) inquiries and perform independent risk assessments of a healthcare organization’s security and compliance posture against the safeguards specified in the HIPAA Security and Privacy Rule and assist companies to address gaps that are identified.

State and Industry Specific Privacy Readiness Consulting

Work with Chief Privacy Officer and other relevant stakeholders to review State and Industry-specific requirements, analyzing an organization’s current controls, policies, technologies, and systems.
Collaborate with appropriate stakeholders to develop and implement a privacy program that meets the requirements of the ever and quickly changing privacy regulatory landscape.

Case Studies by Industry

Healthcare Organization

Industry/Sector: Healthcare

Type of Service: Review of Privacy Programs and Controls

Description: Hired by outside counsel to perform a review of a multibillion-dollar health organization’s privacy and cyber controls and to provide findings to lawyers. Efforts included:

- Reviewed organization’s IT systems focusing on privacy and cyber regulatory obligations.
- Worked with the company’s internal IT organization to identify gaps and provide steps necessary to remediate the inconsistencies.
- Provided technical input and guidance on the appropriate response to various state AG’s and healthcare regulators in response to a data breach and cyber incident.

Fortune 200 Commercial Real Estate Services Company

Industry/Sector: Real Estate

Type of Service: Privacy and Cybersecurity Program Review

Description: Retained by Chief Compliance Officer to work directly with Chief Privacy Officer to perform a GAP analysis of the organization’s existing privacy program and implement a new privacy program. Efforts included:

- Reviewed privacy requirements in 60 countries.
- Created a privacy program alongside outside counsel.
- Worked with the IT organization to review, develop and integrate privacy controls and SOPs into the organization’s existing IT operations.
- Managed the third-party consulting organization responsible for implementing the privacy program.

Automobile Supply Chain and Manufacturing

Industry/Sector: Automotive

Type of Service: Create Privacy Program that is CCPA Compliant

Description: Retained by a multibillion-dollar organization’s senior legal and IT leadership to develop and implement a CCPA compliant privacy program. Efforts included:

- Conducted extensive system and business owner interviews to identify data and systems operating in the organization.
- Created and delivered an enterprise-wide data map that the organization’s internal IT could support going forward.
- Worked with counsel to create controls and policies necessary to demonstrate that the privacy program was CCPA compliant.
- Collaborated with HR, compliance and the IT organization to create necessary CCPA components (e.g., managing data requests, executing data removal requests, and tracking CCPA requests).

61+ Privacy Programs

reviewed

13+ Fortune 500

companies assisted

64+ CCPA Engagements

to date

58+ Healthcare Organizations

consulted

14+ Privacy Litigations

consulted

12+ Privacy Programs

established

About Our Cybersecurity Privacy Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders

Capabilities

We leverage our veteran privacy and cybersecurity engineers and attorneys to assist companies and organizations in providing thoughtful guidance on privacy issues and policy and in dealing with privacy issues arising from a data breach or a cybersecurity incident.

Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Our Cybersecurity Privacy practice is spearheaded by legal, technical and privacy engineers with decades of experience working on complex privacy issues. Our hybrid team has privacy experts all over the world, including the United States, Canada, Europe and Asia-Pacific. Our Team has a wealth of practical and hands-on experience and is just as comfortable working with legal and business executives as with technologists. We have hundreds of successful engagements for big and small organizations ranging from building a program to stepping in and completing a program that was on the ropes. Our team holds multiple privacy and security certifications and prestigious teaching appointments at world class law schools.

Review of Alternative Dispute Resolution Case Law in 2018

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.

Cybersecurity Privacy

About Our Cybersecurity Privacy Practice

Cybersecurity and Data Privacy Advisory Services

California Consumer Privacy Act (CCPA) Consulting

HIPAA Healthcare Privacy and Security Assessments and Solutions

State and Industry Specific Privacy Readiness Consulting

Capabilities

Competitive fees

Expertise

Quality Control

Newsletter

Contact Us

CYBERSECURITY PRACTICE

EDISCOVERY PRACTICE

DIGITAL BANKING

FORENSICS PRACTICE

ARTICLES

WEBINARS

RESOURCES