About Our Cybersecurity Privacy Practice

Law & Forensics Cybersecurity Privacy practice recognizes that cybersecurity continues to affect the bottom line. Organizations are confronting not only a daunting cybersecurity regulatory landscape, companies are facing growing liabilities and substantial penalties even when there is no data breach because of regulatory and statutory guidelines all over the globe that dictate how data is to be stored and used. (e.g., CCPA, DFS, Singapore Data Protection Act, GDPR, SEC, FTC, FCC, etc.)

Law & Forensics Cybersecurity Privacy practice is composed of experienced legal and privacy engineers that have a track record of working with in-house and outside lawyers to solve complex cyber and privacy issues. Our legal and privacy engineering teams have a track record of delivering solutions that allow organizations to understand where consumer and employee data is stored, how they collect the data, what means they use to collect the data, whether they are entitled to possess the data, and other questions organizations must be able to demonstrate to regulators to show compliance.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Cybersecurity and Data Privacy Advisory Services

  • Work with organization key stakeholders to identify, assess, manage and remediate risks arising from gaps in existing IT environment with respect to cyber and privacy regulatory frameworks.
  • Collaborate with organization privacy, compliance, technology, and legal stakeholders to ascertain an organization’s needs and advise on the appropriate standards with respect to build or review a privacy or cyber program.
  • Work with organizations to review existing controls, policies, procedures to identify gaps in existing privacy program, as well as, develop a goal state and a roadmap to achieve the goal state.

California Consumer Privacy Act (CCPA) Consulting

  • Work with clients to perform an assessment leveraging our proprietary privacy assessment tool that ascertains an organizations privacy posture against the CCPA, delivering a roadmap on to achieve compliance, and a framework to ensure going forward compliance.
  • Perform a review of all existing systems and create a robust and appropriate data map for these systems in a fashion that allows the company to support and maintain the data map without requiring any additional licenses fees or agreements.
  • Analyze existing data map, controls, policies, and related materials to identify gaps that an organization must address to demonstrate CCPA compliance
  • Collaborate with compliance, legal, and business stakeholders to perform a review of the current privacy program, specific to CCPA, and create and execute a program that will raise awareness and engagement across the company regarding CCPA requirements.

HIPAA Healthcare Privacy and Security Assessments and Solutions

  • Work with healthcare organizations (Covered Entity or Business Associate) that create, receive, maintain, or transmit protected health information (PHI) to periodically conduct a HIPAA risk assessment in order to comply with §164.308 of the HIPAA Security Rule.
  • Collaborate with an organization’s internal IT, compliance, and legal stakeholders to review existing controls, policies, procedures, test security and privacy controls, and interview appropriate staff.
  • Consult with an organization and outside counsel in responding to Health and Human Services (HHS) Office for Civil Rights (OCR) inquiries and perform independent risk assessments of a healthcare organization’s security and compliance posture against the safeguards specified in the HIPAA Security and Privacy Rule and assist companies to address gaps that are identified.

State and Industry Specific Privacy Readiness Consulting

  • Work with Chief Privacy Officer and other relevant stakeholders to review State and Industry-specific requirements, analyzing an organization’s current controls, policies, technologies, and systems.
  • Collaborate with appropriate stakeholders to develop and implement a privacy program that meets the requirements of the ever and quickly changing privacy regulatory landscape.

Case Studies by Industry

Industry/Sector: Healthcare

Type of Service: Review of Privacy Programs and Controls

Description: Hired by outside counsel to perform a review of a multibillion-dollar health organization’s privacy and cyber controls and to provide findings to lawyers. Efforts included:

    • Reviewed organization’s IT systems focusing on privacy and cyber regulatory obligations.
    • Worked with the company’s internal IT organization to identify gaps and provide steps necessary to remediate the inconsistencies.
    • Provided technical input and guidance on the appropriate response to various state AG’s and healthcare regulators in response to a data breach and cyber incident.
61+ Privacy Programs

reviewed

13+ Fortune 500

companies assisted

64+ CCPA Engagements

to date

58+ Healthcare Organizations

consulted

14+ Privacy Litigations

consulted

12+ Privacy Programs

established

About Our Cybersecurity Privacy Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders

Capabilities

Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees

Expertise

Review of Alternative Dispute Resolution Case Law in 2018

Quality Control