About Our Cybersecurity Privacy Practice

Law & Forensics Cybersecurity Privacy practice recognizes that cybersecurity continues to affect the bottom line. Organizations are confronting not only a daunting cybersecurity regulatory landscape, companies are facing growing liabilities and substantial penalties even when there is no data breach because of regulatory and statutory guidelines all over the globe that dictate how data is to be stored and used. (e.g., CCPA, DFS, Singapore Data Protection Act, GDPR, SEC, FTC, FCC, etc.)

Law & Forensics Cybersecurity Privacy practice is composed of experienced legal and privacy engineers that have a track record of working with in-house and outside lawyers to solve complex cyber and privacy issues. Our legal and privacy engineering teams have a track record of delivering solutions that allow organizations to understand where consumer and employee data is stored, how they collect the data, what means they use to collect the data, whether they are entitled to possess the data, and other questions organizations must be able to demonstrate to regulators to show compliance.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Cybersecurity and Data Privacy Advisory Services

  • Work with organization key stakeholders to identify, assess, manage and remediate risks arising from gaps in existing IT environment with respect to cyber and privacy regulatory frameworks.
  • Collaborate with organization privacy, compliance, technology, and legal stakeholders to ascertain an organization’s needs and advise on the appropriate standards with respect to build or review a privacy or cyber program.
  • Work with organizations to review existing controls, policies, procedures to identify gaps in existing privacy program, as well as, develop a goal state and a roadmap to achieve the goal state.

California Consumer Privacy Act (CCPA) Consulting

  • Work with clients to perform an assessment leveraging our proprietary privacy assessment tool that ascertains an organizations privacy posture against the CCPA, delivering a roadmap on to achieve compliance, and a framework to ensure going forward compliance.
  • Perform a review of all existing systems and create a robust and appropriate data map for these systems in a fashion that allows the company to support and maintain the data map without requiring any additional licenses fees or agreements.
  • Analyze existing data map, controls, policies, and related materials to identify gaps that an organization must address to demonstrate CCPA compliance
  • Collaborate with compliance, legal, and business stakeholders to perform a review of the current privacy program, specific to CCPA, and create and execute a program that will raise awareness and engagement across the company regarding CCPA requirements.

HIPAA Healthcare Privacy and Security Assessments and Solutions

  • Work with healthcare organizations (Covered Entity or Business Associate) that create, receive, maintain, or transmit protected health information (PHI) to periodically conduct a HIPAA risk assessment in order to comply with §164.308 of the HIPAA Security Rule.
  • Collaborate with an organization’s internal IT, compliance, and legal stakeholders to review existing controls, policies, procedures, test security and privacy controls, and interview appropriate staff.
  • Consult with an organization and outside counsel in responding to Health and Human Services (HHS) Office for Civil Rights (OCR) inquiries and perform independent risk assessments of a healthcare organization’s security and compliance posture against the safeguards specified in the HIPAA Security and Privacy Rule and assist companies to address gaps that are identified.

State and Industry Specific Privacy Readiness Consulting

  • Work with Chief Privacy Officer and other relevant stakeholders to review State and Industry-specific requirements, analyzing an organization’s current controls, policies, technologies, and systems.
  • Collaborate with appropriate stakeholders to develop and implement a privacy program that meets the requirements of the ever and quickly changing privacy regulatory landscape.

Case Studies by Industry

Industry/Sector: Healthcare

Type of Service: Review of Privacy Programs and Controls

Description: Hired by outside counsel to perform a review of a multi-billion-dollar health organization privacy and cyber controls and provide findings to lawyers. Efforts included:

    • Reviewing organization IT systems focusing on privacy and cyber regulatory obligations,
    • Working with companies internal IT organization to identify gaps and steps necessary to remediate gaps,
    • Provide technical input and guidance on appropriate response to various state AG’s and healthcare regulators in response to a data breach and cyber incident.
56 privacy programs

reviewed

11 Fortune 500

companies assisted

63 CCPA engagements

to date

57 Healthcare

organizations consulted

11 privacy programs

established

16 privacy litigations

advised

About Our Cybersecurity Privacy Practice Edge

Capabilities

We leverage our veteran privacy and cybersecurity engineers and attorneys to assist companies and organizations in providing thoughtful guidance on privacy issues and policy and in dealing with privacy issues arising from a data breach or a cybersecurity incident.

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Our Cybersecurity Privacy practice is spearheaded by legal, technical and privacy engineers with decades of experience working on complex privacy issues. Our hybrid team has privacy experts all over the world, including the United States, Canada, Europe and Asia-Pacific. Our Team has a wealth of practical and hands-on experience and is just as comfortable working with legal and business executives as with technologists. We have hundreds of successful engagements for big and small organizations ranging from building a program to stepping in and completing a program that was on the ropes. Our team holds multiple privacy and security certifications and prestigious teaching appointments at world class law schools.

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.