Practice/Industry Group Overview
More than 50 countries now have their own data privacy laws regulating how the collection, use and disclosure of private information can be utilized – and the European Union’s new General Data Protection Regulations will soon be enacted. With technology evolving, and new privacy and data security laws frequently being passed, it has become increasingly important for companies to know if they are in compliance with the various privacy laws and regulations.
Carroll, Burdick & McDonough's Privacy and Data Security group, consisting of attorneys in the U.S. and Europe, brings together the necessary knowledge and experience to assist companies in determining if they are in compliance with federal, state and local laws governing privacy and data security. We advise on structuring information flow within companies between companies and their customers and across borders. Our team partners with companies, large and small, to develop and implement privacy and data use policies, prevent security breaches, deal with regulatory investigations, and handle all reporting requirements and litigation that surround a breach. The Privacy and Data Security Group also relies on the experience of attorneys in the firm’s other leading practice areas, particularly the litigation, class actions, and intellectual property groups.
Our attorneys in the United States and Europe counsel clients on a wide range of information technology and cyber-law issues. Some examples of our experience include:
- Draft online privacy policies for start-ups and mid-size companies with business operations worldwide.
- Provide legal advice to a major European insurance group on privacy and data security issues relating to the use of private mobile devices (BYOT)
- Counsel a European public healthcare company on data warehousing/CRM cloud software project involving the processing of sensitive customer data outside of the EU
- Counsel a German car manufacturer on privacy law based defenses to discovery requests
- Advised S&P 500 American multinational technology and consulting corporations on international data transfers between Europe and the U.S. including location of email servers per human resources, drafting of corresponding data transfer safe harbor and data processing agreements
- Counseled European hospital chain on privacy and data security issues in conjunction with its information technology contracts and electronic supply chain management.
- Advised a “SAP House” service provider on data security and privacy issues in conjunction with drafting their standard on-site computer and software maintenance contracts.
- Provided legal advice to European software development company regarding general terms and conditions for SaaS cloud computing solution.