Practice Areas & Industries: Greenberg Traurig, LLP

 




Privacy and Data Security Return to Practice Areas & Industries

Group Profile Lawyers in this Group Offices Locations for this Group
 

Practice/Industry Group Overview

GT’s Privacy & Data Security Initiative is a multidisciplinary group of attorneys and professionals dedicated to developing strategies to address privacy, data security and information management issues, including:

  • Privacy audits, policies and procedures
     
  • Data security and PCI compliance
     
  • Employee privacy
     
  • Record retention/electronic discovery
     
  • International/cross-border data transfer
     
  • Data breach readiness and response
     
  • Litigation and dispute resolution

Capabilities

Our experience encompasses the full array of legislation and regulations, including:

  • Section 5 of the Federal Trade Commission Act
     
  • Gramm-Leach-Bliley Act (GLBA)
     
  • Fair Credit Reporting Act (FCRA)
     
  • Fair and Accurate Credit Transactions Act (FACTA)
     
  • USA PATRIOT Act
     
  • Sarbanes-Oxley Act
     
  • Health Insurance Portability and Accountability Act (HIPAA)
     
  • Children’s Online Privacy Protection Act (COPPA)
     
  • Consumer Fraud and Abuse Act
     
  • Electronic Communications Privacy Act (ECPA)
     
  • CAN-SPAM Act
     
  • State data breach notification laws
     
  • Global privacy and data protection laws
     
  • Industry standards
     
  • Self-regulation

Privacy Audits, Policies and Procedures

  • Develop privacy polices, consumer notices and necessary “opt-outs” or “opt-ins,” as required by federal and state law, for national banks, investment advisors, mortgage lenders, national and regional retailers, insurance enterprise affiliates and other clients
     
  • Negotiate and advise clients regarding joint ventures, marketing alliances and information sharing among affiliates and unaffiliated entities

Data Security and PCI Compliance

  • Advise clients regarding data security compliance and risk management
     
  • Develop and implement comprehensive data security policies, procedures and training programs, including payment card industry (PCI) compliance programs
     
  • Evaluate obligations in outsourcing agreements and negotiate vendor and service provider agreements
     
  • Develop and implement identity theft programs and procedures, including the Red Flag program required by FACTA

Employee Privacy

  • Advise employers regarding privacy rights as they relate to workplace communications, such as interception of e-mail and telephone calls, and employee workspaces
     
  • Represent employers in employee litigation alleging invasion of privacy or violation of privacy laws
     
  • Develop and implement personnel policies governing protection of employee data

Record Retention/Electronic Discovery

  • Determine minimum data retention requirements
     
  • Develop and implement data retention policies
     
  • Evaluate the risk of storing data beyond legally prescribed periods
     
  • Counsel on and assist clients in responding to electronic discovery requests in litigation

International

  • Counsel clients on privacy and information security-related matters around the world (GT has offices in Amsterdam, London* and Shanghai; and a strategic alliance with the independent law firm Studio Santa Maria in Milan and Rome)
     
  • Counsel clients concerning privacy and data security issues under the EU Data Protection Directive and its varied implementation by EU member states
     
  • Counsel multinational clients on the US-EU Safe Harbor Agreement relating to the EU Directive and on compliance alternatives to the Safe Harbor, including contractual arrangements and binding corporate rules

International/Cross-Border Data Transfer

  • Working with the attorneys in our foreign offices and strategic alliance firms, advise clients regarding compliance with global data protection laws, including the EU Data Directive and U.S. Safe Harbor Program
     
  • Draft and negotiate contracts relating to cross-border data flow to ensure compliance with applicable local country data and security laws and regulations

Data Breach Readiness and Response

  • Develop and implement data breach contingency response programs
     
  • Assist clients with notifications and coordination of criminal and civil responses following a data breach

Litigation and Dispute Resolution

  • Represent clients in cases involving privacy and property rights, file sharing, the Internet, spamming, spoofing, phishing, cybersquatting and identity theft
     
  • Represent employers in litigation alleging invasion of privacy, wiretapping and violations of electronic communication privacy

eCommerce and Technology

  • Counsel clients on compliance with laws governing eCommerce and the Internet
     
  • Develop and negotiate privacy provisions in licensing agreements and other contracts and prepare privacy notices and policies

Health Care

  • Evaluate special requirements governing the collection, use and transmittal of individually identifiable health information in the health care industry
     
  • Counsel clients concerning the implementation of policies compliant with HIPAA, the European Union Directive on
     
  • Data Protection/US-EU Safe Harbor Agreement and the expanding number of state laws governing health privacy

Financial Services

  • Counsel financial service providers about GLBA privacy requirements regarding collection and use of nonpublic personal information
     
  • For GLBA-covered entities, design privacy notices, determine permissible disclosures and draft appropriate agreements with joint marketers and service providers

Employee Privacy

  • Employers’ obligations to properly collect, handle and use information about their employees may be overlooked, particularly by those companies with operations overseas, where the legal requirements are strict and sometimes carry criminal penalties
     
  • Advise employers regarding workplace communications, such as interception of e-mail and telephone calls, and employee workspaces
     
  • Develop and implement personnel policies governing protection of employee information
     
  • Represent employers in litigation alleging invasion of privacy, wiretapping and violations of electronic communication privacy

 
 
Articles Authored by Lawyers at this office:

FINRA's New 'New' Discovery Guide:  E-Discovery, Affirmations and Product Cases
Michael E. Pastore,Scott E. Rahn, November 21, 2013
On Sept. 16, 2013, the SEC approved amendments to the Financial Industry Regulatory Authority, Inc. (FINRA) Dispute Resolution Discovery Guide (Discovery Guide), which will become effective on Dec. 2, 2013 for all customer cases filed on or after the effective date. FINRA petitioned the Securities...

Implications of the Elimination of the Restriction on General Solicitation for Cross-Border Equity Offerings Under Rule 144A by Foreign Private Issuers
Barbara A. Jones,Ira N. Rosner,Federico Salinas, October 29, 2013
On 11 July 2013, we published a client Alert on the amendments (Amendments), by the U.S. Securities and Exchange Commission (SEC) to Rule 506 and Rule 144A under the Securities Act of 1933, as amended (Securities Act), to permit general solicitation of investors in certain private securities...

FINRA Tells Arbitrators it Considers Expungement Relief 'Extraordinary'
Andy Clark,Terry R. Weiss, October 17, 2013
On October 14th, FINRA Dispute Resolution sent a cautionary mandatory Notice to all FINRA arbitrators who might consider broker expungement requests. According to the Notice, available online, the grounds listed in Rule 2080 for expungement of negative information from the Central Registration...

PIABA Calls Press Conference to Pressure for Further Restrictions on Broker Expungement
Andy Clark,Terry R. Weiss, October 17, 2013
In the midst of its annual meeting in Orlando, Florida, the Public Investors Arbitration Bar Association (PIABA) called a press conference to seek further restrictions in the recently-amended FINRA rules governing expungement of broker data in the FINRA and State managed broker database, the...