Privacy and Data Protection

The collection, retention, use and protection of personally identifiable or confidential information, including customer data, medical records, employee records and proprietary corporate information, is a convoluted and rapidly changing area of the law. Likewise, reported data breaches and computer intrusions are at an all-time high. Attorneys at Duane Morris regularly handle security breaches and are highly knowledgeable about privacy and security laws—including U.S. federal laws (including HIPAA, GLB, SOX, CAN-SPAM, Do-Not-Call, Computer Fraud and Abuse Act), state (breach notification and related statutes) and legislation in Europe and Asia—and frequently provide clients with compliance and auditing advice on privacy and IT security exposure. We have extensive experience in regulated industries (e.g., healthcare, financial services, telecom, insurance, etc.) and consult on the collection and transmission of data outside the United States and pursuant to the EU Privacy Directive.

Attorneys in the firm's Information Technologies and Telecom practice group develop and draft Web privacy policies and corporate IT security and technology policies, conduct compliance training for employees, assist in the legal aspects of IT security audits, and prepare data retention policies and SAS 70 and ISO 27000 reports (including issues involving the security of data in third-party data centers). As class action and related litigation arising from privacy and IT security breaches increases, our lawyers are also well positioned to handle or assist in the litigation of damages actions in these often high-profile cases.

Duane Morris can assist in a wide variety of areas related to data security and privacy:

Regulatory Advice

Navigating the complex regulatory minefield governing data protection is challenging. We rely on our extensive knowledge of federal, state and international laws, as well as current FTC guidance and client advocacy, to provide sound advice regarding privacy and security of consumer data in such industries as healthcare, financial services, telecom, insurance and others. In many of these markets, careful attention must also be given to the provisions of vendor and customer agreements in order to ensure regulatory compliance and to minimize the risk of potentially harmful electronic data breaches.

Policy Development and Enforcement

Members of the IT&T practice group regularly prepare and update an array of IT security policies, including:

  • Online and brick-and-mortar privacy and security policies for collecting, handling and protecting sensitive data
  • Enterprise data retention and destruction policies
  • Internal corporate employee policies for handling and use of confidential company or customer information
  • Guidelines and advice regarding protection of competitively sensitive corporate information (e.g., trade secrets, copyrights, proprietary and confidential data, customer information, records data and product/pricing information)

Employee Training

In today's digital age, where a single misplaced laptop or flash drive can land a company in the crosshairs of the plaintiffs' bar, corporations of all sorts must develop internal human resource (HR) policies for employees governing handling and use of information. Attorneys in the practice group have a wealth of experience preparing and training employees on permissible employee usage of IT assets (e.g., laptops, USB drives, camera phones, iPods, PDAs, etc.) and services (e.g., email, instant messaging and SMS/text messaging). Our attorneys also advise clients on identity theft by employees (reportedly 70% of identity theft in the United States occurs internally) and on the scope of employers' rights to monitor and intercept employee communications.

Transactional Safeguards

Every corporate sale or vendor agreement, particularly if it involves partnering with another company for some or all of manufacturing or fulfillment, presents a risk to privacy and data security. Where regulatory standards exist, they must be incorporated into (and followed upon implementation of) transactional agreements. Where state-specific requirements, frequently pioneered in California, are at issue, attention must be given to ensuring that deal partners know and adhere to the law despite geographic differences.

mHealth, Telemedicine and Medical Data

Information technology is becoming increasingly entwined with healthcare. From accessing electronic medical records to wireless delivery of test results and treatment information, mobile health (mHealth), telemedicine and health information technology (HIT) issues regarding privacy and data protection continue to grow exponentially in the healthcare space. Duane Morris has a multidisciplinary client team experienced in addressing the legal issues that clients must consider in developing, funding or deploying a product or service that could be considered mHealth or telemedicine, or relies on HIT. The firm also regularly represents providers, such as hospitals, physicians and nursing homes, health plans and payors, vendors and other entities on the privacy and security requirements, including breach responses, under the Health Insurance Portability and Accountability Act (HIPAA) and other laws.

Security Breach, Crisis Management and Litigation

No data security process is impenetrable, and vulnerabilities, whether inadvertent or malicious, will always exist. Hence, when Social Security or credit card numbers are hacked from a corporation's IT system, there is more than one audience for the board of directors to satisfy. Astute directors and CEOs will devote equal attention to three complementary areas: media relations, legal compliance and proactive fixes. While adhering to statutory obligations for customer notice is necessary, it is far from sufficient to ward off or end litigation claims by federal agencies (principally the FTC) and by those whose information has been compromised. At Duane Morris, our IT&T attorneys can assist in each of these endeavors, through and including trial of damages and class action claims.

Locations (1)

People (858)

Peer Reviews

  • 4.9/5.0 (484)
  • Legal Knowledge

  • Analytical Capability

  • Judgment

  • Communication

  • Legal Experience


See All 299 Reviews See All 299 Reviewed Attorneys »

*Attorneys who only have peer reviews prior to April 15, 2008 are not displayed.

Client Reviews

  • 4.5/5.0 (57)
  • 89% (51)
  • Communication

  • Responsiveness

  • Quality of Service

  • Value for Money


See All 57 Reviews See All 57 Reviewed Attorneys »


Documents ({{amountArticles}})

Documents by this Organization on
Other documents: ,


"In my discussions with Duane Morris leaders, they frequently speak about how diversity within their firm has enabled them to better serve their diverse clients. They understand that investing in diversity is a wise business decision that positions them for the marketplace of the future."

Don Liu
Senior VP, General Counsel & Corporate Secretary
Xerox Corporation

At Duane Morris, achieving diversity is paradoxical. By supporting and celebrating the differences of our attorneys - and the individual strengths that they bring - our firm culture expands, fostering creative solutions for our clients. But diversity at Duane Morris does not mean that we have a certain number of diverse attorneys; true diversity means that it is no longer noteworthy to see diverse lawyers leading our practice groups or managing client relationships. Ascending to positions of leadership and greater responsibility and providing the highest levels of client service is simply what is expected of all our lawyers. Diversity is another strong asset that adds to our collective abilities to meet the needs of our clients.

Our vision of diversity at Duane Morris is to realize an environment in which our lawyers' outstanding qualities are not just measured by ethnicity, race, gender and sexual orientation, but more importantly, that our lawyers are remarkable as excellent attorneys above all else. Only then can we celebrate our differences while focusing on the common pursuit of legal excellence which everyone shares at Duane Morris.

To reach this goal, Duane Morris understands that the familiar diversity strategies and policies that most law firms have are needed. Without demanding results from such policies, most law firms are bound to fail in even achieving numerical hiring and retention goals. Duane Morris has been proactive and ambitious in its efforts to improve diversity at the firm, and has set deadlines for reaching the milestones which mark our progress. To create a more diverse law firm, Duane Morris is:

  • Committed to strategically increasing our diversity levels, which is currently at 10 percent.
  • Bringing together our Diversity Committee and our Hiring and Retention Committee to raise diversity as an important factor in our hiring decisions.
  • Dedicated to improving retention by building upon our monitoring and mentoring program for all diverse associates.

Combining new initiatives with our longstanding diversity efforts, Duane Morris has seen increasingly positive results. In the Minority Law Journal's annual diversity survey of the nation's largest 260 firms, Duane Morris continued to improve its regional and national ranking, rising to number 136 of all firms surveyed. Our strides in Philadelphia are encouraging; in a city known for both the racial diversity of its population and the lack thereof in its law firms, Duane Morris is one of only two law firms to exceed the national average of minority partners at all law firms. Additionally, Duane Morris leads all national law firms based in Philadelphia in the number of Latino partners. Nearly 30 percent of all of our attorneys are women, and more than 20 percent of our partners are women.

In our approach to diversity, progress in racial, gender and cultural diversity cannot be measured in numbers alone. Duane Morris has focused our diversity initiatives on both increasing the number of diverse associates and addressing the challenges diverse attorneys face in building lasting careers and rising to senior and leadership positions. While several of our key practice groups are led by diverse partners and female partners, Duane Morris endeavors to create a culture which will foster a deep pool of such attorneys who can then develop into the firm's future leaders. Duane Morris understands that simply hiring diverse associates will not change the diversity of the firm; Duane Morris is working to mentor and retain diverse associates so that our progress in racial, gender and cultural diversity is also reflected at the highest levels of leadership within the firm.

Our progress on gender diversity has been profound. We have no glass ceilings: women hold positions of leadership at all levels of management at the firm. Women lead a number of our key practice groups, including our Energy, Immigration and International practices, and serve on the firm's Executive Committee. The success of our female attorneys at Duane Morris has not gone unnoticed. Barbara Adams was chair of the firm's Finance Practice until her appointment by Pennsylvania Governor Edward Rendell to serve as General Counsel of the Commonwealth. In 2004, our longtime General Counsel, Gene E.K. Pratter, was approved by the United States Senate and is now a judge for the U.S. District Court for the Eastern District of Pennsylvania.

Our efforts to improve diversity extend beyond our firm's walls. The chair of our Diversity Committee, Nolan N. Atkinson, Jr., recognized the lack of diversity in Philadelphia's legal community and formed the Philadelphia Diversity Law Group. Nolan now serves as the chair of the organization, a consortium of 25 law firms and corporations that commits to employing at least one diverse first-year law student each as a summer associate. From this program, law students of diverse backgrounds gain access to what was once an exclusive legal community, and now have the opportunity to learn and develop their legal careers with experience at Philadelphia's top law firms.

In addition to our involvement in the Philadelphia area, Duane Morris has increased our presence at national conferences and events focused on diversity. We sponsor the Hispanic National Bar Association and its job fair. Duane Morris is also a longtime supporter and sponsor of the Equality Forum, a national gay and lesbian rights organization. Duane Morris continues to sponsor the Minority Corporate Counsel Association, and is active in other associations of diverse attorneys including: the Asian American Bar Association of the Delaware Valley; the Charles Houston Bar Association; Cuban Bar Association; Korean American Lawyers Association; National American Indian Housing Counsel and the National Bar Association.

The challenge of improving gender, ethnic and cultural diversity at Duane Morris is an ongoing effort that has the support of the entire firm. Duane Morris has been at the vanguard in supporting gender diversity throughout the firm beginning a generation ago. Our diversity programs are leading to similar success in improving racial and national origin diversity at Duane Morris. But even as we share these examples of Duane Morris attorneys and our involvement in numerous legal events, associations and programs for diversity, our hope is that such examples will no longer be necessary to mention in the future. We hope that through our efforts, and the efforts of other law firms, these stories become so common that they are no longer the remarkable accomplishments they are today, but simply routine aspects of the legal world tomorrow.