Goldberg Segalla LLP

Data is everywhere and everything. It is a resource and a currency; it is a lock and a key; it makes up environments and identities. Businesses in every industry recognize data as an endless stream of opportunity. Too often, they fail to recognize the risk.

The Goldberg Segalla Cybersecurity and Data Privacy Practice Group is a multidisciplinary team of attorneys working across the country to counsel, train, and defend clients in numerous industries facing all conceivable cybersecurity and data-related matters. With verdict-tested trial lawyers, preeminent intellectual property litigators, and leading regulatory attorneys collaborating to provide 360-degree cyber counsel, our team helps industry-leading companies, their executives and IT professionals, and their insurers to:

• Assess and address data security risks and cyber coverage
• Prepare for cyberattacks and data breaches
• Create policies and procedures to mitigate risk and minimize liability
• Respond quickly and comprehensively to data security incidents
• Defend against post-breach claims and legal proceedings, as well as legal challenges to data-related business practices
• Navigate regulatory, statutory, and contractual requirements at every level
• Anticipate the future flashpoints that will define the fields of cybersecurity, data privacy, and intellectual property

Data Breach Prevention, Management, and Litigation

Because businesses collect and employ data at every level, technological vulnerabilities, outdated practices and policies, and human errors create risks at every level. Some of these risks include:

• Loss of personally identifiable information — from customers and employees
• Theft of business and trade secrets and other intellectual property
• Attacks on networks and operating systems and resulting business disruption
• Challenges to business practices involving collection and usage of information about customers and the disclosure of those practices
• Exposures stemming from service providers, business partners, and employees

As many companies have learned through experience, the task of managing cyber threats does not begin — or end — with the initial response to a data breach. The company that reacts to a cybersecurity incident is positioned for loss, liability, and business disruption. Our approach, by contrast, is comprehensive: By providing counseling and training on how to anticipate risks, assess coverage needs, prepare for breaches, and execute response plans, we’ve been able to help our clients avoid serious incidents, limit liability, and implement the best workplace cybersecurity policies and practices.

When attacks or breaches do occur, we help clients respond and recover more quickly and efficiently. Our attorneys are ready to spring into action at a moment’s notice to oversee or assist a client’s internal incident response team. In addition, clients can rely on our deep bench of accomplished trial lawyers, equipped with experience defending high-profile consumer class actions and multidistrict litigation, to defend any claims that might arise in the aftermath of an attack or breach.

Preparation

Our approach to data breach preparedness and cybersecurity practices is comprehensive, proactive, and adaptable to the global industries and markets in which our clients do business. More importantly, we tailor that approach to fit each client’s size and structure, IT resources, business philosophies and practices, and unique risks and vulnerabilities.

Assessing Risks and Limiting Liability

Our services often begin with a comprehensive technology liability audit. Our experienced attorneys will identify risks at every level, translating complex legal, technology, security, and information governance issues into plain English and offer practical advice on eliminating, limiting, or mitigating those risks.

Drawing on the experience and resources of our Global Insurance Services practice group — comprising attorneys who have worked at the cutting-edge of cyber risk policy development and coverage litigation, and regularly offer cyber coverage opinions to the world’s leading insurers — we also review and recommend cyber risk coverage policies to our clients in finance, entertainment and media, life sciences, high-tech manufacturing, and other industries. Comfortable working in this ever-evolving area of insurance coverage, we regularly negotiate or rewrite policies to include our commitment to represent the client in the event of a data breach or other claim.

We help businesses of all sizes and structures develop policies and procedures to maximize their security and minimize the potential for a data breach; choose the right insurance policies to match their needs and potential risks; and take steps to limit potential liability related to a hacking attack or virus, a data security breach, cybercrime, or other data-related incident.

Data Collection and Privacy Practices and Regulatory Compliance

Our attorneys are deeply versed in the latest regulatory compliance requirements covering data security, breach preparedness and response, and privacy, and we closely watch the judicial decisions and communications from administrative bodies at every level that indicate how the regulatory landscape is shifting.

We frequently conduct regulatory compliance audits, covering state, federal, and international requirements. We advise companies on requirements pertaining to the collection, storage, and destruction of personally identifiable information, and help realign noncompliant policies or practices.

Our regulatory experience covers:

• Federal and state privacy-related laws and regulations, including:
  
  • Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Children’s Online Privacy Protection Act (COPPA)
  • Federal Information Security Management Act (FISMA)
  • Support Anti-Terrorism by Fostering Effective Technologies Act (SAFETY Act)
  • Fair and Accurate Credit Transaction Act (FACTA)
  • Telephone Consumer Protection Act (TCPA)
  • Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM)
  • California’s Shine the Light Law, Online Privacy Protection Act, and Confidentiality of Medical Information Law
• State-specific data security and breach response laws
• Federal agency cybersecurity guidelines, including those issued by the FTC, FDA, FCC, and the NIST cybersecurity framework
• International data protection laws, including EU and Latin American requirements

In addition, we leverage our knowledge and experience to assist clients with more complex and industry-specific regulatory requirements, including:

• Compliance with Payment Card Industry Data Security Standards (PCI-DSS) pre-incident and post-data breach obligations
• Conducting due diligence and advising on compliance with privacy and data security laws in the sale and acquisition of company assets, including customer lists and databases containing personally identifiable information
• Auditing multitiered contractual privacy obligations pertaining to third-party online ad-serving companies and instituting policies and procedures for data collection, use, and disclosure
• Advising large multinational retailers on privacy policies, terms of use, and terms of sales to comply with FTC and FCC regulations, and advising on compliance for sweepstakes, advertising promotions, and product-placement agreements

Security Policies and Contracts

We help businesses develop internal, client-facing, and third-party privacy and security policies.

We counsel management on workplace privacy issues, including employee monitoring, whistleblower laws, safeguarding of employee’s personal data, Fair Credit Reporting Act requirements in employee screening and investigations, and faithless servant data theft litigation

We also draft consumer-facing disclosures, including privacy policies, terms of use and service, and social media policies

In addition, our team can assist with contracts, agreements, indemnification clauses, and other vehicles to protect against liability. We develop and negotiate security agreements to ensure vendors defend and indemnify our clients on privacy and security issues, and we have experience with agreements involving cloud service providers, co-location facilities, outsourced services, and other entities.

Data Breach Protocols and Crisis Coaching

We work with management, IT professionals, and in-house counsel to help our clients develop and train computer security incident response teams (CSIRTs). This includes conducting tabletop exercises and war games and teaching CSIRTs how to administer broader incident response training programs for other employees.

With our cutting-edge crisis coaching, our clients are prepared to act quickly and decisively, preserving digital evidence, meeting changing and immensely complex notification requirements, and managing public relations to minimize reputational harm and help restore confidence in the company.

Response

Committed to providing clients with dynamic, adaptable, and cost-efficient legal service, we are equally capable of working as an auxiliary to a client’s CSIRT and in-house counsel or taking the lead and managing every aspect of the response. This is why scores of clients of all sizes and across industries make Goldberg Segalla their first call after discovering a cybersecurity incident.

Breach Response and Crisis Management

As trial lawyers, we understand that every decision made before an incident and during a data breach response — from the first call through closing the incident — can dramatically impact potential liability and the course of future litigation. Our comprehensive cyber crisis management services include:

• Coordination of the forensic investigation
• Evidence preservation
• Working with law enforcement
• Advising on multi-state notification requirements
• Advising on HIPAA notification requirements
• Responding to Office for Civil Rights (OCR) investigations and other regulatory and administrative inquiries

Post-Breach Regulatory Compliance

In addition to compliance with regulations pertaining to general data collection and privacy, we also guide clients through the intensely complicated regulatory demands triggered when a breach occurs. These include:

• Federal Trade Commission’s Children’s Online Privacy Protection Act (COPPA)
• Gramm-Leach-Bliley and Dodd-Frank Acts
• Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act
• New European Union data protection laws
• Disclosure guidelines imposed and enforced by the Securities and Exchange Commission (SEC) as well as multiple state and international insurance industry regulatory authorities

Policy Reassessment and Public Relations

It is impossible to predict and prevent every breach. Sony, the Democratic National Committee, Experian, Ukranian power authorities, and too many others to count offer ample evidence. However, businesses and institutions that respond well to breaches can emerge even stronger after the recovery.

Our post-breach services include working with management, public relations teams, and outside consultants to develop and execute a media and public relations plan that minimizes reputational harm and restores confidence in the company while maintaining compliance with applicable regulatory requirements.

We also help clients seize on the post-breach opportunity to strengthen data protections, running comprehensive post-breach cybersecurity audits and recommending changes to policies, procedures, and response plans as needed.

Defense

Even the strongest and most effective response to a cybersecurity incident leaves open the possibility of costly lawsuits. While companies can take significant steps to limit liability and cut off avenues of plaintiffs’ attacks, they may still need the representation of a proven trial team with deep experience in the evolving legal issues unique to cybersecurity and data protection.

Breach-Related Litigation

As a firm founded by trial lawyers, we bring to each matter the savvy and successful track record of our Business and Commercial, Product Liability, Professional Liability, Global Insurance Services, and other litigation teams. We also bring extensive experience litigating other matters involving technology, including both prosecuting and defending business-to-business litigation involving website use, data transfer, and data storage issues.

Class Action Defense

Our Class Action Litigation Practice Group has successfully defended Fortune 500 companies as lead counsel in national and state-wide class actions, including high-risk, multimillion-dollar litigation.

A sampling of our trial and litigation experience includes:

• Representing a telephone company in actions challenging the company’s use of fax communications as violative of the Junk Fax Prevention Act
• Representing a health care company against a class action lawsuit alleging a data breach of personal health information
• Representing numerous retailers, hospitality and other clients in putative class action lawsuits brought pursuant to the Telephone Consumer Protection Act
• Representing a cellular telephone company in individual and putative class actions challenging the company’s debt collection practices under the Telephone Consumer Protection Act

Cyber Risk Insurance Coverage Services

Drawing on the combined experience of our Cybersecurity and Data Privacy Practice Group as well as our Global Insurance Services Practice Group — a renowned insurance and reinsurance practice ranked by market leaders and top global publications as one of the world’s biggest and best practices serving this market — we have helped leading insurers and reinsurers anticipate and adapt to emerging risks and meet the growing need for new products. We also assist with reevaluating existing products and pricing models.

Our Cyber Risk Coverage group is prepared to assist insurers and reinsurers with:

• Policy wordings and negotiations
• Underwriting guidelines and coverage counsel
• Reputational risk coverage
• Coverage dispute defens

Both within our own firm and across the wider business and legal communities, Goldberg Segalla’s commitment to diversity is strong, sincere, and a critical component of our firm’s mission and culture. Our philosophy has always been that we hire people who are excellent at what they do, and even better human beings. Period. We feel we would be doing a disservice to our firm and to our clients if we didn’t include contributions from every available resource.

We are extremely proud that our commitment has received regional and national recognition for the innovative programs we have developed and the results we have been able to achieve. The following is a sampling of the firm-wide or individual honors we have received for implementing initiatives that make a difference:

• George B. Vashon Innovator Award, Minority Corporate Counsel Association
• MCCA Firm Affiliate Network
• Vault/MCCA Commitment to Diversity
• Community Service Award, Defense Research Institute
• Good Works Award, American Bar Association Section of Litigation
• Outstanding Committee Chair, ABA Section of Litigation
• Diversity Trailblazer Award, New York State Bar Association
• Legal Service Award, Minority Bar Association of Western New York
• Lawyer of the Year, Bar Association of Erie County
• Legal Community Leader Award, National Federation for Just Communities of Western New York
• Diversity Excellence Award, Buffalo Niagara Human Resource Association
• Value Award for Diversity, Leadership Buffalo
• Western New York Game Changers, Buffalo Spree magazine

What we are most proud of, though, is that our efforts have shown significant results and continue to make a lasting impact on the lives of many.

Leadership and Action

To put our philosophy and commitment into practice, we have a Diversity Task Force, which includes our managing partner, in place to conceptualize and implement diversity-focused programs as well as give diversity a voice in our decision-making at the highest level. The individuals on this task force share the firm’s strong commitment to increasing diversity, and they use their unique experiences and backgrounds to support and advance that goal. The team meets regularly to create programs, schedule events, establish diversity initiatives both inside and outside of the firm, set long-term goals, and develop the strategy to recruit and retain people from diverse backgrounds.

The chair of our Diversity Task Force, Joseph M. Hanna, has spearheaded numerous diversity initiatives in various organizations and outreach programs, serves on several diversity-related committees, and is a frequent author and speaker on diversity. Among other positions, he is co-chair of the American Bar Association (ABA) Young Lawyer Leadership Program, former chair of the association’s Minority Trial Lawyer Committee and its Special Committee on Human Rights, and former editor-in-chief of the ABA’s Minority Trial Lawyer; a 2014 fellow of the Leadership Council on Legal Diversity (LCLD); a past president of the Minority Bar Association of Western New York (MBAWNY) and the MBAWNY Foundation; and the Diversity Liaison for several committees at the 22,000-member DRI.

For more than a decade, Goldberg Segalla has proudly supported the ABA’s Judicial Internship Opportunity Program, which provides racial and ethnic minority law students, along with members of other groups underrepresented in the legal profession, opportunities to serve as an intern with a judge during the summer after their first or second year of law school. Joe Hanna — an alumni of the program himself — acts as a mentor and leader in the program, through which he has conducted more than 100 interviews for students across the country.

In 2017, Goldberg Segalla participated in the Thurgood Marshall Summer Law Internship Program, the New York City Bar Association’s flagship pipeline program for high school students. As a participating legal employer, we hosted high-achieving inner-city students for the summer and collaborate with the NYC Bar to provide them with additional programming before, during, and after the summer designed to help them prepare for a legal career.

Each summer, Goldberg Segalla proudly welcomes interns through a formal Diversity Clerkship Program that was conceived by Joe while he served as president of the MBAWNY. The program was developed in collaboration with the MBAWNY and the SUNY Buffalo Law School to provide opportunities for minority UB Law students to gain firsthand experience in the legal system. Since it was launched in 2011, the program has placed more than 100 students in clerkships in area courts as well as in several area law firms, with more judges and law firms asking to participate every day. It provides participants with an in-depth look at the legal process and the interaction between the bench and the bar that they would not otherwise get. At our firm, a dedicated team of partners monitors the work of these law clerks and ensures they obtain valuable experience to help develop important legal research, writing, case management, and client service skills critical to their long-term success. Our program earned the firm the Minority Corporate Counsel Association’s 2012 George B. Vashon Innovator Award.

We also have sponsored Success in the City, an annual diversity networking and mentoring event developed by Joe that brought together students, legal and business professionals, educators, nonprofits, and political leaders to make lasting partnerships. Many employment, business, and mentoring relationships resulted from this event. Past events have drawn more than 500 political and business leaders, legal professionals, and students. Success in the City has influenced the development of similar programs in Baltimore, Cleveland, Birmingham, Dallas, and elsewhere.

Our firm is committed to spreading the message throughout the broad legal and business communities that embracing diversity contributes to greater overall success. We conduct training sessions for in-house counsel at Fortune 500 corporations on increasing and promoting diversity. Our attorneys have authored articles and delivered presentations on diversity for various legal organizations, including DRI and the ABA, and our efforts and accomplishments in this area have been profiled in publications such as Law360, the New York State Bar Association’s State Bar News, Business First of Buffalo, the Buffalo Law Journal, and others.

In one example of our work to provide inspiration and raise awareness of diversity and women’s issues in the legal community, Caroline Berdzik, chair of our Employer and Labor Practice Group, spoke to Law360 for the publication’s “Female Powerbrokers” series. In the interview, Caroline discussed her career, the challenges of being a woman at a senior level at a law firm, the work-family life balance, and the importance of taking risks. She also offered guidance to female attorneys on moving their careers forward and advice to law firms on both increasing the number of women partners and retaining top female talent. Her longtime advocacy for women (at her previous firm, she served on the Women’s Business Development Committee and was a member of what became the national Women’s Presidents Organization) helped earn her a spot on the 2015 NJBIZ list of New Jersey’s Best 50 Women in Business.

Joe Hanna also was featured by Law360 in its “Minority Powerbrokers” series, in which he shared his perspective on breaking the glass ceiling in the legal industry, the challenges of being a lawyer of color at a senior level, how law firms can increase diversity in their partner ranks, and Goldberg Segalla’s core commitment to diversity.

Partnerships

Goldberg Segalla is proud to be a member of the Minority Corporate Counsel Association Firm Affiliate Network, which was created by the MCCA to assist and acknowledge law firms that are committed to advancing diversity and inclusion in the legal profession.

We are also a member of the Leadership Council on Legal Diversity (LCLD), a national organization of leaders in law firms and corporate legal departments dedicated to creating a truly diverse legal profession. As noted earlier, Joe Hanna was a fellow of the LCLD in 2014. In this position, he played a critical role in organizing the first-ever New York City LCLD Fellows Roundtable event, and he was instrumental in establishing a mentorship program in Hartford for local diverse first-year law students.

We support the diversity efforts of numerous organizations, including:

• American Bar Association
• Asian American Bar Association of New York
• Columbian Lawyers Association
• Defense Research Institute
• Federal Bar Association
• Korean American Association of Greater New York
• League of First Nations
• Minority Bar Association of Western New York
• National Bar Association
• Native American Rights Fund
• National Association of Asian American Professionals
• National Congress of American Indians
• New York State Bar Association
• Seneca Free Trade Association
• SUNY Buffalo Law School
• Women’s Bar Association of the State of New York

Our outreach efforts led to the creation of a comprehensive database of more than 500 minority law organizations throughout the United States. Contact between these organizations takes place in anticipation of bringing CLE and legal programs together. This group of minority bar associations includes both local and national organizations, such as:

• National Association of Women Lawyers
• National Association of Muslim Lawyers
• Hispanic National Bar Association
• National Asian Pacific American Bar
• Black Women Lawyers Association of Los Angeles
• South Asian Bar Association of Philadelphia
• Vietnamese American Bar Association of North Carolina

A Talented and Diverse Team

Diversity is further evident within our firm through the many languages and dialects spoken by members of our team, including Albanian, Arabic, Croatian, French, German, Greek, Hebrew, Hindi, Italian, Korean, Malayalam, Mandarin, Marathi, Norwegian, Portuguese, Punjabi, Russian, Spanish, Swedish, Tagalog, Tamil, Thai, and Urdu.

Goldberg Segalla’s culture is one that values team-spiritedness, collegiality, and interpersonal harmony within our working community. We are a firm that believes in diversity in the workplace, and we are proud to offer a professional and positive work environment for each and every member of our team.

On these values, and on our commitment to diversity, we will never waver. We are proud of what we have accomplished thus far, but we also realize that this is a long-term mission. We will continue to innovate and to improve diversity in law and business — both within Goldberg Segalla and across the communities in which we live and work.

Diversity Matters — Join the Conversation

If you have questions regarding any of the firm’s diversity initiatives or would like to discuss ideas regarding increasing diversity in the legal profession, please contact Joe Hanna (716.566.5447; [email protected]) or another member of our Diversity Task Force:

• Joseph M. Hanna, Chair
• Elizabeth A. Adekunle
• Kenneth L. Bostick Jr.
• Gregory B. Gilmore
• Chandran B. Iyer
• Reshma Khanna
• Raul E. Martinez
• Esther F. Omoloyin
• Jill C. Owens
• Latha Raghavan
• Peter J. Woo

• Buffalo, NY
  665 Main Street
  Buffalo, NY 14203-1425
  Get Directions
  
  

SHOW ALL LOCATIONS