old Privacy and Data Security

According to the U.S. Chamber of Commerce, 90% of all data in existence was created in the last two years. However, the global regulatory landscape for data is a patchwork of overlapping and often conflicting rules and concepts. Helping businesses negotiate this continuously evolving landscape is what we do. We recognize that data – and the technology to store, process, analyze and execute on it – is a valuable intellectual property asset that companies can develop, acquire, protect, license, sell and otherwise commercialize and exploit.

Our Privacy and Data Security Team helps businesses unlock the value of data, while ensuring compliance with U.S. and non-U.S. laws and standards that regulate the collection, use, sharing and protection of data.

Third Party and Customer Data Use

We advise many of the world’s largest retailers, consumer brands and technology providers on the collection, use, sharing and commercialization of third party and customer data. This includes negotiating and drafting data sharing and co-op agreements and data security clauses in broader third party vendor agreements, as well as conducting unique data regulatory compliance and data integrity due diligence in strategic transactions.

Advice on Cross Border Data Transfers

We counsel clients on cross-border data transfers, including compliance with EU, Canadian and other international data privacy laws. We routinely handle US-EU Privacy Safe Harbor and US-Swiss Privacy Safe Harbor certifications for clients. We represent clients in transactions that involve cross border data transfers, including under EU standard contractual clauses for the transfer of personal data. Our expertise covers customer data, employee data and credit cardholder data. With foreign offices in London, Brussels, Shanghai, Beijing and Seoul, we also have local expertise with respect to privacy and data security concerns involving the UK, EU, China and Korea.

Data Loss and External Notification

Our attorneys handle complex and high profile data security breach incidents, including advising clients regarding internal investigations, public relations strategies and responses, indemnification and other rights and remedies under vendor agreements, and compliance with state and federal security breach notification laws. We prepare and help implement internal Data Security Breach Response Plans for clients. As data becomes more entwined with the enterprise value of businesses, we handle data due diligence and data loss issues in connection with M&A and other corporate and strategic transactions.

Privacy Litigation

As the prevalence of data use increases along with its value to businesses, privacy litigation is now a part of every large business’s lexicon. We represent some of the best known brands and businesses in the world in defending against the surge of privacy class actions in state and federal courts around the country. We have handled landmark cases involving constitutional privacy rights, state law claims such as California’s Song-Beverly and Shine the Light Acts, penal code wiretapping and call recording claims, the federal Telephone Consumer Protection Act, as well as related vendor indemnification actions. Some of our recent victories include halting the expansion of certain privacy claims to new technologies or new jurisdictions. We don’t just react when you are sued -- we devote time to thinking about what may come next and how to protect you from being surprised by percolating regulation and developing legal theories.

Internal Privacy Policies

We advise clients on internal privacy policies and procedures relating to both consumer and human resources data.

Public-facing Privacy Policies

We help clients identify objectives and establish internal practices regarding data privacy and security. We then help them draft public-facing privacy policies to implement and reflect their objectives and practices. Pulling from Sheppard Mullin’s Chambers-recognized advertising practice, we also understand that a public-facing privacy policy is both a legal and marketing document – as a result, we are uniquely qualified to craft privacy policies that meet legal requirements that also reflect our client’s brand and “voice.”

Regulatory Advocacy and Relationships

As an outgrowth of our extensive representation of online and brick-and-mortar retailers, we have worked closely with trade associations such as the California Retailers Association (CRA) and the Direct Marketing Association (DMA) on drafting and advocating passage of privacy legislation. We have also assisted these and other trade associations with evaluating proposed privacy legislation and crafting arguments to highlight the faults in those proposed laws.

External Privacy Investigations & Audits

We represent companies, including large children’s media focused companies, in connection with regulatory inquiries and proceedings in related to privacy issues, particularly in connection with the federal Children’s Online Privacy Protection Act (COPPA).

Privacy in the Workplace

Legal requirements around the world keep changing and placing increased restrictions on what employers can and can’t do. These changes impact background checks, drug testing, employee data retention and/or transfer, workplace data breach, and maintenance of employee health related information. Our international employment and mobility law attorneys counsel employers on issues related to compliance with workplace privacy. They offer a virtual one stop shop in terms of what U.S. and other countries require.

Regulated Highly Sensitive Data

We have specialized knowledge and experience helping clients with regulated highly sensitive data, including the various laws and regulations that govern health data (HIPAA) and financial data (Gramm–Leach–Bliley Act).

Health care privacy is a critical business function for health care organizations. We represent some of the nation's largest and most respected health plans, hospital organizations, contract research organizations, pharmaceutical companies and medical device manufacturers. We assist healthcare businesses to develop and implement HIPAA privacy compliance programs, establish data sharing programs and protocols and prepare consent and contractual documentation of the same. And because policies need training to be most effective, we offer employee HIPPA's compliance training. We strongly believe that health care providers must take a proactive approach to ensure continued compliance with HIPAA's privacy standards. When allegations of non-compliance are made, we are there to assist too.

In the area of financial institutions, we structure Gramm–Leach–Bliley Act Financial Privacy Rule (GLB) compliance programs, as well as compliance with other laws affecting financial institution opt-out notice provisions, restrictions on the re-use and re-disclosure of consumer information, security guidelines, and federal preemption of state and local privacy restrictions.

Internal Privacy Investigations & Audits

We lead internal data privacy audits as part of US-EU Privacy Safe Harbor and US-Swiss Privacy Safe Harbor certifications and annual re-certifications for clients.

Social Media Usage in the Workplace

We regularly advise companies regarding use of social media in the workplace, and the growing practice employees or contractors devote to promoting and managing a company’s social media presence. The firm publishes a well-read blog on legal issues concerning social media:http://www.socialmedialawupdate.com/. We have drafted internal social media policies for numerous clients that, among other things, address compliance with FTC endorsements and testimonials rules for social media.

Locations (1)

People (819)

Peer Reviews

  • 4.9/5.0 (150)
  • Legal Knowledge

  • Analytical Capability

  • Judgment

  • Communication

  • Legal Experience


See All 210 Reviews See All 210 Reviewed Attorneys »

*Attorneys who only have peer reviews prior to April 15, 2008 are not displayed.

Client Reviews

  • 4.3/5.0 (15)
  • 80% (12)
  • Communication

  • Responsiveness

  • Quality of Service

  • Value for Money


See All 15 Reviews See All 15 Reviewed Attorneys »


Documents ({{amountArticles}})

Documents by this Organization on Martindale.com
Other documents: ,


"As Sheppard Mullin continues to grow, it is important that we not lose sight of the need to recruit women, attorneys of color and others of diverse backgrounds."
-Guy Halgren, Chairman of the Executive Committee

At Sheppard Mullin, we make every effort to recruit the finest lawyers and nurture their talents. The firm recognizes the importance of diversity and the need to create a workplace of inclusion. We need ¿ and our clients demand ¿ a team of attorneys that is as diverse as our increasingly global client base. Achieving and maintaining diversity is key to great client service ¿ a core value of our firm. What distinguishes good intentions from results is a commitment by senior management to find the best attorneys possible coupled with the sincere belief that people with diverse backgrounds bring valuable attributes to the firm. At Sheppard Mullin, the Executive Committee, Diversity Committee, and the lawyers in each of our offices work hard to ensure that all attorneys who join our firm fit in seamlessly and are encouraged to succeed.

Members of our Diversity Committee include ethnically diverse attorneys and a representative from the firm's Executive Committee. Diversity Committee members have served on the Boards of the Anti-Defamation League, the Black Women Lawyers Foundation (Los Angeles), and the Charles Houston Bar Association (northern California). Women and minority attorneys participate on key committees of the Firm (Executive Committee; Compensation Committee; Diversity Committee; Recruiting Committee; Professional Personnel Committee; Associate Issues Committee). Four of the Firm's nine Office Administrative Partners are women, one of whom is African-American and another is multi-racial.

"Serving on the firm's Diversity Committee is one of the most important things I do. I firmly believe that we must be vigilant in our efforts to recruit talented women attorneys and attorneys of color. Our success in this area has a positive effect our firm's culture, practice and client relationships."
-Joan Story, Member Executive Committee and Diversity Committee

Below is a description of just some of our outreach efforts.

  • The firm participates in and financially supports the California Minority Counsel Program and the ABA Minority Counsel Program, as well as several minority bar associations. These groups are dedicated to increasing access for and promoting and retaining minorities in the legal profession.
  • The firm actively recruits law students of color, e.g., we participated in the National Black Law Students Association (NBLSA) of the Western Region job fair held at UCLA School of Law.
  • Sheppard Mullin contributes to the Minority Corporate Counsel Association; California Women Lawyers; Queen's Bench; Black Women Lawyers Association of Los Angeles; and the National Black Law Students Association, among others.
  • We actively participate with other major Los Angeles law firms in the Diversity Directors Roundtable, a group that is committed to promoting diversity in the legal profession and in our firms.
  • The firm received the Law Firm Award from the Black Women Lawyers Association of Los Angeles Foundation for its strong commitment to the promotion of community and pro bono activities.
  • Multicultural Law magazine named Sheppard, Mullin, Richter & Hampton LLP as one of "The 2011 Top 100 Law Firms for Diversity."
  • Sheppard Mullin helped underwrite the production of a motion picture project entitled "Soul of Justice: The Life and Times of Thelton Henderson." The film chronicles the life of respected African-American jurist Thelton Henderson, a crusading civil rights litigator and role model.
  • The firm signed the Bar Association of San Francisco's "No Glass Ceiling Initiative," BASF's "Minority Goals and Timetables," the New York County Lawyers' Association Diversity Statement, and the Los Angeles County Bar Association's Diversity Statement.

Much of our pro bono work relates to the diversity of the communities in which we practice; sample clients include:

  • Constitutional Rights Foundation
  • Domestic Violence Project, Los Angeles Bar Association
  • Lawyers Committee for Civil Rights
  • Task Force for the Women's Resource Fair, City of San Diego
  • Tolerance Through Education Program, Beverly Hills Barristers Associations
  • Violence Against Women Act Program, Legal Aid Foundation of Los Angeles

Awareness of diversity enables us to understand the value of differences. At Sheppard Mullin, we are committed to hiring top tier attorneys, without regard to race, ethnicity, gender or sexual orientation.

Contact Sheppard, Mullin, Richter & Hampton LLP

Please correct the fields highlighted in red.

By clicking on the "Submit" button, you agree to the Terms of Use, Supplemental Terms and Privacy Policy. You also consent to be contacted at the phone number you provided, including by autodials, text messages and/or pre-recorded calls, from Martindale and its affiliates and from or on behalf of attorneys you request or contact through this site. Consent is not a condition of purchase.

You should not send any sensitive or confidential information through this site. Emails sent through this site do not create an attorney-client relationship and may not be treated as privileged or confidential. The lawyer or law firm you are contacting is not required to, and may choose not to, accept you as a client. The Internet is not necessarily secure and emails sent though this site could be intercepted or read by third parties.