Counsel on data stewardship in a time of explosive information technology growth.
Locke Lord's Privacy & Cybersecurity Practice Group guides our clients in meeting legal, regulatory and contractual obligations concerning the collection, use, transmission, storage and destruction of data, and in mitigating cybersecurity risks. With a range of backgrounds in insurance, finance, retail, health care, energy, IP and litigation (among others), our lawyers provide advice that takes into account the standards and practices of the industries and legal frameworks in which our clients operate as well as laws and regulations of countries worldwide.
Our lawyers regularly develop:
In the event of a security incident, we:
Incident Preparedness and Risk Management
We frequently counsel clients in connection with identifying, prioritizing and addressing potential threats and vulnerabilities as well as in corporate governance issues. We also provide preparedness assistance, including:
Compliance and Enforcement
Our team has experience with various compliance regimes, including those applicable to financial services, insurance, health care, education, retail, telecommunications, energy, defense and other industries, and their service providers.
We assist in responding to information requests by government agencies, regulatory inquiries and enforcement actions.
We have dedicated groups to track developments and educate the marketplace generally through articles, conferences and webinars in connection with new and developing areas, such as:
We provide targeted, practical advice on compliance with privacy and information security requirements, including:
When a cybersecurity incident or data breach is suspected, our professionals handle the legal and regulatory aspects of investigation, analysis and response. We are familiar with the security and breach response requirements associated with special data types, such as personally identifiable information (PII), protected health information (PHI), payment card industry (PCI) data, and information maintained by defense contractors and others in industries with specialized industry guidelines. We are staffed to respond quickly, efficiently and effectively to both large, complex breaches and more limited, routine compromises of data security.
Litigation and Class Action Defense/Cyber Claims
We have experience defending against class action and other lawsuits in both consumer and employee class scenarios, and our experience extends to data breach and other security and privacy-related litigation matters in various jurisdictions.
In addition, we advise insurance clients on cyber insurance issues and claims, and with clients in a number of other industry sectors on the development and implementation of national litigation strategies related to exposures arising from the collection, handling, use and disclosure of personal information.
Our lawyers are often called upon to provide subject matter knowledge in a variety of transactional contexts. For example, we:
We advise companies with multinational operations on EU and other data protection laws as well as on cross-border data flows and transfers, including in:
We provide counsel and coordination on data protection policies and regulatory compliance issues in the UK and abroad. In addition, our Firm is a member of World Law Group (WLG), a global independent law firm network with more than 18,000 lawyers worldwide. WLG allows us to access the resources required to meet a client’s needs almost anywhere in the world — swiftly, efficiently and cost effectively.