Areas of Focus

• California Consumer Data Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

• EU and U.K. General Data Protection Regulations (GDPR)

• The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

• The New York SHIELD Act

• Virginia Consumer Data Privacy Act (VCDPA)

States with Cybersecurity & Privacy Laws

“There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again.”

- Robert Mueller, Former FBI Director

Whether a company is a family business or a Fortune 500 corporation, it must be concerned with protecting its cybersecurity and privacy. This is one thing all businesses have in common. From health care providers, to construction companies, and even locally-owned restaurants: all are at risk for a major data breach.

As has been proven time and time again, in just a few minutes, one breach can ruin the reputation a company spent decades building. Hodgson Russ attorneys in the Cybersecurity & Privacy Practice are dedicated to ensuring your company's reputation remains in-tact.

Our cybersecurity & privacy attorneys understand the risks businesses face every day. Threats can be as large as a full-blown cyberattack, as small as the loss of a laptop computer, or the mistaken release of a customer's personal information. While the circumstances surrounding each threat may be different, the response must always be prompt and precise.

With the ever-changing technological advances, as well as the growing threats to a company's cybersecurity, it's now more important than ever to have a plan in place to protect your customers' privacy before a breach happens.

Taking Preventive Steps & Action

Cyber-Protection Planning

To safeguard your business, Hodgson Russ will help develop a comprehensive cyber-protection plan around the following key objectives: 

• Complying with privacy- and breach-notification laws, including Dodd-Frank, Gramm Leach Bliley, the EU Privacy Directive, and state laws
• Responding to the National Institute of Standards & Technology's (NIST's) Cybersecurity Framework, released in February 2014
• Developing, implementing, and updating a cybersecurity plan
• Ensuring your business is covered by adequate cyber-liability insurance, including first-party coverage for data-breach costs and third-party coverage for lawsuits

Data Breach Remediation and Response Services

Even the best preparation won't prevent every mistake, data breach, or cyberattack. When the inevitable breach occurs, Hodgson Russ attorneys provide breach remediation and response services, helping clients take immediate steps to contain, investigate, and remediate the breach. 

We also work with clients to ensure they comply with all applicable breach-notification laws, both national and international. Our attorneys will also guide you through any inquiries and investigations by the FTC, SEC, and other state and federal regulatory authorities.

Defending Clients' Interests

In the event your company is sued as a result of the breach, our experienced litigation team will fight in court to protect your business and legal interests. 

In doing so, we'll be sensitive to the fact that you're still running a business, keeping our fees and costs reasonable and ensuring that we use only the time and resources we absolutely need to achieve your objectives.

Tools & Resources

• States that have already adopted cybersecurity and privacy laws. 
  

• Are your clients aware of the amendments to the CCPA?
  

• Are your clients aware of the SHIELD Act?

• Comparing the GDPR and CCPA

• Virginia Consumer Data Protection Act

• The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  

• Children’s Online Privacy Protection Rule (COPPA)

Click here to check out Michelle Merola's Linkedin, where she shares updates and insights on all the latest cybersecurity and privacy hot topics.