Any business that maintains, stores, or processes consumer or employee information must be attentive to data protection and privacy concerns and take measures to protect against loss or unauthorized access to sensitive information in its possession.
The internet and other technological innovations make it easier for businesses to collect and process personal information about individuals, but businesses often struggle with how to adequately manage and secure the data, and how to do so in compliance with various U.S. and international laws.
Tonkon Torp's Information Privacy & Security Group has the expertise and experience to help clients understand and comply with the laws and industry standards that regulate the collection, use, sharing, protection and proper disposal of personal data. We also represent clients in litigation when necessary.
Attorneys in our Information Privacy & Security Group include those who have earned designation as Certified Information Privacy Professionals for the United States.
We counsel clients regarding:
- Development of programs and policies governing storage, access, transfer, use, disclosure and disposal of information subject to state or federal privacy and security laws.
- Audits of information security programs and policies.
- Online and email advertising and behavioral marketing.
- Guidance on data breach response and notification.
- Guidance on foreign privacy law requirements.
- Development of "Red Flags Rule" identity theft prevention programs.
- Preparation and negotiation of vendor agreements involving personal information (including business associate agreements).
- Negotiation of confidentiality and non-disclosure agreements.
- Information privacy and security issues and contract terms in corporate transactions.
- Matters involving children's information and privacy.
- Matters involving financial information and privacy.
- Matters involving health information and privacy.
- Preparation of privacy notices to consumers.
- Development of electronic media and mobile device policies (for employee handbooks and compliance manuals).
- Training on information privacy and security.
- Review of vendor policies.
- Referrals for data security vendors and information technology forensics vendors.
In addition, the litigators in our Information Privacy & Security Group assist clients with:
- Consumer protection litigation.
- Electronic discovery matters related to information security and privacy legal requirements.
- Data breach litigation.