Our Information Privacy & Security Practice Group has the expertise and experience to help clients understand and comply with the laws and industry standards that regulate the collection, use, sharing, protection, and proper disposal of personal data.
Tonkon Torp advises businesses on the management and security of personal data in compliance with domestic and international laws.
We help our clients navigate the digital age of business and technology, taking measures to protect against loss or unauthorized access to sensitive information.
We counsel clients regarding:
- Development of programs and policies governing storage, access, transfer, use, disclosure, and disposal of information subject to state or federal privacy and security laws
- Audits of information security programs and policies
- Preparation of website privacy policies and terms of use
- Data breach response and notifications, including compliance with applicable state and federal laws
- Online and email advertising and behavioral marketing
- Guidance on foreign privacy law requirements
- Development of “Red Flags Rule” identity theft prevention programs
- Preparation and negotiation of vendor agreements involving personal information (including business associate agreements)
- Negotiation of confidentiality and non-disclosure agreements
- Information privacy and security issues and contract terms in corporate transactions
- Matters involving children’s information and privacy
- Matters involving financial information and privacy
- Matters involving health information and privacy
- Preparation of privacy notices to consumers
- Development of electronic media and mobile device policies (for employee handbooks and compliance manuals)
- Training on information privacy and security
- Review of vendor policies
- Referrals for data security vendors and information technology forensics vendors
We also represent clients in litigation when necessary. Our experienced litigators assist clients with:
- Consumer protection litigation
- Electronic discovery matters related to information security and privacy legal requirements
- Data breach litigation
Services + Industries
Department
Bar Admission
Schools
Languages
Representative Matters
Confidentiality and Non-Disclosure Agreements
Represented consumer service provider and retail company in drafting and negotiating a confidentiality and non-disclosure agreement with a vendor engaged in collecting and processing consumer personal information on behalf of governmental or public entities for consumer licensing purposes.
Data Security Breach Response
Assisted businesses with evaluating and responding to data breach, including drafting notifications to affected individuals and monitoring compliance following breach.
Data Security Breach Response (Nonprofit)
Assisted an organization in analyzing a potential data security breach incident and drafted a notification letter in compliance with applicable law whose information may have been affected by the incident.
Directed Marketing and Online Services
Represented non-profit foundation in auditing and revising an online service provided to consumers, as well as the terms of use, privacy policy, and data collection, data sharing and marketing practices related to the online service for compliance with various information privacy, security and consumer protection laws and regulations.
Information Security Program Toolkit Development
Developed and drafted a comprehensive information security program toolkit for use by a financial services company client and its business partners, including business partners in the insurance industry.
Master Professional Services Agreements
Represented consulting company in negotiating master professional services agreements involving the consulting company's handling and analysis of highly sensitive, consumer financial information for its financial institution clients.
Online Advertising and Website Compliance
Represented children's products retailer in auditing and revising its website, online marketing practices, and website privacy policy and terms of use for compliance with various information privacy, security and consumer protection laws and regulations, including the Children's Online Privacy Protection Act ("COPPA").
Purchase of Websites and Online Businesses
Represented purchaser in acquiring websites and online businesses with known intellectual property issues, licensing issues and regulatory compliance issues related to information privacy, security and consumer protection matters, and assisted purchaser in correcting such issues post-closing.
Services + Industries
Contact us or sign up for emails on all of our news and events.
We encourage you to contact us if you have further questions about our firm or our experience. For your protection, we cannot represent you until we know that doing so will not create a conflict of interest. Accordingly, please do not send us any confidential or secret information about any matter that may involve you until you receive a written statement from us that we represent you (an engagement letter).
If after browsing this web site you are unsure which lawyer you should contact, please call us at 503.221.1440.