Data Privacy, Security and Information Technology

Attorneys

What We Do

• Bankruptcy and Insolvency
• Capital
• Consumer Finance
• Corporate Governance and Director Training
• Corporate Transactions and M&A
• Data Privacy, Security and Information Technology
• Derivatives
• Environmental
• Export Finance
• Fiduciary Products and Services
• Finance
• General Counsel
• Government Enforcement and Internal Investigations
• Intellectual Property
• Labor and Employment, Executive Compensation and Employee Benefits
• Litigation
• Real Estate
• Regulatory Compliance
• Securities Law Compliance
• Tax

We have extensive experience in the ever-evolving area of information technology issues for financial institutions and are a recognized leader in the area.  Our practice includes ongoing work for financial institutions with respect to matters such as:

• Review and negotiation of IT hardware, software and other IT vendor contracts
• Privacy policies, compliance and training
• Cybersecurity preparation and compliance matters
• Incident response plans
• Assisting financial institutions with data breach incidents that occur at the financial institution or an entity for whom the financial institution is the acquiring or sponsoring bank
• Payment card security standards
• New media – mobile apps, online advertising and social media
• Advertising, customer loyalty programs and promotional contests

Our attorneys have significant experience in assisting clients in the development of comprehensive data privacy and security strategies, including online privacy policies and off-line procedures for collecting, using, storing and sharing customer information and other sensitive data.  We offer our clients a wide range of services.  These include training our clients’ employees on relevant privacy and information security issues and negotiating appropriate contractual protections into the clients’ agreements with third party vendors and service providers.  We have counseled national financial institutions, retailers and insurance companies, among others, on their data security and privacy concerns.

In addition, our firm has been a leader in assisting clients who are responding to large-scale data security breach incidents.  Our attorneys have considerable experience in dealing with all aspects of such incidents, including crafting customer communications and media relations strategies, managing forensic investigations of data breaches, and responding to inquiries from federal and state officials and regulators.  We also have assisted retail clients by working directly with their acquiring banks or processors and with credit card associations to resolve claims of fraudulent charges and to reduce the liability arising from such claims.   Our attorneys have successfully defended merchants and banks against consumer class action suits arising out of data security breach incidents. 

Our information technology attorneys has deep experience in advising our financial services clients on data processing agreements with FIS and Fiserv, as well as the negotiation of such agreements. We have handled complex transactions for mission-critical technology services, web applications, equipment, billing systems and hardware and software licenses, and our attorneys help our clients understand the intellectual property rights implications of these transactions.  We work to identify the emerging legal issues and compliance requirements for our clients’ Internet and e-commerce business operations and to advise our clients on practical methods to minimize risks. Data processing agreement specific to banking industries. FIS, Fiserv, John Henry.