Attorney

Paul A. Lieberman

Stan Barrett

Thomas H. Herndon, Jr.

Arianna Mouré

Jessica C. Pooran

Michael J. Sheppeard

Fred D. Zemel

Cybersecurity &amp; Data Privacy – Safeguarding Your Business 
Rapid technological advances and the explosion of e-commerce have turned cybersecurity and data privacy from an afterthought to a key business concern. Scarinci Hollenbeck’s Cybersecurity &amp; Data Privacy Practice Group is dedicated to providing cutting-edge legal guidance that helps clients safeguard and manage their critical information.
Complex Threats Require Experienced Legal Guidance 
The risk of cyberattacks and data breaches has skyrocketed in recent years due to the growing sophistication of bad actors, as well as continued instances of neglect. Missteps can lead to significant consequences, including heavy fines, injunctions, government audits, criminal liability, negative media attention, and damage to consumer confidences. The laws governing cybersecurity and data privacy are also increasingly complex, making it imperative to have robust compliance procedures in place.

Our Approach

Our Cybersecurity &amp; Data Privacy Practice Group is comprised of talented attorneys well-versed in how to successfully navigate the rapidly evolving cyber landscape. We offer our clients:
<ul>
<li>Comprehensive Legal Guidance: As a full-service law firm, Scarinci Hollenbeck is positioned to address the myriad of issues that can arise from cybersecurity and data privacy concerns. Our lawyers have extensive experience in technology, banking and finance, consumer protection, employment, international law, intellectual property, health care, and litigation. Their broad range of work includes advising clients on compliance with state and federal laws, drafting employee Internet policies, evaluating cyber liability insurance policies, managing reporting obligations following a breach, and defending regulatory actions.</li>
<li>Proactive Legal Strategies: The cliché — a good offense is the best defense —rings true when it comes to cyber and data security. Our team is committed to offering solutions to identify threats, reduce risk, and comply with the growing patchwork of regulatory obligations. We work with our clients to proactively develop and implement threat detection protocols, data retention and management policies, and cyber incident response procedures.</li>
<li>Unparalleled Commitment: The firm’s cybersecurity and data privacy attorneys work closely with our clients to develop tailored solutions that reflect the unique risks to their business, as determined by their operations, business objectives, industry, and geographic location, among other factors. Our team is also ready to spring into action should a data breach or cyber incident occur and staffed with legal professionals skilled in incident response, crisis management, reporting obligations, cyber insurance coverage, government investigations, and litigation.</li>
</ul>

Who We Are

We understand how critical it is to safeguard your data and avoid regulatory missteps. Our lawyers have hands-on business experience that enables us to provide strategic business consulting on all aspects of information policy, including privacy, information security, and records management. Our legal services include:
<ul>
<li>Developing and implementing incident response protocols and policies;</li>
<li>Conducting privacy and cybersecurity audits;</li>
<li>Drafting and negotiating data privacy agreements;</li>
<li>Implementing data collection, retention, and destruction policies;</li>
<li>Coordinating criminal and civil responses following a data breach;</li>
<li>Assisting clients in understanding and complying with the legal standards spanning from protection of data to breach responses;</li>
<li>Handling any privacy-related claims and disputes;</li>
<li>Providing advice regarding cyber insurance matters;</li>
<li>Defending actions brought against businesses as a result of breaches, including actions filed under federal laws such as Gramm–Leach–Bliley Act, Computer Fraud and Abuse Act, Electronic Communications Privacy Act, Health Insurance Portability and Accountability Act of 1996 (HIPAA), General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA); and New York Cybersecurity Requirements for Financial Services Companies.</li>
<li>Assisting with dispute resolution, management of consumer concerns, response to allegations of misuse of data, and state and federal investigations (including actions and requests for information from state attorneys general, the Department of Justice, and the Federal Trade Commission); and</li>
<li>Drafting and implementing employee policies, handbooks, and training</li>
<li>Addressing issues concerning consumer privacy, online advertising, behavioral marketing, social media, and data sharing.</li>
</ul>

What We Do

Our Cybersecurity &amp; Data Privacy Practice Group has the experience to handle the most complex matters. We also play an important role in the development of public policy regarding the future regulation of cyber issues and are recognized as authorities in the field. For example, our team includes the editor-in-chief of the treatise<a href="https://scarincihollenbeck.com/just-in/nyc-technology-lawyer-editor-ip-law-in-cyberspace/"> “Intellectual Property Law in Cyberspace”</a>, who is a leading figure in the development of cyber-privacy-related initiatives for both the Intellectual Property Owners Association and the American Intellectual Property Law Association.
Representative matters include:
<ul>
<li>Advised clients on data privacy and data transfer restrictions affecting the review and use of customer data from various European and Asian jurisdictions in the context of civil litigations and U.S. Department of Justice investigations.</li>
<li>Researched issuer obligations related to data security breaches exposing customer data under the federal securities laws and implications for consequent class action litigations.</li>
<li>Prepared and negotiated agreements involving data privacy issues.</li>
<li>Maintains currency with federal and state data privacy regulations and statutes.</li>
<li>Assisted clients in the development and implementation of Cybersecurity and Data Privacy policies/procedures, including data breach response plans, risk assessments, providing advice on breach notification requirements under state and federal law, training programs and coordination of breach notices with client staff.</li>
<li>Worked with clients to evaluate and select ‘best of breed’ technical services vendors and consultants.</li>
<li>Prepared and negotiated agreements involving privacy data security, IT services and consulting contacts.</li>
<li>Provided advice to clients on federal and state governmental regulations, NIST developments, compliance obligations and litigation matters.</li>
<li>Defended financial industry clients during investigations involving hacking, imposters, data security threats, breaches and resolutions.</li>
<li>Maintains currency with federal and state data privacy regulations and statutes.</li>
<li>Provided legal services to billion-dollar computer company</li>
<li>Provided legal services to prominent hotel chain</li>
</ul>

Representative Matters

Rapid technological advances and the explosion of e-commerce have turned cybersecurity and data privacy from an afterthought to a key business concern. Scarinci Hollenbeck’s Cybersecurity &amp; Data Privacy Practice Group is dedicated to providing cutting-edge legal guidance that helps clients safeguard and manage their critical information.

NJ OAG Enforcement Action Highlights Cyber Risks for Real Estate and Financial Companies That Failed to Protect Against Identity Theft

Are QR Codes Convenient or Risky? What Your Business Needs to Know

What’s a Credential Stuffing Cyberattack and Is Your Business Vulnerable?

Year in Review: Top Cybersecurity Law Developments in 2021

Business Groups Call for Federal Privacy Legislation, But Will It Work?

Companies Who Fail to Patch Log4j Vulnerability Could Face FTC Enforcement

Regulators Approve Cybersecurity Incident Reporting Notification Rule (“CIRN”) for Banks

What Businesses Need to Know About the DOJ’s New Civil Cyber-Fraud Initiative

Is There a New Sheriff in Town? FCC Poised to Expand Cybersecurity Role

What Do Landlords Need to Know About the New York City Tenant Data Privacy Act?

NYDFS Issues New Guidance on Ransomware Prevention

Are You Ready to Follow NYC’s Biometric Privacy Law?

Have You Considered the Privacy Risks of Online Dating Sites?

Does Your Business Need to Comply with Virginia’s New Data Privacy Law?

NYDFS Enforcement Reveals State Data Breach Laws Can Trigger Mandatory Reporting of Non-Material Breaches

Cyber Security & Data Privacy

Chair

Paul A. Lieberman

Attorneys

Jessica C. Pooran

Michael J. Sheppeard

Fred D. Zemel

Stan Barrett

Thomas H. Herndon, Jr.

Paul A. Lieberman

Arianna Mouré

Jessica C. Pooran

Michael J. Sheppeard

Fred D. Zemel

Stan Barrett

Thomas H. Herndon, Jr.

Paul A. Lieberman

Arianna Mouré

Jessica C. Pooran

Michael J. Sheppeard

Fred D. Zemel

Core Practices