Home > Services > Cybersecurity and Privacy

Cybersecurity and Privacy
Real-world data privacy and cybersecurity counseling

Information is a vitally important asset in today’s digital age. Companies are collecting and processing unprecedented amounts of data, much of which is sensitive employee and customer information. Often, companies rely upon the assistance of third parties to secure this data. The consequences of a loss or inadvertent disclosure of data can be catastrophic to a company’s credibility and, in some cases, its existence. Yet nearly every day, we are faced with worldwide reports of data breaches at corporations and other organizations by those seeking customer credit card numbers, user passwords, internal documents and emails. Not only are there cyber threats to mitigate, but companies must also comply with increasingly complex frameworks of data privacy laws on state, federal and international levels.

Saul Ewing Arnstein & Lehr’s team of cybersecurity and privacy professionals (including 13 Certified Information Privacy Professionals) works collaboratively to ensure that our clients are supported at all stages and from all angles — from response planning for cyber-attacks, to crisis management during an occurrence, to proceeding after a cyber-attack or breach occurs. Our interdisciplinary approach means that attorneys in different legal fields — corporate, insurance, intellectual property, labor and employment, white collar, and litigation — provide clients with well-rounded, innovative solutions.

On the preparedness side, our team is experienced at reviewing response plans, coordinating with brokers and insurers on coverage of cyber risks, and working with security specialists to review and identify technology weaknesses on behalf of clients. If the client does not yet have a plan in place, our attorneys will outline procedures and develop a plan to help prepare the client for an external attack and reduce the risk of future intrusions. In the event of an attack or breach, our attorneys and network of external professionals work together to minimize exposure and protect client confidences. We counsel clients on liabilities potentially associated with the attack or breach and represent clients in related litigation when needed. 

For data privacy matters, we help clients understand and meet the requirements stipulated by a variety of laws — such as the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), the Family Education Rights and Privacy Act (FERPA), and the Gramm-Leach-Bliley Act (GLBA) — and construct processes and policies to comply with these regulations to protect data and avoid substantial fines.

See Related Industries Offered for Cybersecurity:

See Related Services Offered for Cybersecurity:
Doss Interviewed on "Morning Joe" on FISA

April Doss appeared live on MSNBC’s "Morning Joe" to discuss the FISA warrant application process. 
Confidentiality of FISA

News One Now with Roland Martin; April Doss discusses confidentiality of FISA procedures.
Presidential Access to FISA Surveillance

News One Now with Roland Martin; April Doss talks Presidential access to FISA surveillance material.
FISA Warrant Procedures

News One Now with Roland Martin; April Doss discusses process for obtaining a FISA warrant
Cyber Attacks: New Targets

April Doss Q&A with Washington Business Journal; Cyber Attacks: New Targets.
Trends in Cyber Attacks

April Doss Q&A with Washington Business Journal; Trends in Cyber Attacks.



View All Videos

Experience

Our team helps clients during each stage of a privacy program, cybersecurity preparedness, and data-related incident or breach:
  • Data Privacy Compliance and Pre-Cybersecurity Incident Preparation
    Regulatory matters and internal compliance programs, including compliance with state, federal and international data privacy laws (GDPR)
    Corporate data privacy and information governance programs
    Strategic counseling and board governance
    Big data governance and privacy in technology development
    Security breach preparation and response planning
    Insurance coverage evaluation to ensure that appropriate cyber-risks are appropriately covered
    Referral of a forensic data specialist to review and identify technology weaknesses
    Referral of a PR firm to prepare or evaluate the crisis management plan
    Drafting and reviewing employee and vendor agreements
  • Cybersecurity Incident Response and Investigation
    Immediate (24/7) consultation through our legal team with a forensic data technology specialist to minimize the effects of an attack or breach
    Consultation with insurance attorneys regarding coverage and assistance with making an insurance claim
    Advice and assistance with engaging with law enforcement, if appropriate
    Advice and assistance with reporting to regulators and data protection authorities, if required
    As-needed referral to and engagement with a PR firm to manage messaging to clients and media
  • Post-Cybersecurity Incident Defense
    Post-loss economic recovery (Attacker, Employee/Contractor, Insurer, Counter-Party)
    Defense of government investigation/proceedings
    Data privacy and cybersecurity litigation
    Loss/damage mitigation
    Forensic data analysis
    Ongoing PR assistance
 

News

October 12, 2020
/ Articles
The Next Big Thing: Current Issues Under the Illinois Biometric Information Privacy Act
October 9, 2020
/ Articles
Legal Brief: Election Security
October 8, 2020
/ Alerts & Newsletters
Paying or Facilitating Payment of Ransomware Demands May Result in Criminal and Civil Penalties From OFAC
October 5, 2020
/ Articles
Cyberthieves Use Pandemic to Pry, Pounce on Your Data
September 29, 2020
/ Alerts & Newsletters
Health Insurer Agrees to Pay $6.85 Million Settlement Related to HIPAA Data Breach Affecting Over 10 Million Individuals
September 25, 2020
/ Alerts & Newsletters
Business Associate Agrees to Pay $2.3 Million to Settle HIPAA Data Breach Affecting Over Six Million People
September 22, 2020
/ Alerts & Newsletters
Higher Education Institutions and Nonprofit Organizations Face Potential Wave of Lawsuits Over Blackbaud Data Breach
August 10, 2020
/ Alerts & Newsletters
European Court of Justice Invalidates Privacy Shield but Holds Standard Data Protection Clauses to Be Valid (maybe!)
View More News

Events

November 10, 2020 / Events
April Doss Presents on The California Privacy Rights Act
View Past Events
Gkonos speaks at New York State Bar Association’s 2018 Annual Meeting
View Past Events

Recognition

The group includes attorneys who have received the following recognition:

  • Certified Information Privacy Professionals

    Thirteen attorneys on our Cybersecurity and Privacy team are Certified Information Privacy Professionals in the U.S. private sector (CIPP/US). Developed by the International Association of Privacy Professionals, the credentialing program provides a global standard for privacy laws, regulations and frameworks, and is accredited by the American National Standards Institute under the International Organization for Standardization standard.

  • Benchmark Litigation: Under 40 Hot List

    Through a process of peer review and case examination, the Under 40 Hot List has been compiled over a process of many months to assemble a collection of young, up-and-coming attorneys.

Each of the foregoing accolades has its own selection criteria, none of which have been approved by the relevant state supreme courts.

Trade Groups & Associations
  • The International Association of Privacy Professionals (Bronze Level Member)

Contacts

April Falcon Doss
| View Full Bio
Alexander R. Bilus
| View Full Bio
Evan J. Foster
| View Full Bio
Laurie A. Kamaiko
| View Full Bio

View All Related Professionals