Home > Services > Cybersecurity and Privacy

Cybersecurity and Privacy
Real-world data privacy and cybersecurity counseling

Information is a vitally important asset in today’s digital age. Companies are collecting and processing unprecedented amounts of data, much of which is sensitive employee and customer information. Often, companies rely upon the assistance of third parties to secure this data. The consequences of a loss or inadvertent disclosure of data can be catastrophic to a company’s credibility and, in some cases, its existence. Yet nearly every day, we are faced with worldwide reports of data breaches at corporations and other organizations by those seeking customer credit card numbers, user passwords, internal documents and emails. Not only are there cyber threats to mitigate, but companies must also comply with increasingly complex frameworks of data privacy laws on state, federal and international levels.

Saul Ewing Arnstein & Lehr’s team of cybersecurity and privacy professionals (including 13 Certified Information Privacy Professionals) works collaboratively to ensure that our clients are supported at all stages and from all angles — from response planning for cyber-attacks, to crisis management during an occurrence, to proceeding after a cyber-attack or breach occurs. Our interdisciplinary approach means that attorneys in different legal fields — corporate, insurance, intellectual property, labor and employment, white collar, and litigation — provide clients with well-rounded, innovative solutions.

On the preparedness side, our team is experienced at reviewing response plans, coordinating with brokers and insurers on coverage of cyber risks, and working with security specialists to review and identify technology weaknesses on behalf of clients. If the client does not yet have a plan in place, our attorneys will outline procedures and develop a plan to help prepare the client for an external attack and reduce the risk of future intrusions. In the event of an attack or breach, our attorneys and network of external professionals work together to minimize exposure and protect client confidences. We counsel clients on liabilities potentially associated with the attack or breach and represent clients in related litigation when needed. 

For data privacy matters, we help clients understand and meet the requirements stipulated by a variety of laws — such as the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), the Family Education Rights and Privacy Act (FERPA), and the Gramm-Leach-Bliley Act (GLBA) — and construct processes and policies to comply with these regulations to protect data and avoid substantial fines.

See Related Industries Offered for Cybersecurity:

See Related Services Offered for Cybersecurity:

Experience

Our team helps clients during each stage of a privacy program, cybersecurity preparedness, and data-related incident or breach:
  • Data Privacy Compliance and Pre-Cybersecurity Incident Preparation
    Regulatory matters and internal compliance programs, including compliance with state, federal and international data privacy laws (GDPR)
    Corporate data privacy and information governance programs
    Strategic counseling and board governance
    Big data governance and privacy in technology development
    Security breach preparation and response planning
    Insurance coverage evaluation to ensure that appropriate cyber-risks are appropriately covered
    Referral of a forensic data specialist to review and identify technology weaknesses
    Referral of a PR firm to prepare or evaluate the crisis management plan
    Drafting and reviewing employee and vendor agreements
  • Cybersecurity Incident Response and Investigation
    Immediate (24/7) consultation through our legal team with a forensic data technology specialist to minimize the effects of an attack or breach
    Consultation with insurance attorneys regarding coverage and assistance with making an insurance claim
    Advice and assistance with engaging with law enforcement, if appropriate
    Advice and assistance with reporting to regulators and data protection authorities, if required
    As-needed referral to and engagement with a PR firm to manage messaging to clients and media
  • Post-Cybersecurity Incident Defense
    Post-loss economic recovery (Attacker, Employee/Contractor, Insurer, Counter-Party)
    Defense of government investigation/proceedings
    Data privacy and cybersecurity litigation
    Loss/damage mitigation
    Forensic data analysis
    Ongoing PR assistance
 

News

April 27, 2022
/ Articles
After TransUnion, Lower Courts Grapple with Article III Standing in Data Breach Lawsuits
March 31, 2022
/ Alerts & Newsletters
Rogers v. BNSF Railway Company
March 23, 2022
/ Alerts & Newsletters
SEC Proposes New Cybersecurity Rules for Public Companies
March 17, 2022
/ Alerts & Newsletters
Considerations for Remote Patient Monitoring Vendors and Providers
February 15, 2022
/ Alerts & Newsletters
After TransUnion, Lower Courts Grapple With Article III Standing in Data Breach Lawsuits
February 11, 2022
/ Alerts & Newsletters
McDonald v. Symphony Bronzeville
February 9, 2022
/ News
American Business Journal Quotes Bilus on Next State to Pass Consumer Data Privacy Act
November 17, 2021
/ Alerts & Newsletters
Revised FinCEN Advisory Warns Financial Institutions to Report Suspected Illegal Ransomware[1] Payments
View More News

Events

June 3, 2022 / Events
Laurie Kamaiko to Speak at NetDiligence Cyber Risk Summit
View More Events
Patrick Hromisin Co-Presents During ACC Greater Philadelphia 2022 In-House Counsel Conference
View Past Events

Related Media

July 1, 2020
/ Video
Privacy and Cybersecurity: Risks While Working Remotely
May 27, 2020
/ Video
Key Legal Labor, Employment and Privacy Considerations for Businesses Reopening
May 24, 2017
/ Video
Cybersecurity in the Insurance Marketplace - Session 1
May 24, 2017
/ Video
Cybersecurity in the Insurance Marketplace - Session 2
April 4, 2017
/ Video
Cybersecurity in the Boardroom - Part 2
April 4, 2017
/ Video
Cybersecurity in the Boardroom - Part 1
December 1, 2021
/ Podcast Episode
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
View More Related Media

Recognition

The group includes attorneys who have received the following recognition:

  • Certified Information Privacy Professionals

    Thirteen attorneys on our Cybersecurity and Privacy team are Certified Information Privacy Professionals in the U.S. private sector (CIPP/US). Developed by the International Association of Privacy Professionals, the credentialing program provides a global standard for privacy laws, regulations and frameworks, and is accredited by the American National Standards Institute under the International Organization for Standardization standard.

  • Benchmark Litigation: Under 40 Hot List

    Through a process of peer review and case examination, the Under 40 Hot List has been compiled over a process of many months to assemble a collection of young, up-and-coming attorneys.

Each of the foregoing accolades has its own selection criteria, none of which have been approved by the relevant state supreme courts.

Trade Groups & Associations
  • The International Association of Privacy Professionals (Bronze Level Member)

Contacts

Alexander R. Bilus
| View Full Bio
Evan J. Foster
| View Full Bio
Laurie A. Kamaiko
| View Full Bio

View All Related Professionals