Home > Services > Cybersecurity and Privacy

Cybersecurity and Privacy
Real-world data privacy and cybersecurity counseling

Information is a vitally important asset in today’s digital age. Companies are collecting and processing unprecedented amounts of data, much of which is sensitive employee and customer information. Often, companies rely upon the assistance of third parties to secure this data. The consequences of a loss or inadvertent disclosure of data can be catastrophic to a company’s credibility and, in some cases, its existence. Yet nearly every day, we are faced with worldwide reports of data breaches at corporations and other organizations by those seeking customer credit card numbers, user passwords, internal documents and emails. Not only are there cyber threats to mitigate, but companies must also comply with increasingly complex frameworks of data privacy laws on state, federal and international levels.

Saul Ewing Arnstein & Lehr’s team of cybersecurity and privacy professionals (including 13 Certified Information Privacy Professionals) works collaboratively to ensure that our clients are supported at all stages and from all angles — from response planning for cyber-attacks, to crisis management during an occurrence, to proceeding after a cyber-attack or breach occurs. Our interdisciplinary approach means that attorneys in different legal fields — corporate, insurance, intellectual property, labor and employment, white collar, and litigation — provide clients with well-rounded, innovative solutions.

On the preparedness side, our team is experienced at reviewing response plans, coordinating with brokers and insurers on coverage of cyber risks, and working with security specialists to review and identify technology weaknesses on behalf of clients. If the client does not yet have a plan in place, our attorneys will outline procedures and develop a plan to help prepare the client for an external attack and reduce the risk of future intrusions. In the event of an attack or breach, our attorneys and network of external professionals work together to minimize exposure and protect client confidences. We counsel clients on liabilities potentially associated with the attack or breach and represent clients in related litigation when needed. 

For data privacy matters, we help clients understand and meet the requirements stipulated by a variety of laws — such as the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), the Family Education Rights and Privacy Act (FERPA), and the Gramm-Leach-Bliley Act (GLBA) — and construct processes and policies to comply with these regulations to protect data and avoid substantial fines.

See Related Industries Offered for Cybersecurity:

See Related Services Offered for Cybersecurity:

Experience

Our team helps clients during each stage of a privacy program, cybersecurity preparedness, and data-related incident or breach:
  • Data Privacy Compliance and Pre-Cybersecurity Incident Preparation
    Regulatory matters and internal compliance programs, including compliance with state, federal and international data privacy laws (GDPR)
    Corporate data privacy and information governance programs
    Strategic counseling and board governance
    Big data governance and privacy in technology development
    Security breach preparation and response planning
    Insurance coverage evaluation to ensure that appropriate cyber-risks are appropriately covered
    Referral of a forensic data specialist to review and identify technology weaknesses
    Referral of a PR firm to prepare or evaluate the crisis management plan
    Drafting and reviewing employee and vendor agreements
  • Cybersecurity Incident Response and Investigation
    Immediate (24/7) consultation through our legal team with a forensic data technology specialist to minimize the effects of an attack or breach
    Consultation with insurance attorneys regarding coverage and assistance with making an insurance claim
    Advice and assistance with engaging with law enforcement, if appropriate
    Advice and assistance with reporting to regulators and data protection authorities, if required
    As-needed referral to and engagement with a PR firm to manage messaging to clients and media
  • Post-Cybersecurity Incident Defense
    Post-loss economic recovery (Attacker, Employee/Contractor, Insurer, Counter-Party)
    Defense of government investigation/proceedings
    Data privacy and cybersecurity litigation
    Loss/damage mitigation
    Forensic data analysis
    Ongoing PR assistance
 

News

October 3, 2022
/ Alerts & Newsletters
What Do the Changes to the California Consumer Privacy Act Taking Effect on January 1, 2023 Mean for Health Care Providers?
September 14, 2022
/ Alerts & Newsletters
CCPA to Apply to Employment Data as of January 1, 2023
September 7, 2022
/ Alerts & Newsletters
The Third Circuit Weighs in on Whether Website Tracking Violates Pennsylvania’s Wiretap Act
August 29, 2022
/ Alerts & Newsletters
California Attorney General Reaches $1.2 Million Settlement With Sephora as Part of His Office’s Continued Enforcement of the California Consumer Privacy Act
August 23, 2022
/ News
Business Insider Quotes DePodesta on Next Moves for Twitter after Whistleblower Complaint
August 23, 2022
/ News
Law360 Quotes DePodesta on how Regulators will React to Twitter's Alleged Security Failure
August 11, 2022
/ Alerts & Newsletters
11 Additional Providers Resolve HHS OCR Investigations Related to the HIPAA Right of Access Initiative
August 5, 2022
/ News
Health Care Dive Quotes Armon on HIPAA Privacy Law to Protect Abortion Patients
View More News

Events

November 4, 2022 / Events
Kamaiko to Speak at the Privacy + Security Forum 2022
View More Events
Laurie Kamaiko to Speak at NetDiligence Cyber Risk Summit
View Past Events

Related Media

July 1, 2020
/ Video
Privacy and Cybersecurity: Risks While Working Remotely
May 27, 2020
/ Video
Key Legal Labor, Employment and Privacy Considerations for Businesses Reopening
May 24, 2017
/ Video
Cybersecurity in the Insurance Marketplace - Session 1
May 24, 2017
/ Video
Cybersecurity in the Insurance Marketplace - Session 2
April 4, 2017
/ Video
Cybersecurity in the Boardroom - Part 2
April 4, 2017
/ Video
Cybersecurity in the Boardroom - Part 1
December 1, 2021
/ Podcast Episode
Cybersecurity Threats Facing Food and Agribusiness Companies & the Preparation and Protection Safeguards to Help Mitigate Them
View More Related Media

Recognition

The group includes attorneys who have received the following recognition:

  • Certified Information Privacy Professionals

    Thirteen attorneys on our Cybersecurity and Privacy team are Certified Information Privacy Professionals in the U.S. private sector (CIPP/US). Developed by the International Association of Privacy Professionals, the credentialing program provides a global standard for privacy laws, regulations and frameworks, and is accredited by the American National Standards Institute under the International Organization for Standardization standard.

  • Benchmark Litigation: Under 40 Hot List

    Through a process of peer review and case examination, the Under 40 Hot List has been compiled over a process of many months to assemble a collection of young, up-and-coming attorneys.

Each of the foregoing accolades has its own selection criteria, none of which have been approved by the relevant state supreme courts.

Trade Groups & Associations
  • The International Association of Privacy Professionals (Bronze Level Member)

Contacts

Alexander R. Bilus
| View Full Bio
Evan J. Foster
| View Full Bio
Laurie A. Kamaiko
| View Full Bio

View All Related Professionals