Services Data Privacy & Cybersecurity

Constant innovation and a patchwork of frequently changing laws and regulations create a complex privacy law landscape. Our attorneys keep pace with these developments and bring their deep experience with their tailored, business-oriented advice to their clients.

Kean Miller’s data privacy and cybersecurity attorneys provide experienced, practical advice to global, national, regional, and local businesses of all sizes in various industries on privacy and data management issues. Our team members include a Privacy Law Specialist, as designated by the International Association of Privacy Professionals and Texas Bar Association and ANSI-accredited Certified Information Privacy Professionals for the U.S. Private Sector (CIPP/US).

Our attorneys are experienced with coordinating forensic investigations of security incidents, advising clients on legislative, regulatory, and policy-based data management evaluations, regulatory compliance initiatives, and representation of clients who have experienced a breach in litigation and in responding to regulator inquiries. Our clients include international corporations, technology vendors, business to business and direct to consumer product vendors, insurance, energy, healthcare, and consumer services.

Clients look to our team to help make sense of the complex web of data privacy and protection laws and for grounded, actionable advice on meeting legal obligations and corporate goals that align with the client’s business operations, current technology and resources, and risk tolerance. Our compliance experience includes: CAN-SPAM, CCPA and CPRA, COPPA, CFAA, GDPR, GLBA, FCRA, FERPA, HIPAA, LGPD, NY SHIELD Act, TCPA, TDPSA, and other state-based data laws.

All firm clients in today’s age hold data, so our privacy team also works collaboratively with our other practice areas to support their work. Our privacy attorneys often consult with our labor and employment team concerning employee privacy and data collection matters, our mergers and acquisitions team to assess data liabilities, our IP team when evaluating misappropriation of trade secrets, and many more.

Representative Experience

  • Representation of numerous clients in responding to large data incidents impacting individuals across all U.S. states and territories and internationally comprising incidents caused by ransomware, phishing, business email compromise, social engineering, and other threats.
  • Representation of healthcare providers and HIPAA business associates with security incident response, breach analysis, and mandatory reporting obligations.
  • Representation of health care provider in defending mass action brought by persons impacted by a ransomware incident.
  • Software contract license and implementation negotiations on behalf of Fortune 500 company with specific focus on IP protection and data security compliance.
  • Preparation and maintenance of website privacy policies, cookie policies, terms of use, and other online terms for clients of all sizes and data usage practices subject to varying regulatory obligations, including startups, Fortune 500, and data brokers.
  • Assisting clients with preparing and implementing internal security policies and practices, such as data impact assessments, security frameworks, cross-border data transfer materials, document retention policies, business associate agreements, BYOD policies, social media policies, and trade secret handling policies.
  • Responding to demands for statutory damages for alleged TCPA violations and personal data misuse.
  • Evaluating cyber insurance policy coverage and litigation of complex insurance coverage claims.