Cybertheft, cyberextortion, mobile device loss, misappropriation of confidential business information, unauthorized disclosures of protected information ... it’s a dangerous world for your organization’s data. And not only large organizations are at risk. Increasingly, hackers are targeting mid-sized organizations, often as service provider gateways to their business partners’ critical business data and customer and employee information.
The data security regulatory environment is layered and complicated, with requirements for security programs and incident response under a host of laws and standards, including the Gramm-Leach-Bliley Act, FCRA/FACTA, FERPA, HIPAA/HITECH, state information security and breach notification laws, FTC enforcement precedents, the PCI Data Security Standards, and ISO 27002, among others. Husch Blackwell's Data Security group has supported clients across a wide range of industries. Whatever your industry or business, our attorneys and professionals can help with data security compliance and risk management, breach incident response and mitigation of future risk.
Compliance and Risk Management
An information security program is more than a compliance requirement. Assessing risk and establishing effective, measurable security controls are essential elements for protecting your information assets. We work with you to:
Breach Incident Response
When your protected information is compromised or lost, our response teams move quickly to help you determine your legal responsibilities and next steps. We can guide you through the requirements and options for compliant incident response:
Mitigating Future Risk
For some, a security incident is a wake-up call. Existing plans and procedures will need to be revisited, and steps will need to be taken to lessen the likelihood of subsequent incidents. We can help you: