Every day, organizations collect information about employees, customers, potential customers and business partners. This data is subject to increasingly more stringent privacy requirements by federal and state law, and by contract. At the same time, many organizations believe that they have less control over the data they collect. We help identify information that must be protected and assist in developing the policies and procedures necessary to ensure confidentiality. When it comes to sharing that data with others, we can provide the agreements for continuous protection. Our attorneys keep corporations, health care providers and other organizations up to speed on the many state, federal and international laws that contain privacy provisions, including:
Visit our Cybersecurity and Privacy page to learn more
- Health Insurance Portability and Accountability Act (HIPAA)
- Fair Credit Reporting Act (FCRA)
- Gramm-Leach-Bliley Act (GLBA)
- Children’s Online Privacy Protection Act (COPPA)
- Family Educational Rights and Privacy Act (FERPA)
- The U.S.-EU Privacy Shield Framework and other laws that govern the transmission of private data across international borders
Data Breach Guidance and Response
Digital technology gives your organization the ability to collect and store large amounts of personally identifiable information and other private data, but it can also make you a target for hackers, data miners and government agencies that police data breaches. Our Data Solutions group has the experience and expertise necessary to help you develop and implement breach notification policies, lead you through a breach investigation and respond quickly to the theft or improper release of personal data. In addition, we can assist with insurance issues relating to breaches and help you evaluate existing or potential coverage for a breach event.
The key to an effective RIM policy is pinpointing precisely when a document or other piece of information changes from essential to obsolete. We understand the federal, state and global laws that govern record retention timelines and have more than a decade of experience proactively keeping our clients in compliance. Fortune 500 companies, hospitals, manufacturers, financial service providers and other businesses turn to us to create data management policies and schedules along with employee training, and we provide global records retention strategies. Whatever your need, we will create and implement a RIM policy that saves money, ensures compliance and reduces risks and costs whether or not litigation is an issue.
We provide your business with legal advice on what documents you need to keep and for how long. We also advise on when data and documents may be disposed of and defend these decisions in court if challenged. We are also committed to the development and application of predictive coding and other advanced technological solutions to maximize cost savings from enforcement of defensible retention policies, while minimizing disruption to business operations.
Litigation holds and preservation obligations are important components of litigation. While notification and acknowledgement are components of a legal hold, assuring that reasonable and defensible steps have been taken to preserve relevant information is the goal. Our litigation hold system provides web-based creation, management, tracking, reminders and detailed reporting to help you manage the litigation hold process.
Early Case Assessment
In light of the recent amendments to the Federal Rules of Civil Procedure, the initial stages of eDiscovery will increasingly provide opportunities for early case assessment that can result in a lean, targeted and defensible discovery plan. Our team has extensive experience investigating organizational datasets, identifying potentially relevant data sources and designing the best plan to meet each client’s need.
Working with your IT department, we can conduct forensically sound and non-disruptive targeted collections for e-discovery projects from a variety of data sources, including employees’ mobile devices. We then conduct early data analysis to perform an initial cull of the data, so that only potentially relevant information is processed for review using our in-house software tools. We also host the data in-house, eliminating the need to navigate and negotiate with eDiscovery vendors. To learn more about our collection, processing and hosting services, click on our eDiscovery
For applicable eDiscovery document collections, we employ a variety of data analytic tools to identify relationships and narrow review populations. Our team has experience with several solutions available through Relativity Analytics and Assisted Review, including complex searching and filtering, clustering, email threading, near-duplicate identification and predictive coding. To learn more about our data analytics services, click on our eDiscovery
We deal with document review and production for complex eDiscovery projects on a daily basis and handle projects of all types and sizes – including those consisting of millions of documents, highly sensitive issues and tight deadlines. For each project, we conduct an assessment and develop tailored review plans with appropriate and cost-effective staffing designed to meet project goals and deadlines. We implement protocols, quality control processes and maintain open lines of communication to ensure quality and consistency throughout each project.
We staff review projects with attorneys that have the requisite experience and expertise to address the issues involved, including resolving difficult issues regarding privilege and confidentiality protections. We maintain a state-of-the-art 4,500 square foot Discovery Center with dedicated licensed staff attorneys and eDiscovery specialists, allowing us to keep billing rates lower than most firms while utilizing best-in-class technology.
Our team employs several attorney project managers with decades of combined project management experience. We will conduct an early case assessment, develop data preservation plans and budgets, leverage data analytics, perform project training and supervision and provide comprehensive reporting on project metrics. To learn more about our project management and reporting services, click on our eDiscovery
When faced with complex or multi-state litigation involving several lead trial counsel in different jurisdictions, we have the experience and structure to provide discovery coordination that meets clients’ needs. To address these unique demands, we develop repeatable, cost-effective and defensible processes for timely and accurate discovery compliance throughout the United States. Also, as issues and discovery often overlap from one case to the next, the institutional knowledge developed as coordination counsel allows us to locate and produce relevant discovery with consistency and lower cost. To learn more about our discovery coordination counsel, click on our eDiscovery
A fixed budget can be provided for almost all of the services we provide. For example, for most projects, we are able to offer a fixed annual fee per custodian to preserve, identify, collect, process, host, analyze, review and produce relevant discovery data. Learn more about budgets by clicking on our eDiscovery
Employee Education and Training
Employee education and training are crucial to controlling records management, discovery and data privacy security risks and costs. We’ll help develop policies governing electronic retention and disposition, employee technology and electronic communication, Internet and social media, data privacy and security and formalized legal hold procedures.
We understand that the best policies and procedures are worthless unless employees understand and execute them properly. As a consequence, we’ll work with your human resources, IT and legal departments to develop tailored employee education and training.
Compliance Audits and Risk Assessments
Data life-cycle management encompasses the policies, processes, practices, services and tools used by an organization to manage data through every phase of its existence—from creation to destruction. Often those policies and practices are developed by different groups within an organization and, as a consequence, may be incomplete and/or inconsistent, resulting in unnecessary legal risks. We have substantial experience in performing compliance audits and risk assessments and we’ll provide you with recommendations to update and improve your policies and practices.