Protecting information has become one of the most important—and most challenging—responsibilities an organization must face. Most countries, and many local jurisdictions, have enacted privacy and data protection laws and regulations to govern the creation, management, use, and transfer of information. These laws vary significantly across jurisdictions and industries, and they often impose inconsistent requirements. Despite these differences, the global trend is toward imposing stricter security requirements and increasingly severe penalties for violations. At the same time, technologies continue to change at an incredible pace, creating a digital reality that is often years ahead of legal considerations.
Redgrave helps clients address data privacy and cybersecurity challenges. Whether setting up new programs focused on emerging technologies, such as blockchain, or improving existing programs, we help our clients navigate overlapping and sometimes competing legal and technical requirements. We also work with clients to develop and execute protocols for privacy breach responses, and we provide counsel whenever situations impact data privacy and security issues.
We are uniquely positioned to help our clients navigate all manner of data privacy situations, great or small. Our professionals have deep knowledge of foreign and domestic privacy and data protection laws, and we can navigate the complexities involved in securing and transferring information across national boundaries. We also help clients create data privacy and security programs from scratch, assist multinational corporations to safely, securely, and lawfully move data around the globe, and advise clients in fine-tuning privacy notices or consent forms. These are among the services we provide:
- Advising clients in developing and implementing data privacy and security programs and policies
- Assisting in-house and merits counsel in managing the cross-border transfer of protected information in legal proceedings and investigations
- Working with M&A attorneys in conducting due diligence of acquired assets to ensure proper disposition of protected information and expose existing or potential security risks
- Helping clients prepare data breach protocols
- Advising clients who must navigate the aftermath of data breaches and incidents
Some of the ways Redgrave has helped our clients include:
- We advised a multinational healthcare company on cross-border transfers of personal information, adoption of CCPA program in the U.S., and data security notice requirements.
- We advised a Fortune 500 Company on GDPR requirements for processing and transfer of personal information and limitations on such transfers from non-GDPR foreign jurisdictions.
- We assisted a cloud-based service provider in revising data processing agreement to comply with GDPR.
- We counseled a client in analyzing a data security incident and meeting its legal obligations with respect to the event.
- We advised a multinational energy service company concerning the transfer of personal information from custodians located in multiple jurisdictions.
- We advised a client on cross-border transfers and compliance obligations under China’s Cybersecurity Law.
- We advised clients with respect to employee notices and other employment records under the CCPA and BIPA.
Not only has the Firm advised clients of all sizes and across many industries regarding data breach and security issues, but we also add tremendous value to matters because:
- Our legal and technical professionals understand the interconnectedness of legal and information governance objectives with data privacy and security needs.
- Our thought leadership includes working with best practices organizations, such as The Sedona Conference®, to define and publish best practices guidance for the international identification and transfer of data subject to legal proceedings and for conducting internal inquiries and cross-border investigations.
- Our professionals have invested significant time tracking the evolving scale of national and international laws addressing data privacy and security considerations.
- We have presented at numerous conferences and taught privacy courses to both federal and state judges as well as government officials and privacy practitioners.