GDPR Lawyers and Data Protection Law and Data Privacy Consulting

U.S. Data Protection Advice

With its patchwork of interlocking state and federal data protection regimes, compliance with United States data protection laws present a substantial challenge to compliance for U.S. and foreign companies. Curtis attorneys advise U.S. and international clients on compliance with these myriad regulations, including federal regulations such as HIPAA, CANSPAM, and COPPA as well as state laws such as the CCPA.

European Data Protection Advice from GDPR Lawyers

Europe’s data privacy regulation – the General Data Protection Regulation or GDPR – is designed to harmonize data privacy laws across Europe, to enhance and empower all EU citizens’ data privacy rights and to reshape the way organizations processing personal data approach data privacy from the outset. GDPR gives individuals control over their own data. Where a business holds any individual European Resident’s data, including private email address, cellphone, street address, or even I.P. addresses, GDPR confers on every relevant individual the right to know what information is held on them, and to have such data deleted if they choose. Crucially, GDPR has a global reach - even companies outside the EU must consider their possible obligations under the Regulation.

In today’s digital world, cybersecurity has never been more important. At the same time, data privacy and protection laws around the world are becoming increasingly complex, with the threat of imposing severe penalties for violations. Curtis’ Data Privacy and Cybersecurity Law group is well positioned to assist clients, ranging from corporations to government entities, mitigate cyber-risk and navigate the ever-evolving regulatory framework in this area.

Our cross-border team help clients comply with their data protection obligations worldwide, with a team that advises on both U.S. and European data protection regimes.

The Privacy and Cybersecurity Law group comprises attorneys with experience in legal and regulatory matters involving cybersecurity, data privacy, and information management issues. The group offers an array of services to clients, such as:

• Cybersecurity training seminars for employees on the current threats and best practices for protecting systems and data from a breach
  
• Assessment, development, and implementation of cybersecurity, data privacy, and document retention and destruction policies, as well as incident response plans for an event of breach
  
• Regulatory advice on meeting data protection requirements and disclosure obligations under local and foreign privacy laws, including the EU General Data Protection Regulation (GDPR)
  
• Strategic advice on incident response efforts, including how to effectively utilize legal process to identify and pursue those responsible for a breach
  
• Litigation under computer and data protection laws, including the Computer Fraud and Abuse Act (CFAA) and the Stored Communications Act (SCA)