Data Security and Privacy

Overview

Companies now recognize the immense opportunities—and responsibilities—of data in today’s always-connected world. We partner with you in maintaining the trust of customers, investors and business partners.

Each year, there are more than 1.5 million cyber-attacks on U.S. businesses. Increasingly, these attacks target small and medium-sized businesses, without regard to industry. Perhaps more importantly, everyday access to data can result in losses even without an attack: devices can be lost or stolen, for example; or employees can send an email to the wrong audience. Every data incident has the potential to become a legal matter and can result in financial losses, litigation and erosion of investor and customer confidence. We advise clients on compliance with government regulations, internal assessment and planning, and response to incidents and litigation.

In addition to securing their data, American businesses of all sizes must increasingly focus on data privacy issues. New rules in the US and elsewhere are changing the way we think about data: whose it is and what rights a business has to it. Access to valuable data – your own, your employees’, and your customers’ -- means that compliance with federal and state privacy laws is becoming increasingly complex. Non-compliance can create significant exposure. We provide industry- specific guidance in health care, financial services, consumer marketing, telecommunications and other segments. We also counsel on use of online and "cloud-based" networking capabilities and the specific risks and opportunities they can present.

Most companies benefit from a cross-functional team, including legal counsel, IT professionals and the C-suite executives, that addresses risk management and best practices in order to limit exposure. Our breadth of experience is the perfect complement to your internal cross-functional team. Likewise, we have assembled a multi-disciplinary team of attorneys who work with clients to manage risks in advance of any problems, and respond quickly if an incident occurs.

Experience

CCPA
Advise on CCPA readiness and draft appropriate policies.
Data processing arrangements
DPAs and other data processing arrangements for retailers, service providers, B2B information technology companies, staffing companies, and other sectors.
Privacy and security commitments
Evaluation of privacy and security commitments in diligence and sale of privately-held enterprises.
GDPR
Assess GDPR readiness and provide ongoing counsel.
IoT/Smart device launch
Advise global appliance manufacturer on IoT/smart device launch.
Data collection, processing, and transmission
Advised global manufacturer and service provider on data collection, processing, and transmission regarding Chinese and other international operations.
Breach of credit card information
Respond to breaches of client credit card information in multiple states; research state requirements and interface as required with state law enforcement officials or others.
Privacy Policy
Creation and review of privacy policies and procedures for media, healthcare, and other clients.
Disposition of patient records
Advise and counsel on sale of health care practices including disposition/transition of patient records and other clinic documentation.
Document retention policy
Consult on creation and implementation of corporate document retention policies and procedures, including electronic storage and records management.
Release of Employee Banking Information
We immediately collected information in response to client’s identification of release of employee data by contractor. We researched relevant state laws and advised the client regarding an appropriate external and internal response. The response was successful, and no disputes or suits resulted from this incident.
Business associate agreements
Advise covered entities on business associate agreements to manage risk.
Data disposal following sale of healthcare practices
Advice on data disposal following sale/wind-down of healthcare practices
Board of National Industry ISAC
Counsel to Board of National Industry-Specific Information Sharing and Analysis Center.
Retail and consumer credit card security and fraud
Represent various retail clients regarding PCI compliance, credit card fraud and loss, and fraudulent e-commerce orders.
Data breach response
Coordinate response to loss of protectable or sensitive data in electronic form, including personal credit information, vendor account credentials and customer payment authorizations.
Consumer law statutes advice
Advised companies regarding compliance with the Fair Debt Collection Practices Act (FDCPA), Telephone Consumer Protection Act (TCPA), Georgia Fair Business Practices Act (FBPA) and Florida Consumer Collection Practices Act (FCCPA).

Newsroom

Headlines

What Construction Attys Must Know About Drones, Law360
February 12, 2019
Congratulations To Cobb Attorney On Election To National Post, Marietta Daily Journal
January 2, 2019
Harry Dixon Selected As a Fellow of the American Bar Foundation, Daily Report and the Metro Atlanta CEO
December 10, 2018
Who's Hacking Me? Aware Force
October 10, 2018
When Kid’s Toys Are Listening, the FTC is Watching, IPWatchdog
IPWatchdog, February 21, 2018
Planning for Cyber Information Security in 2018 in the Wake of Equifax, Daily Report
December 28, 2017
"Could Trump Really Shut Down NBC?," The Vice
October 11, 2017
"On Driving Small Business Growth," Recalculating Radio
April 6, 2017
"Staying Connected Can Also Be Bad for Business," Atlanta Business Chronicle
January 20, 2017
"Security Firms Say Windows 10 Behavior is Anti-Competitive," SecurityWeek
November 16, 2016
"Worrying About the IRS's 'Future State,'" Accounting Today
July 20, 2016
"Class Notes," UF Law Magazine
June 17, 2016
"The Privacy Issues You Should (And Shouldn’t) Worry About with BYOD," Fast Company
January 27, 2016
"Tech Industry Risk Assessment," eBook
September 18, 2015
"FCC Action On TCPA Protections Will Dial Up More Lawsuits," Law360
June 9, 2015
WSB-TV Channel 2 Interview with Mitzi Hill on Cyber Ransom Attacks and Hackers Targeting Home Computers
February 12, 2015
"Labor & Employment Digest: January 2015," InsideCounsel
December 29, 2014
"Hotel Industry Takes a Closer Look at Cyber Security Insurance," Hotel Business
May 31, 2014
Sean Smith quoted in Healthcare Finance News
March 19, 2013

News Releases

Taylor English’s Harry Dixon Elected as a Fellow of the American Bar Foundation and as a Member of the YLD Leadership Academy Class of 2019
December 3, 2018

Publications

Strategies for Risk Mitigation in Production and Distribution of IoT Devices, Corporate Counsel
March 19, 2019
Products Liability and the Evolving Internet of Things, Corporate Counsel
March 18, 2019
Supply Chain Software Poses Security Risks, TechTarget
January 24, 2019
Why Preserving Electronically Stored Information Matters, Construction Executive
January 22, 2019
Privacy Is (Now) Your Business, Corporate Compliance Insights
November 27, 2018
12 Steps to Reveal and Reduce Cyber-Breach Risk, Corporate Compliance Insights
November 12, 2018
Theft Prevention: Information Security When Employees Leave, VAR Insights, MSP Insights and Software Business Growth
September 5, 2018
Cyber for Growth: How Security Planning Is Good for the Bottom Line
Daily Report, July 9, 2018
Best Practices for Protecting Trade Secrets, Today's General Counsel
December 29, 2017
"Cybersecurity Vendor Management Has Role in Risk Reduction," Daily Report
July 10, 2017
"Maintaining Individual Liability in AML and Cybersecurity at New York's Financial Institutions," Penn State Journal of Law & International Affairs
April 2017
"Employee-Developed Apps: Employer Rights and Liabilities," InsideCounsel
July 19, 2016
"Safeguarding IT and Communications Systems: Or How to Stop Worrying and Love Being Big Bro," InsideCounsel
June 20, 2016
"Don't Fear BYOD. Here's How to Cope," InsideCounsel
April 20, 2016
"What Every GC Needs to Know About Mobile Apps," Law360
February 1, 2016
"Companies Target Each Other in Data Breach Disputes," Business Insurance
April 27, 2015
"Data Security and Privacy Best Practices," Lodging Magazine
October 21, 2014
"Data Protection and Loss in the United States," Criminal Law & Justice Weekly
October 21, 2014
"Protecting Consumer Privacy in an Era of Rapid Change," December 9, 2010

Alerts

Hacking Scheme Affects More Than 15 Million Customers From the Restaurant, Gaming, and Hospitality Industries
August 8, 2018
Demystifying the Rules Surrounding GDPR and Your Business
By: Mitzi L. Hill
June 7, 2018
European Union High Court Strikes Down Data Privacy Safe Harbor
October 6, 2015
Your Computer and Privacy Policies and the Heartbleed Internet Security Bug
April 16, 2014

Events

Cyber Security Enterprise Planning
Taylor English Duma LLP | 1600 Parkwood Circle, Suite 200, Atlanta, GA 30339, February 27, 2018
Cyber Security Planning in the Wake of Equifax
Taylor English Duma LLP | 1600 Parkway Circle, Suite 200, Atlanta, GA 30339, November 8, 2017

Speaking Engagements

Advanced Mergers and Acquisitions: Veteran Attorney Tips for Strategizing, Negotiating and Executing M&As, National Business Institute
March 4, 2019
The 7th Edition Young CEOS Business Summit, YCBS Atlanta
Georgia State University Law Knowles Conference Center, April 24 – 28, 2018
"Cyber For Growth: Plan Your Cyber Security. Protect Your Company. Secure Your Growth," 2018 ACC Value Challenge
April 10, 2018
"How Corporate Culture Can Support Enterprise Risk Management," 2018 ACC Value Challenge
April 10, 2018
Cybersecurity and the Law, Help Me With HIPAA
March 30, 2018
The Importance of Cyber Security, CONNECT with Titania Jordan
February 24, 2018
Contract Litigation
Institute of Continuing Legal Education
November 17, 2017
"Best Business Practices in Corporate Cyber Security," Georgia Society of CPAs, 2017 Decision Makers Conference
Atlanta, Ga., April 20, 2017
"Cyber Issues for Businesses," Recalculating Radio AM 810
March 21, 2017
"The Dark Web: What it Means to You and Your Company," 2017 Atlanta RIMS Educational Conference
Atlanta, Ga., February 9, 2017
"Preventing Inadvertent Email Contracts: Best Practices for Your Clients," Webinar, National Constitution Center
October 6, 2016
"Privacy v Security Debate," EC-Council Foundation, 2016 Global CISO Forum
Atlanta, Ga., September 15, 2016
"Ethical and Privacy Considerations for Contemporary Technology," eDiscovery and Use of Technology CLE
Atlanta, Ga., October 29, 2015
Information Systems Security Association CISO Forum, Infosec and Legal Collaboration
January 29, 2015
"Data Security," Financial Service Professionals Atlanta Symposium
October 30, 2014
"Don’t Let Your Corporate Reputation Get Hacked (Apart)," Global CISO Forum
October 16, 2014

Videos

Blogs

Emerging Markets Law

IoT Product Liability Risks / Medtronic Defibrillators Vulnerable to Hacking
Jonathan B. Wilson
Profiting from Privacy
Mitzi L. Hill
New California Privacy Laws: U.S. Meets GDPR-Like Consumer Rights
Mitzi L. Hill
Vendor Management and Cyber Planning: Why Equifax Shows “What Not to Do”
Mitzi L. Hill
Cyber Insurance: A Common Exclusion Tested in Court
Mitzi L. Hill
Demystifying the Rules Surrounding GDPR and Your Business
Mitzi L. Hill
How New EU Data Privacy Rules May Apply to Your U.S. Business
Mitzi L. Hill
Five Lessons from Equifax
Mitzi L. Hill
View More

Data Security and Privacy

Overview

Experience

Experience

Newsroom

Headlines

News Releases

Publications

Alerts

Events

Speaking Engagements

Videos

Blogs

Emerging Markets Law

Areas Of Focus

Related Services

Attorneys