Data Security and Privacy
- Services
- Data Security and Privacy

Overview
Companies now recognize the immense opportunities—and responsibilities—of data in today’s always-connected world. We partner with you in maintaining the trust of customers, investors and business partners.
Each year, there are more than 1.5 million cyber-attacks on U.S. businesses. Increasingly, these attacks target small and medium-sized businesses, without regard to industry. Perhaps more importantly, everyday access to data can result in losses even without an attack: devices can be lost or stolen, for example; or employees can send an email to the wrong audience. Every data incident has the potential to become a legal matter and can result in financial losses, litigation and erosion of investor and customer confidence. We advise clients on compliance with government regulations, internal assessment and planning, and response to incidents and litigation.
In addition to securing their data, American businesses of all sizes must increasingly focus on data privacy issues. New rules in the US and elsewhere are changing the way we think about data: whose it is and what rights a business has to it. Access to valuable data—your own, your employees’, and your customers’—means that compliance with federal and state privacy laws is becoming increasingly complex. Non-compliance can create significant exposure. We provide industry-specific guidance in health care, financial services, consumer marketing, telecommunications and other segments. We also counsel on use of online and "cloud-based" networking capabilities and the specific risks and opportunities they can present.
Most companies benefit from a cross-functional team, including legal counsel, IT professionals and C-suite executives, that addresses risk management and best practices in order to limit exposure. Our breadth of experience is the perfect complement to your internal cross-functional team. Likewise, we have assembled a multi-disciplinary team of attorneys who work with clients to manage risks in advance of any problems, and respond quickly if an incident occurs.
Experience
Experience
Advise on legal risks associated with penetration testing, gap assessment, and information governance audits and assessments, both internal and third-party.
Oversee all elements of response to a data incident, including coordination with forensic investigators, law enforcement, communications, and insurance provider.
Advise on CCPA readiness and draft appropriate policies.
DPAs and other data processing arrangements for retailers, service providers, B2B information technology companies, staffing companies, and other sectors.
Evaluation of privacy and security commitments in diligence and sale of privately-held enterprises.
Assess GDPR readiness and provide ongoing counsel.
Advise global appliance manufacturer on IoT/smart device launch.
Advise on data collection, processing, and transmission regarding domestic and international operations, including use and sharing of employee data, consumer data, and business partner data gathered via “smart” devices, in connection with marketing efforts, and through service provider relationships. Advise on creation and use of aggregated, anonymized, and deidentified data.
Respond to breaches of client credit card information in multiple states; research state requirements and interface as required with state law enforcement officials or others.
Creation and review of privacy policies and procedures for media, healthcare, retail, service, and other clients in conjunction with findings from security audits and pursuant to emerging regulations such as the CCPA.
Advise and counsel on protection of PHI and other personal patient information in connection with sale of practice, disposition of records, distribution of consumer and commercial healthcare apps and devices, and in daily operations under the CCPA. Oversee response to healthcare technology data breaches.
Consult on creation and implementation of corporate document retention policies and procedures, including electronic storage and records management.
We immediately collected information in response to client’s identification of release of employee data by contractor. We researched relevant state laws and advised the client regarding an appropriate external and internal response. The response was successful, and no disputes or suits resulted from this incident.
Advise covered entities on business associate agreements to manage risk.
Advice on data disposal following sale/wind-down of healthcare practices
Privacy, Cyber, and General Counsel to the Board of a National Industry-Specific Information Sharing and Analysis Center.
Represent various retail clients regarding PCI compliance, credit card fraud and loss, and fraudulent e-commerce orders.
Coordinate response to loss of protectable or sensitive data in electronic form, including personal credit information, vendor account credentials and customer payment authorizations.
Advised companies regarding compliance with the Fair Debt Collection Practices Act (FDCPA), Telephone Consumer Protection Act (TCPA), Georgia Fair Business Practices Act (FBPA) and Florida Consumer Collection Practices Act (FCCPA).
Newsroom
Headlines
- July 3, 2020
- September 6, 2019
- February 12, 2019
- January 2, 2019
- December 10, 2018
- October 10, 2018
- IPWatchdog, February 21, 2018
- December 28, 2017
- October 11, 2017
- April 6, 2017
- January 20, 2017
- November 16, 2016
- June 17, 2016
- January 27, 2016
- September 18, 2015
- June 9, 2015
- February 12, 2015
- December 29, 2014
- May 31, 2014
- March 19, 2013
News Releases
Publications
- September 5, 2019
- March 19, 2019
- March 18, 2019
- January 24, 2019
- January 22, 2019
- November 27, 2018
- November 12, 2018
- September 5, 2018
- Daily Report, July 9, 2018
- December 29, 2017
- July 10, 2017
- April 2017
- July 19, 2016
- June 20, 2016
- April 20, 2016
- February 1, 2016
- April 27, 2015
- October 21, 2014
- October 21, 2014
Alerts
- November 4, 2019
- August 8, 2018
- By: Mitzi L. HillJune 7, 2018
- October 6, 2015
- April 16, 2014
Events
- Taylor English Duma LLP | 1600 Parkwood Circle, Suite 200, Atlanta, GA 30339, February 27, 2018
- Taylor English Duma LLP | 1600 Parkway Circle, Suite 200, Atlanta, GA 30339, November 8, 2017
Speaking Engagements
- April 15, 2021
- July 28, 2020
- April 28, 2020
- January 28, 2020
- December 23, 2019
- August 15, 2019
- March 4, 2019
- Georgia State University Law Knowles Conference Center, April 24 – 28, 2018
- April 10, 2018
- April 10, 2018
- March 30, 2018
- February 24, 2018
- Institute of Continuing Legal EducationNovember 17, 2017
- Untangling Data Ownership, Provenance, and Privacy, 2017 Data Intelligence ConferenceMcLean, Virginia, June 23, 2017
- Ethics of Artificial Intelligence and Paying Ransoms to Hackers, Cyber Talk RadioSan Antonio, Texas, May 27, 2017
- Atlanta, Ga., April 20, 2017
- March 21, 2017
- Atlanta, Ga., February 9, 2017
- October 6, 2016
- Atlanta, Ga., September 15, 2016
- Atlanta, Ga., October 29, 2015
- January 29, 2015
- October 30, 2014
- October 16, 2014
Videos
Your way is how litigation partner Alison Ballard describes the Taylor English culture. With a unique model to fit attorneys at any stage, Alison shares her practice growth in data privacy thanks to the firm's flexible structure.