Regulatory Compliance and Defense

Overview

Companies across numerous industries face a maze of regulatory schemes regarding customer and patient privacy. We advise clients on how to develop and maintain privacy programs. In addition, we help clients assess privacy impacts and employ privacy by design to balance commercial and consumer interests and to craft transparent, accurate, and customer-friendly notices regarding data practices. Our experience encompasses:

  • HIPAA
  • PCI
  • The Children’s Online Privacy Protection Act
  • CDA Immunity and DMCA safe harbor
  • TCPA and CAN-SPAM compliance
  • MAP policies and gray market issues
  • FTC matters
  • FCRA
  • Self-Regulatory bodies (NAD, CARU, etc.)
  • California’s Song-Beverly Act

We counsel clients on how to reduce or eliminate risk by reviewing existing policies and procedures as well as vendor agreements that may pose privacy and security risks. We also work with the key personnel who have responsibility for privacy and security, including chief information and privacy officers, marketing team leaders, compliance officers, and in-house legal teams. We maintain strong relationships with state attorneys general and with other regulatory officials. This enables us to deal efficiently with investigatory inquiries, often resulting in positive dispositions, including the conclusion of investigations without any charges being brought against our clients.

Recognition

  • Recognized as one of the top law firms for client service, we were named to the 2018 BTI Client Service 30 for the fourth consecutive year.

News

Publications

Featured Video

Ted Kobus: Data Security Incidents: Regulatory Investigations
Play Video
BakerHostetler Partner and National Leader of the Privacy and Data Protection practice discusses what questions regulators ask following an incident, what their expectations are, and the future of these investigations.

Blog

In The Blogs

Previous Next
Data Privacy Monitor
The Weekly Privacy Rewind
December 10, 2018
California Consumer Protection Act Privacy Groups Urge California Lawmakers Not to Weaken California Consumer Privacy Act • A variety of privacy groups, including the Electronic Frontier Foundation, the Digital Privacy Alliance and the...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
December 5, 2018
GDPR European Regulators Fine Uber Over 2016 Data Breach • British and Dutch privacy regulators issued fines totaling approximately $1.2 million against ride-hailing company Uber over its 2016 data breach. • According to the U.K.’s...
Read More ->
Data Privacy Monitor
HHS OIG Launches Cybersecurity Webpage to Raise Awareness and Boost Cybersecurity Best Practices
By Alexandra Royal, Lynn Sessions
December 5, 2018
Healthcare data can be up to 10 times more valuable to cyber criminals than credit card numbers, according to a report from the Department of Health & Human Services’ (HHS) Office of the Inspector General (OIG). And, with...
Read More ->
Data Privacy Monitor
Cookies and Consent Under the EU GDPR
By David M. Brown
November 29, 2018
According to a recent story published by The Register, the U.K. data privacy watchdog, the Information Commissioner’s Office (ICO) has issued a warning to the U.S.-based newspaper The Washington Post (WaPo) about obtaining consent under...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
By Aaron R. Lancaster
November 26, 2018
Class Actions Pennsylvania Supreme Court Declares Employers Have Affirmative Duty to Protect Employee Personal Information • According to a recent opinion by the Pennsylvania Supreme Court, “an employer has a legal duty to exercise...
Read More ->