Practice Group

Cyber Security, Data Breach and Privacy Attorneys

KJK’s Cybersecurity, Data Breach & Privacy attorneys assist in identifying and addressing information privacy and security risks and help ensure you are ready to respond when a breach occurs. We help our clients navigate the legal, regulatory, liability and policy issues associated with data security laws, data privacy laws, information sharing and assurance, computer forensics and internal investigations, and data breach management.

Data Privacy Guidance & Cyber Security Legal Services

Cybersecurity and Internet Privacy Guidance

Technology Counsel
Data Breach Response Plans & Litigation
Document Retention Policies and Procedures
SOC, HITRUST and Other Certification Guidance

Privacy Compliance Attorneys

GDPR & CCPA Compliance
GLBA, FTC & PCI Compliance
HIPAA & HITECH Compliance

Manage Your Risks

Helping Clients Navigate the complexities of Cyber Security

As data security incidents grow in frequency and severity, regulators around the world are implementing changes to laws or regulations. As a result, your data security obligations are evolving and changing constantly.

KJK’s cyber security attorneys are experienced in helping clients navigate the complexities of managing their cyber security and data privacy risks. Our team assists in responding to data security breaches, providing cybersecurity incident response planning and preparing document retention policies.

We also help clients negotiate data sharing and data access agreements, internal and external privacy policies, and highlight data security issues in insurance policies.

Our Philosophy:

Cyber Security as a Company Culture.

We believe that data privacy must be built into the DNA of each of our clients. Our Cybersecurity, Data Breach & Privacy attorneys can assist clients in compliance with (and investigations related to) various data privacy laws and regulations, including reviewing contracts with third parties to ensure that they are in compliance with privacy regulations. This includes FTC privacy regulations, the “privacy by design” framework, FDA medical device privacy requirements and specific international and domestic data privacy regulations that control the collection, use, processing and transmission of certain kinds of data.

Data Privacy Laws & Regulations:

Act as external “Data Protection Officer” for companies
CCPA
Children’s Online Privacy Protection Act (COPPA)
Create and review privacy policies and contractual privacy protection provisions
Electronic Communications Privacy Act (ECPA)

GDPR
Minnesota Government Data Practices Act (Minn. Stat. § 13)
New York Consumer Privacy Act (NYPA)
“Privacy by Design” review
Privacy litigation and enforcement actions

Our Data Privacy Services

Contract Review
New Product/Service Compliance Review
Privacy Policy Development and Review
External CPO Services

Service:

Cyber Security Insurance Audits

A complete understanding of a company’s insurance program is key to maximizing protection against cyber risk. Our team will review your current policies of insurance and determine whether and to what extent you may need additional coverage.

Learn More

Service:

Information Security & Privacy Compliance Attorneys

KJK’s Cybersecurity, Data Breach & Privacy attorneys can review contracts, agreements, policies and procedures, as well as software, hardware and medical devices (with appropriate partners) to determine whether a client is in compliance with appropriate laws and regulations, including those outlined below. Additionally, we advise clients on developments in the law regarding data security requirements.

Our Data Privacy Attorneys Give Guidance on the Following Information Security Laws:

Cyber-insurance (data breach, e-commerce, fund transfer, insider fraud) review
FDA Part 11 data security and electronic records requirements
FERPA – Educational Records Privacy
FFIEC Guidelines (banks and similar financial industry security regulations)
FTC Act, Section 5 data privacy and data security requirements
Gramm-Leach-Bliley Act (financial services industry)
Health Insurance Portability and Accountability Act (HIPAA) and HITCEH medical information privacy and security laws and regulations
Standards for The Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00)

Mergers & Acquisitions (M&A) contingent liability
National Institutes of Standards Information Security Guidelines (NIST)
NERC/FERC – Energy Regulations
New York 23 NYCRR 500 (NY Banking regulations on cybersecurity)
Payment Card Industry Digital Security Standards (PCI-DSS)
SEC Cybersecurity Guidance compliance for publicly traded companies
Third party contract review
UCC 4A (reasonable security for funds transfer)

Cyber Security & Data Breach

Read Our Blog

The Columbus City Hall Cyber Attack: Key Takeaways

This past July, the City of Columbus, Ohio experienced a significant data breach. Hackers were able to breach Columbus’ network and gained access to private information of city employees and residents. Initially, the City stated that it had thwarted a ransomware...

Is Your Internet Bill About to Skyrocket While Your Service Gets Worse?

The Sixth Circuit's January 2, 2025, decision in Ohio Telecom Association et al. v. Federal Communications Commission et al. may reshape the future of the Internet, delivering a significant blow to the concept of net neutrality and altering the regulatory landscape...

2024 TikTok Roundup: Controversies, Bans, and What’s Next

If you’re one of the over 170 million TikTok users in the United States, you’ve probably seen TikTok as a regular in the news. TikTok, a highly popular social media platform operated by the Chinese technology company ByteDance, Inc., enables users to create, watch,...