Data Privacy

Proactive

The legal framework for data privacy, both domestically and abroad, is constantly evolving. Trying to stay on top of this shifting landscape involving changing technologies and legal requirements can be in a word – overwhelming. In the past year alone, state and federal regulatory changes have altered the legal and compliance obligations of many companies across a broad range of industries. Additionally, the courts have already begun to issue consequential opinions and decisions that have placed heightened liability on companies to protect sensitive personal data.

With growing concerns related to the use of data and an increasing role of data protection regulations, XPAN Law offers clients the guidance their business needs to navigate this range of domestic and international privacy regulations. Internationally, XPAN Law works with clients in the area of privacy compliance for the European Union General Data Protection Regulation (“GDPR”). Our attorneys are highly conversant in other regional privacy regulations, including China, Japan, Australia, and Canada.

Domestically, XPAN Law works closely with clients in areas of national privacy regulations such as HIPAA and COPPA, as well as state-specific privacy regulations that include the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (“CPRA”), and Nevada’s Internet Privacy Law.

We guide clients in understanding the technological, administrative, and legal implications of data protection regulations while also taking into account the unique blueprint and needs of their business. Our team works diligently across numerous industries and regions to help clients develop effective cross-border data management policies and practices.

Privacy Litigation

As each state develops laws to address consumer privacy, the collection, storage, use, and sharing/disclosure of personal data triggers a host of legal obligations for organizations. Couple that with the fact that these laws can be enforced by aggressive plaintiffs’ lawyers and government agencies and it becomes clear why companies need a trusted, experienced legal advisor that they can rely on to comprehensively address any privacy or security issue.

XPAN Law attorneys have experience handling security and privacy data breaches to address both domestic and international laws. We lean on our years of legal experience and understanding of those legal obligations together with our technical know-how to provide our clients with trusted guidance. XPAN attorneys handle complex litigation matters and governmental investigations that arise out of large, multi-layered data breaches. In addition, we can address complex class action matters and governmental investigations by the Office for Civil Rights (OCR), the United States Federal Trade Commission (FTC), the Federal Communications Commission (FCC), the European Union Data Protection Authorities, and by state attorneys general. Likewise, XPAN Law prepares and advises clients in contract disputes with vendors and business partners that sometimes can arise from data breaches.

XPAN Law assists clients in every industry, regardless of company size, to analyze and properly respond to privacy issues. We take pride not only in our responsiveness but also in being keenly aware of corresponding legal obligations and potential liabilities that surface under specific circumstances particular to that client or industry. We use our global knowledge and experience to address issues involving the European Union’s General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), and the Health Insurance Portability and Accountability Act (“HIPAA”), along with other federal and state regulatory schemes that include reporting requirements.

To the organizations we represent, XPAN Law is more than just a law firm. We are both trusted advisors and relentless legal advocates ready to assist a company’s board of directives or decision-makers with any cyber or privacy issue they come across. While we stress being proactive, our firm’s knowledge and strategic focus on data privacy, along with our skilled preparation and readiness, affords our clients a clear advantage in having experienced counsel that has the ability to immediately react to a data breach and respond thereafter to any consequential legal ramifications with guided practical solutions unique to your business blueprint in mind.

Legal Services

  • Data Categorization/Data Mapping
  • Regulatory Impact Assessments
  • Data PrivacyLiability Insurance Assessments
  • Draft Data Privacy/Security Provisions
  • Draft Master Service Agreements
  • Negotiate Contracts
  • Draft Data Processing Addendums and Amendments
  • Address Regulatory Compliance Implementation
  • Create Internal Data Privacy Programs
  • Draft Internal Compliance Documents
  • Create Vendor Management Programs
  • Regulatory Audits
  • Data Privacy Breach Response
  • Contract Disputes
  • Shareholder Disputes
  • Class Action Litigation
  • Consumer Fraud Litigation

Regulations, Laws,and Statutes

  • Health Insurance Portability and Accountability Act (“HIPAA”)
  • California Consumer Privacy Act (“CCPA”)
  • California Privacy Rights Act (“CPRA”)
  • General Data Protection Regulation (“GDPR”)
  • Nevada’s Internet Privacy Law
  • New York SHIELD Act
  • New York Department of Financial Services Cybersecurity Regulation 500
  • Telephone Consumer Protection Act (“TCPA”)
  • State Data Breach Notification Laws

Recent Articles

Menu