Domestic Regulatory Compliance

The legal framework for data privacy, both domestically and abroad, is constantly evolving. Trying to stay on top of this shifting landscape involving changing technologies and legal requirements can be in a word – overwhelming. In the past year alone, state and federal regulatory changes have altered the legal and compliance obligations of many companies across a broad range of industries. Additionally, the courts have already begun to issue consequential opinions and decisions that have placed heightened liability on companies to protect sensitive personal data.

With growing concerns related to the use of data and an increasing role of data protection regulations, XPAN Law offers clients the guidance their business needs to navigate this range of domestic and international privacy regulations. We work closely with clients in areas of federal privacy regulations such as the Health Insurance Portability and Accountability Act (“HIPAA”) and the Children’s Online Privacy Protection Act (“COPPA”). In addition, we address the legal compliance needs of our clients related to state-specific privacy regulations, including the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), Nevada’s Internet Privacy Law, Colorado’s Privacy Act (“CPA”), Virginia’s Consumer Data Protection Act (“CDPA”), and the Illinois Biometric Information Privacy Act (“BIPA”).

XPAN Law guides clients in understanding the technological, administrative, and legal implications of data protection regulations while also taking into account the unique structural blueprint and needs of their business. Our team of attorneys work diligently across numerous industries and regions to help clients develop effective cross-border data management policies and practices.

Legal Services

  • Data Categorization/Data Mapping
  • Regulatory Impact Assessments
  • Data Privacy Liability Insurance Assessments
  • Draft Data Privacy/Security Provisions
  • Draft Master Service Agreements
  • Negotiate Contracts
  • Draft Data Processing Addendums and Amendments
  • Address Regulatory Compliance Implementation
  • Create Internal Data Privacy Programs
  • Draft Internal Compliance Documents
  • Create Vendor Management Programs
  • Regulatory Audits
  • Data Privacy Breach Response
  • Contract Disputes
  • Shareholder Disputes
  • Class Action Litigation
  • Consumer Fraud Litigation
  • Tabletop Exercises
  • Data Privacy Impact Assessments

Recent Articles