Stoel Rives - Global Privacy & Security Blog®

Contact
Share
Info
Firm Profile: Stoel Rives LLP
760 SW Ninth Avenue
Suite 3000
Portland, Oregon 97205, United States
Phone: (503) 224-3380
Fax: (503) 220-2480
Areas Of Practice
  • International Law & Trade
  • Privacy
Locations
Other U.S. Locations
  • Alaska
  • California
  • D.C.
  • Idaho
  • Minnesota
  • Oregon
  • Utah
  • Washington

Practice/Organization Description

A breach or release of customer data can be a powerful hit to your budget, reputation and repeat business. Hackers are increasingly prolific, smart technology has us interconnected and networked, and businesses maintain ever-growing databases of confidential information. Every industry is vulnerable to internal and external threats, placing risk management, personnel training, due diligence and policy development high on the priority list for protecting your business.

Effective data privacy and protection solutions should be tailored to the industry your business serves. Whether you’re a health care provider, retailer, defense contractor or financial institution, you have specific needs for policy development, personnel training, forensic audits, breach response, customer notification, insurance coverage and transactional due diligence. Employers and sponsors of employee benefit plans also have data at risk. Our cross-industry team includes attorneys certified by the International Association of Privacy Professionals who help you put in place systems and processes to protect your business data and prevent unintended releases.

We advise on

HIPAA

Breach notification and incident response

Cyber risk insurance coverage

Advice on model contract clauses to indemnify and hold harmless

Employee training on personally identifiable information best practices and policies

Corporate advice regarding enterprise-wide privacy policies and plans

Vendor privacy policy review

European Union Data Protection Directive and General Data Protection Regulation (GDPR) Attestations

EU- US Privacy Shield Assessment and Certification

CAN-SPAM, UK Data Protection Act, Privacy Act Canada, PIPEDA, and other country-specific regulations

Prevention and Risk Management

The most effective way to protect your data and your business is to institute proactive strategies to prevent inadvertent release or a breach. Our services are a combination of assessment and training. We inventory where and how data is collected, stored, shared, transferred and used, and the policies and procedures needed to manage these systems. We evaluate and establish compliance programs for operations in the U.S. and internationally, keeping tabs on their constantly evolving regulations and requirements.

Education and Training

People can be a company’s greatest vulnerability when it comes to data protection. Everyone who views or handles a company’s records and data must be trained to understand relevant privacy laws—federal, state and global—as well as appropriate handling of information. We create in-depth workshops and educational tools tailored to your specific privacy issues and the types of data your employees handle.

Incident Response

If a breach occurs, whether through personnel action, malware, vendor action or other cause, we respond immediately. Our team partners with you on the full range of notification requirements, coordinates with domestic and international law enforcement agencies, assists with insurance recovery, and provides representation if litigation ensues. We’ve advised both private and public companies and have experience with addressing SEC and corporate governance requirements and responsibilities. Knowing the impact of an incident on company image can be significant, our attorneys advise on media strategy and messaging from both PR and legal perspectives.

International Data Security Compliance

Customers, employees and business partners can be located and connected globally, requiring knowledge specific to all the jurisdictions your business touches. Our team stays on top of international privacy and data protection regulations to ensure that you are in compliance. We have the benefit of being part of a global network of legal providers with experience we can tap into across the globe.

Transactional Due Diligence and Data Protection

Your company’s data protection strategies and diligence must extend to your vendors, contractual partners and acquisition targets. Every business relationship requires some use or exchange of data. We advise on privacy clauses and liability protections when writing contracts and other agreements—with specific protocols for agreements related to cloud storage and data processing. We also conduct data privacy and protection due diligence when working on M&A transactions and licensing agreements.

This profile may constitute attorney advertising. Prior results do not guarantee a similar outcome. Any correspondence with this profile holder does not constitute a client/attorney relationship. Neither the content on this profile nor transmissions between you and the profile holder through this profile are intended to provide legal or other advice or to create an attorney-client relationship.

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide