Skip to content
DWT logo
People Expertise Insights
About Locations Careers
Search
People
Expertise
Insights
About
Locations
Careers
Search
Technology + Privacy & Security / Privacy & Security

Information Security & Incident Response

  •  

Providing information security and incident response advice grounded in a practical understanding of the underlying technology.

Overview

Practical – Advice You Can Implement
Compliance obligations can be unclear, contradictory (if you are subject to multiple standards), or even at odds with the security needs of your organization. We break through the maze of obligations to provide pragmatic guidance that your legal and IT teams can understand and implement to make sure your organization is both secure and compliant. Let us be your trusted advisors and help make this process clear, actionable, and measurable.

Business-First – Guidance at an Operational Level
The continued success of your business is our primary concern. We know information technology and can translate legal obligations into language your technologists can understand. We help you focus on running your business by providing actionable step-by-step legal advice that you can implement when confronted with a data breach, regulatory investigation, compliance obligation, or third-party audit.

Creative – Innovative Security-by-Design Counseling
We love a new challenge and rolling up our sleeves to help companies integrate security into new (and existing) products and business ventures. We live and breathe technology, and we stay on top of the latest security guidelines and legal trends in this space, so we are excited and prepared to help you launch your 'next big thing.'

24/7 Breach Response Team

24/7 Breach Response team
844-GoToDWT
Assistance with assessing and responding to security incidents designed to limit legal liability, preserve system assets, and protect your business reputation. 

Privacy & Security Law Blog

VISIT OUR BLOG
Keyboard close up Link to /blogs/privacy--security-law-blog/2019/08/how-to-comply-with-ccpa
08.13.19
Blog Post
California Privacy (CPRA/CCPA)
Consumer Rights Under the CCPA, Part 2: Responding to Consumer Rights Requests Read More Link to /blogs/privacy--security-law-blog/2019/08/how-to-comply-with-ccpa
Streaming lines of computer code Link to /blogs/privacy--security-law-blog/2019/08/google-street-view-lawsuit-settled
08.05.19
Blog Post
Consumer Privacy
Google "Street View" Wiretap Allegations Settled for a "Modest" $13 Million Read More Link to /blogs/privacy--security-law-blog/2019/08/google-street-view-lawsuit-settled
Keyboard close up Link to /blogs/privacy--security-law-blog/2019/08/data-mapping-an-essential-task-for-cybersecurity
08.02.19
Blog Post
Cyber and National Security
Data Mapping: An Essential Task for Cybersecurity and Compliance Read More Link to /blogs/privacy--security-law-blog/2019/08/data-mapping-an-essential-task-for-cybersecurity
Map of USA

Summary of U.S. State Breach Notification Statutes

Use this summary to help answer questions about state data breach notification requirements.
LEARN MORE Link to /gcp/state-data-breach-statutes
  • Represent telecommunications conglomerate in various information security matters, as well as investigating and responding to various incidents, some of which resulted in the disclosure of consumer information and required consumer and governmental notifications.
  • Advised e-commerce companies on incident response plan for information security incidents and data breaches.
  • Provided counsel on compliance with HIPAA and other health information privacy and security laws, including successfully resolution of investigation by the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) of a reported breach, which had the potential to result in millions of dollars in civil monetary penalties. Facilitated the client’s response and OCR closed its investigation without financial penalty or settlement.
  • Assisted consumer products company investigate ransomware attack on website collecting personal information from European residents. Developed forensic evidence necessary to determine that personal information was not put at risk.
  • Conducted incident response for medical services provider addressing a breach in a recently acquired asset. Guided medical services provider through analyzing network of acquired company, remediating security incident, and properly securing its own network from potential impact from acquired company.
  • Conducted incident response for publisher that was victim of spear phishing campaign that compromised personal information of US and EU residents. Coordinated forensic investigation, breach notification, and regulator communication.
  • Conducted incident response for software developer that was the subject of a ransomware attack. Assisted in payment of ransom and decryption of data, law enforcement coordination, transition to new network structure, and other remediation activities.
  • Advised book publisher that mailed information to incorrect contractors. Coordinated breach notification, identity theft monitoring, and regulator communication.
  • Identified spear phishing attack on a nonprofit client that suspected an employee was committing fraud and guided client through remediation.
  • Advised religious institution that suffered an attack from a disgruntled employee. Drafted demand letter and recovered stolen data.
  • Advised restaurant client on data misuse by franchise, including addressing data ownership issues not directly addressed in franchise agreement.
  • Served as data breach counsel to a regional health plan for a series of potential data breaches that could have affected tens of thousands of the plan’s members, including analysing the breach notification obligations under HIPAA, the federal notification law, and the laws of all 50 states and a couple of territories. Also developed multiple notifications to individuals, government regulators, and consumer reporting agencies to meet all these requirements.
Clear Filter
Searching...
Your search returned no results. Please try another search or remove search criteria.

Practice Contacts

Avery, Christopher
Christopher Avery
Counsel
Admitted to practice only in Connecticut and Missouri. Supervised by partners in the New York office.
New York
212.603.6464
Reynolds, Alexander B.
Alexander B. Reynolds
Counsel
Washington, D.C.
202.973.4251

Our Team

Clear Filter
Searching...
Your search returned no results. Please try another search or remove search criteria.

Contact us

 
We’re here to help. Email us with any questions or comments and we’ll get you connected to the right person.

Information Security & Incident Response: Contact us

CAUTION - Before you proceed, please note: By clicking "submit" you agree that our review of the information contained in your e-mail and any attachments will not create an attorney-client relationship, and will not prevent any lawyer in our firm from representing a party in any matter where that information is relevant, even if you submitted the information in good faith to retain us. You also agree and understand that we may not respond to your inquiry.
Contact Us Form
*
*
Invalid Email
*
* = required field
DWT logo
©1996-2020 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Prior results do not guarantee a similar outcome.
NAVIGATE
Home People Expertise Insights
About Locations Careers Events Blogs
STAY CONNECTED

Subscribe to stay informed.

Subscribe
Employee Login
DWT Collaborate
EEO
Affiliations
Legal notices
Privacy policy
©1996-2020 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Prior results do not guarantee a similar outcome.
Close
Close

CAUTION - Before you proceed, please note: By clicking “accept” you agree that our review of the information contained in your e-mail and any attachments will not create an attorney-client relationship, and will not prevent any lawyer in our firm from representing a party in any matter where that information is relevant, even if you submitted the information in good faith to retain us.