Privacy Counseling & Compliance

    •  
Helping your company achieve its business goals and innovate while adapting to the rapidly changing privacy and data security landscape.

Overview

Client-Focused Service
We tailor our advice to your organization’s unique culture and priorities so we can help you reduce your company’s privacy and security exposure and accomplish your business objectives.

A Robust, Diverse Team
We have a large team of attorneys and other professionals who are entirely focused on counseling you on applicable state, federal and international privacy and security laws. We come from a variety of backgrounds, focus on specific sectors and laws, and bring you a holistic approach that draws on our combined experience, ensuring efficiency and collaboration.

Thought(ful) Leadership
Whether it’s considering a new privacy law or applying existing regulations to new technologies (such as AI and blockchain), our team analyzes, presents, and publishes on cutting-edge privacy and security challenges. We leverage this knowledge to provide you with forward-looking legal advice that positions you to comply with today’s laws and prepare for tomorrow’s.

Areas of Practice

Federal

Children & Student Privacy (COPPA, FERPA)

Communications Privacy (Cable Act § 551, CPNI § 222)

Electronic Communications Privacy (ECPA, CFAA, SCA)

Federal Trade Commission Act (FTC Act)

Financial Privacy (FCRA, FDCPA, GLBA, CFPB)

Health Information Privacy (HIPAA, HITECH Act)

Marketing and Consumer Privacy (CAN-SPAM, TCPA, TSR)

Video Privacy Protection Act (VPPA)

State

Biometric Privacy Laws

Breach Notification Laws

California Privacy (CCPA, CalOPPA Cal. B&P Code § 22575, Cal. Penal Code §§ 637-38, CA Shine the Light Cal. Civ. Code § 1798.83, Song-Beverly / Receipt Requirements)

Computer Trespass Statutes

Data Security Laws (e.g., 201 CMR 17.00)

Employee Privacy Laws

Record Disposal & Destruction Laws

Social Media Monitoring Laws

Social Security Number Use & Disclosure Laws

Telemarketing Laws

Unfair or Deceptive Acts or Practices (UDAP)

Video/Media Privacy Protection Acts

Wiretap & Electronic Communications Laws

International

Canadian Anti-Spam Law (CASL)

ePrivacy Directive

EU Cookie Directive

EU Privacy Shield

General Data Protection Regulation (GDPR)

Self-Regulatory Frameworks

Digital Advertising Alliance (DAA) Self-Regulatory Principles

Network Advertising Initiative (NAI) Code of Conduct

NIST Cybersecurity Framework

Payment Card Industry Data Security Standard (PCI DSS)

Privacy & Security Law Blog

Visit Our Blog
09.29.22
Blog Post
Energy
Carrot or Stick? FERC Grapples With How to Incentivize Electric Utility Cybersecurity Investments Read More
09.28.22
Blog Post
Cyber and National Security
CISA Issues RFI For Cyber Reporting Rules and Announces Public Listening Sessions Read More
09.22.22
Blog Post
Healthcare
Information Blocking Rule Expands to Cover Electronic Designated Record Set Read More

The DWT HIPAA Audit Toolkits

We offer toolkits for covered entities, business associates, financial institutions, and cloud providers.
Learn More
  • Actively counseling clients in a number of industries, including telecommunications, advertising, and retail, regarding their California Consumer Privacy Act (CCPA) compliance strategy. Our work includes providing assessments of the risk and operational impact of the new law, designing information governance strategies that embed privacy in data management, and drafting disclosures and consumer response protocols.
  • Serve as lead privacy counsel and coordinate privacy work across a telecommunications conglomerate to ensure a consistent approach in operations and public policy advocacy. The team advises on models for data collection and use across multiple platforms (cable, Internet, online services) in ways that respect consumer privacy, protect consumer data, and meet current and evolving federal, state, and self-regulatory privacy requirements. The firm also advises on public policy and assists in advocacy at the federal, state, and even municipal levels.
  • Advise multinational technology company on application of privacy and security laws, such as HIPAA and the EU General Data Protection Regulation (GDPR), to cutting edge technological innovations in the healthcare sector, such as the use of artificial intelligence and cloud initiatives. DWT assisted the client in developing a negotiating playbook for implementing GDPR data processing agreements (DPA) with the client’s vendors and served as "escalation" counsel for complex DPA-related questions.
  • DWT assisted a major American daily newspaper in developing and implementing its GDPR compliance program with respect to its journalistic activities, digital advertising operations, and publishing platform services for other media organizations. This ensured compliance and mitigated liability under data protection law for the client’s activities across Europe.
  • Serve as primary outside counsel on privacy & security matters for one of the top hospital systems in the country. We provide ongoing counsel on HIPAA, information security, information sharing agreements, incident response, GDPR, 42 C.F.R. part 2 (governing alcohol and drug use disorder treatment records), and other privacy and security matters. Client also looks to us as trusted advisors for privacy implications before rolling out new apps and technology.
  • Serve as healthcare counsel to an American multinational investment bank and financial services company, assisting it with its own HIPAA compliance, negotiating HIPAA agreements with customers, addressing requirements related to federal insurance programs in customer contracts, and addressing other health information privacy laws, such as 42 C.F.R. part 2 (governing substance use disorder treatment records).
  • Counseling one of the largest mutual life insurance companies in the United States on a host of privacy regulations including: Telephone Consumer Protection Act (TCPA), Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM), the Gramm–Leach–Bliley Act (GLBA), HIPAA privacy notices, and drafting consolidated website/mobile app privacy policy applicable to the company itself and its multitude of affiliated companies.
  • Provide privacy and security advice to technology start up, which provides electronic medical record technology to cancer clinics and seeks to leverage health data to improve cancer treatment. Work includes internal counsel, drafting policies and procedures, incident response, and negotiating business associate agreements with customers.
Your search returned no results. Please try another search or remove search criteria.

Practice Contacts

Libin, Nancy
Nancy Libin
Partner
Co-chair, Technology, Communications, Privacy & Security Practice; Chair, Privacy & Security Practice
Washington, D.C.
202.973.4218
Greene, Adam H.
Adam H. Greene
Partner
Washington, D.C.
202.973.4213

Our Team

Your search returned no results. Please try another search or remove search criteria.

Contact us

We’re here to help. Email us with any questions or comments and we’ll get you connected to the right person.

Counseling & Compliance: Contact us

CAUTION - Before you proceed, please note: By clicking "submit" you agree that our review of the information contained in your e-mail and any attachments will not create an attorney-client relationship, and will not prevent any lawyer in our firm from representing a party in any matter where that information is relevant, even if you submitted the information in good faith to retain us. You also agree and understand that we may not respond to your inquiry.