Data Privacy, Cybersecurity and Information Management
AMG prides itself in being at the forefront of the practice of law and its developments. Today’s global economy is sparked by an interest in the accumulation of personal data for commercial purposes. At the same time, the risks of non-compliance are growing significantly and cyber security concerns are mounting as businesses adopt new technologies, collect and process more data. Moreover, issues regarding compliance are further aggravated through the cross border transfer of data as a result of the differing perspectives of each country’s legal systems and the storage of data in varying jurisdictions.
Leading the way in this cutting-edge area in Puerto Rico, AMG’s Data Privacy, Cybersecurity and Information Management practice is uniquely positioned to help companies, in an increasingly complex field, in achieving and maintaining compliance with privacy law requirements and agency regulations through a talented pool of attorneys with a sophisticated understanding of today’s modern privacy issues. The group draws on the experience of renowned attorneys in the firm’s other leading practice areas, particularly the Labor and Employment and Corporate law groups.
In recent years AMG’s Data Privacy, Cybersecurity and Information Management has successfully counseled an impressive roster of clients comprising the likes of Liberty Mutual Insurance Company, Philips, Toyota Credit Corp. and Infotech Aerospace Services, among others, on multiple privacy issues related to the scope and extent of sharing personally identifiable information for commercial purposes; data collection and management practices of employee data; the implementation of e-contracting procedures; negotiation of vendor contracts for information use; and business associate agreements.
AMG’s data privacy group aims to provide practical advice and cost effective solutions that helps clients effectively manage their information, while achieving their business goals. Aware that data is a critical asset for its clients, it also strives to mitigate the risks of collecting and processing information in developing privacy solutions.
Areas of Experience
Some of the areas in which AMG’s Data Privacy, Cybersecurity and Information Management practice group renders its clients advice and assistance include:
Counseling of and compliance with federal and state laws in all substantive areas of privacy including, but not limited to, financial, health, consumer, educational and employment privacy. E.g. Gramm-Leach-Bliley Act, HIPAA, Fair Credit Reporting Act, Fair and Accurate Credit Transactions Act and CAN-SPAM Act.
Compliance with breach notification requirements and state Social Security laws.
Compliance with the EU Data Protection Directive and member state implementations – i.e. U.S Safe Harbor requirements, model contracts and binding corporate rules.
Drafting, development and implementation of privacy policies and notices.
Drafting and negotiation of vendor contracts.
Conduct privacy assessment or audits of an organization’s compliance with its privacy policies/procedures and information security due diligence.