Technology’s rapid advancement in a global consumer marketplace has made the protection of information—about our clients’ businesses, and the employees and customers at the heart of those businesses—more complex and important. Reed Smith’s Data Security, Privacy & Management Group regularly advises on the issues that arise from actual and potential breaches of personal information. While electronically stored and transmitted information is inherently global, the laws and enforcement mechanisms still trace national and political borders. This includes compliance with the Gramm-Leach-Bliley Financial Modernization Act (GBLA), the Health Insurance Portability and Accountability Act (HIPAA), the Children’s On-Line Privacy Protection Act, U.S. state laws and regulations, EC Directives on data protection, and the privacy laws of other jurisdictions throughout Europe, the Middle East and Asia. Our attorneys have devised new products designed to create user-friendly data management compliance solutions in order to aid clients in the ordinary and extraordinary transfers of data, and to help prevent breaches. When breaches have occurred, we have counseled more than five dozen companies through an effective short- and longer-term response, using a proprietary “tool kit” that we have developed and fine-tuned.
In addition to our advisory work, our U.S. attorneys have successfully defended more national class actions involving data security breaches than any other law firm. Our team, which is based throughout the United States, Europe, the Middle East and Asia, has also dealt with country privacy regulators, and has worked with clients in a number of industry sectors, including financial services, life sciences, education, retail, advertising, technology and media. Organizations in these sectors must consider the ever-changing guidance of their regulators, and must meet emerging industry-specific standards of care. Our team works closely with the other lawyers in our Global Regulatory Enforcement Group to maximize for the benefit of clients, our collective contacts and experience with, for example, the Federal Trade Commission, the National Association of Attorneys General, U.S. banking regulators, the Hong Kong Monetary Authority and the Privacy Commissioner for Personal Data.