The constantly-evolving patchwork of state, national, and international data protection and breach notice laws can give rise to untold liability for well-meaning businesses of all types. Whether collecting, storing, and using customer data for sales or marketing, or employee data for human resources purposes, data privacy concerns present a risk for nearly all organizations. Due to the rate at which the legal landscape is changing, even well-crafted privacy and internal security policies will almost assuredly become inaccurate or outdated over time.
At Bast Amron, we regularly advise clients regarding compliance with existing state, national, and international data privacy laws, including states’ various data protection and breach notification statutes, the Federal Trade Commission Act, and the General Data Protection Regulation, as well as forthcoming or proposed laws which may affect our clients’ practices.
- Advised a global technology company and its N. American subsidiaries regarding best management practices for compliance with the General Data Protection Regulation, including preparation of new data privacy policies and new addenda to existing contracts to ensure compliance
- Advised a global technology company regarding administrative processes to be adopted to support a data-privacy conscious culture
- Advised an international hotel corporation regarding post-data breach obligations under the General Data Protection Regulation, Mexican federal law, and numerous state data protection and breach notice statutes
- Advised a global technology company in connection with a multi-million dollar master services agreement and related statements of work and service level agreements, and, among other things, negotiated contractual duties relating to compliance with the General Data Privacy Regulation