Privacy & Data Security - Karr Tuttle Campbell

Karr Tuttle Campbell’s cross-disciplinary privacy and data security attorneys use their hands-on experience serving tech-sector businesses and heavily regulated industries to counsel companies of all sizes as they manage risks associated with the collection, use, and disclosure of data.

Our attorneys’ extensive subject matter expertise in intellectual property, international law, consumer protection, banking, finance, and healthcare—when combined with a real-world understanding of the actual risks involved with litigation—yields commercially practicable compliance strategies that balance the costs of data security against those of running a profitable business.

Data privacy is an enterprise-wide concern. Over 100 countries and the vast majority of U.S. states promulgate unique rules regulating collection, use, disclosure and security of personal information. A deep understanding of this complex global framework builds trust with business partners and customers. However, the plurality of legislation makes full compliance a daunting task, even for the most experienced businesses.

Karr Tuttle Campbell’s privacy attorneys mitigate risk at every stage of the information lifecycle. Our attorneys partner with general counsel, chief privacy officers, and chief information officers to devise technical and non-technical methods to achieve privacy and data security compliance, including:

Privacy policies and data breach notification policies tailored to industry and geography
Workplace privacy measures, like acceptable use policies with EU-grade “privacy by design” principles
Data breach response strategies, including customer notifications
Health information privacy strategies
Third-party liability assessments under state, federal, and international privacy laws:
- Identification of data security vulnerabilities in customer, distributor, supplier, or other business partner agreements
- Negotiations of vendor contracts and information use and distribution agreements
Compliance counseling for privacy and security issues implicated by mergers and acquisitions, including:
- Advice on the transfer of a target company’s employee and customer data
- Integration of the target’s and acquirer’s internal and public-facing privacy policies and data handling procedures
Technology licensing agreements
Cross-border data transfers
Legislative monitoring

EU General Data Protection Regulation (GDPR) and EU-US Privacy Shield. We also assist businesses with their efforts to comply with the ever-expanding array of international data protection requirements, including the EU’s General Data Protection Regulation (GDPR) and member state implementations of other EU mandates, such as the EU-US Privacy Shield, model contracts, and binding corporate rules (BCRs).

Our privacy and data security attorneys keep clients apprised of international privacy developments pertinent to their business. In addition, Karr Tuttle Campbell has extensive experience representing Asian and European-based companies, as well as other foreign-based and multi-national companies.

Highly regulated industries. Our attorneys are sought-after by businesses operating in regulated industries with sector-specific legal issues, such as those implicated by:

Health Insurance Portability and Accountability Act (HIPAA)
Gramm-Leach-Bliley Act (GLBA)
Fair Credit Reporting Act (FCRA)
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM)
Electronic Communication Privacy Act (ECPA)
Family Educational Rights and Privacy Act (FERPA)
Payment Card Industry Data Security Standard (PCI DSS)
Video Privacy Protection Act (VPPA)
Children’s Online Privacy Protection Act (COPPA)

Notice

We welcome your interest in Karr Tuttle Campbell. However, we cannot represent you nor can we treat information as confidential until we know that doing so will not create a conflict of interest. Accordingly, please DO NOT send information about any matter unless you are an existing client AND one of our attorneys has explicitly affirmed that we represent you as a client in the matter to which your communication would pertain. Providing information via the “Contact Us” form on this website or otherwise will not create an attorney-client relationship in the absence of an express agreement by the Firm to create such a relationship, and will not prevent the Firm from representing someone else in connection with the matter in question or a related matter.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Karr Tuttle Campbell’s cross-disciplinary privacy and data security attorneys use their hands-on experience serving tech-sector businesses and heavily regulated industries to counsel companies of all sizes as they manage risks associated with the collection, use, and disclosure of data.

Primary Attorney Contact

Other Attorney Contact

Related Services

Notice