Jones Day - Services - Privacy & Data Security

The challenge is to strike a balance between the rights of individuals and the information needs of business.

We assist our clients by formulating strategic plans that meet their business objectives and ensure compliance
with the many laws and regulations governing privacy and data security.

Our Perspective

The internet allows us to send information around the globe instantly, making traditional geographic borders nearly obsolete. The resulting exchange of information has spurred governments to seek ways to address legitimate concerns about privacy and information security. Complying with the requirements imposed by the laws of any one country has become increasingly challenging, as a growing number of statutes and regulations include provisions that touch on privacy issues. Adding to the complexity in the U.S. is the need to comply with both federal and state law. Also, governmental entities such as the EU impose stringent information regulations, such as the EU Data Protection Directive, that add significant hurdles to companies doing business across borders. Our clients - which include global and regional companies in many different industry sectors - rely on our team of privacy advisors for a variety of services, from assisting with the development of compliance policies to providing representation in the face of enforcement actions.

Distinctive Representations

Provided global PLM company with data protection and privacy compliance advice; developed privacy policies for human resource data management; provided counseling on data breach notification obligations; advised on certification to the U.S. and EU Safe Harbor Principles
Advised global telecommunications company on data protection and privacy compliance in connection with IT outsourcing agreements
Advised financial services company on Gramm-Leach-Bliley Act compliance in connection with its acquisition of products and services that focus on identity protection, credit cards, and travel services
Counseled web site network on privacy policies, data collection, and use strategies; advised on medical data collection issues, including HIPAA
Advised national healthcare outsourcing vendor on responding to a multi-state security breach

To review additional privacy and data security representations, see the Experience link on the left of this page.

Strategic Planning and Privacy Audits

Our privacy lawyers are experienced in formulating strategic plans that address privacy and business information needs within the context of regional and international privacy laws and regulations. We work with clients to identify their business objectives with respect to privacy goals and then develop a set of privacy principles designed to achieve those objectives. Once the client's goals are identified, we perform an audit of the client’s existing policies, procedures, and practices, examining each business unit to find what information passes through, where it comes from, and whether it is subject to any restrictions. We then recommend and develop a comprehensive compliance infrastructure to meet the client's needs. Once a privacy program is in place, we continue to advise about the changes in the privacy landscape. Should problems arise, our lawyers assist in responding to enforcement actions, including advising about the production of relevant documents.

Counseling on Routine Privacy Issues

We provide advice on the routine privacy issues confronting both global and regional businesses, such as:

Responding to data security breaches
Safeguarding employee information and employee monitoring
Maintaining/transferring customer information
Structuring relationships with third parties
Developing web site privacy policies
Advising on electronic marketing and telemarketing efforts
Establishing data security and protection measures

Addressing Industry-Specific Compliance Issues

Certain industry sectors are subject to more stringent privacy and data security regulations than others. We counsel our clients on the regulations applicable to their industry and assist in developing policies and procedures that ensure compliance with the relevant law, including:

The Health Insurance Portability and Accountability Act (HIPAA)
The Gramm-Leach-Bliley Act (GLBA)
The Electronic Communications Privacy Act (ECPA)
The Federal Trade Commission Act (FTC)
The Fair Credit Reporting Act (FCRA)
The Children’s Online Privacy Protection Act (COPPA)
The Telephone Consumer Protection Act (TCPA)
The Telemarketing Sales Rule (TSR)
The Fair and Accurate Credit Transactions Act (FACTA)

Enforcement Actions, Dispute Resolution, and Privacy Litigation

Our goal, of course, is to provide our clients with the mechanisms to ensure compliance with the laws and regulations governing privacy and information security. Nonetheless, disputes occasionally arise, and our team can be called upon to seek resolution for those disputes in courts throughout the U.S., Europe, and around the world. We have significant experience defending against enforcement actions by regulators and contractual claims by business partners, along with private enforcement actions brought by consumers asserting that their privacy rights have been violated. In addition, we have represented entities seeking redress for violations of privacy rights and breaches of information security agreements.

Contact(s)

Kevin D. Lyles
Columbus
Tel: 1.614.469.3939
E-mail

Elizabeth A. Robertson
London
Tel: 44.20.7039.5959
E-mail

Mauricio F. Paez
New York
Tel: 1.212.326.3939
E-mail

Jeffrey M. Rawitz
Los Angeles
Tel: 1.213.489.3939
E-mail

	Print Page Email Page Select a Language Privacy & Data Security - Overview
Lawyers Staff Overview Experience Professionals News Publications Achievements Contact(s) Kevin D. Lyles Columbus Tel: 1.614.469.3939 E-mail Elizabeth A. Robertson London Tel: 44.20.7039.5959 E-mail Mauricio F. Paez New York Tel: 1.212.326.3939 E-mail Jeffrey M. Rawitz Los Angeles Tel: 1.213.489.3939 E-mail	The challenge is to strike a balance between the rights of individuals and the information needs of business. We assist our clients by formulating strategic plans that meet their business objectives and ensure compliance with the many laws and regulations governing privacy and data security. Our Perspective The internet allows us to send information around the globe instantly, making traditional geographic borders nearly obsolete. The resulting exchange of information has spurred governments to seek ways to address legitimate concerns about privacy and information security. Complying with the requirements imposed by the laws of any one country has become increasingly challenging, as a growing number of statutes and regulations include provisions that touch on privacy issues. Adding to the complexity in the U.S. is the need to comply with both federal and state law. Also, governmental entities such as the EU impose stringent information regulations, such as the EU Data Protection Directive, that add significant hurdles to companies doing business across borders. Our clients - which include global and regional companies in many different industry sectors - rely on our team of privacy advisors for a variety of services, from assisting with the development of compliance policies to providing representation in the face of enforcement actions. Distinctive Representations Provided global PLM company with data protection and privacy compliance advice; developed privacy policies for human resource data management; provided counseling on data breach notification obligations; advised on certification to the U.S. and EU Safe Harbor Principles Advised global telecommunications company on data protection and privacy compliance in connection with IT outsourcing agreements Advised financial services company on Gramm-Leach-Bliley Act compliance in connection with its acquisition of products and services that focus on identity protection, credit cards, and travel services Counseled web site network on privacy policies, data collection, and use strategies; advised on medical data collection issues, including HIPAA Advised national healthcare outsourcing vendor on responding to a multi-state security breach To review additional privacy and data security representations, see the Experience link on the left of this page. Strategic Planning and Privacy Audits Our privacy lawyers are experienced in formulating strategic plans that address privacy and business information needs within the context of regional and international privacy laws and regulations. We work with clients to identify their business objectives with respect to privacy goals and then develop a set of privacy principles designed to achieve those objectives. Once the client's goals are identified, we perform an audit of the client’s existing policies, procedures, and practices, examining each business unit to find what information passes through, where it comes from, and whether it is subject to any restrictions. We then recommend and develop a comprehensive compliance infrastructure to meet the client's needs. Once a privacy program is in place, we continue to advise about the changes in the privacy landscape. Should problems arise, our lawyers assist in responding to enforcement actions, including advising about the production of relevant documents. Counseling on Routine Privacy Issues We provide advice on the routine privacy issues confronting both global and regional businesses, such as: Responding to data security breaches Safeguarding employee information and employee monitoring Maintaining/transferring customer information Structuring relationships with third parties Developing web site privacy policies Advising on electronic marketing and telemarketing efforts Establishing data security and protection measures Addressing Industry-Specific Compliance Issues Certain industry sectors are subject to more stringent privacy and data security regulations than others. We counsel our clients on the regulations applicable to their industry and assist in developing policies and procedures that ensure compliance with the relevant law, including: The Health Insurance Portability and Accountability Act (HIPAA) The Gramm-Leach-Bliley Act (GLBA) The Electronic Communications Privacy Act (ECPA) The Federal Trade Commission Act (FTC) The Fair Credit Reporting Act (FCRA) The Children’s Online Privacy Protection Act (COPPA) The Telephone Consumer Protection Act (TCPA) The Telemarketing Sales Rule (TSR) The Fair and Accurate Credit Transactions Act (FACTA) Enforcement Actions, Dispute Resolution, and Privacy Litigation Our goal, of course, is to provide our clients with the mechanisms to ensure compliance with the laws and regulations governing privacy and information security. Nonetheless, disputes occasionally arise, and our team can be called upon to seek resolution for those disputes in courts throughout the U.S., Europe, and around the world. We have significant experience defending against enforcement actions by regulators and contractual claims by business partners, along with private enforcement actions brought by consumers asserting that their privacy rights have been violated. In addition, we have represented entities seeking redress for violations of privacy rights and breaches of information security agreements. Contact(s) Kevin D. Lyles Columbus Tel: 1.614.469.3939 E-mail Elizabeth A. Robertson London Tel: 44.20.7039.5959 E-mail Mauricio F. Paez New York Tel: 1.212.326.3939 E-mail Jeffrey M. Rawitz Los Angeles Tel: 1.213.489.3939 E-mail