Holland & Knight Data Breach Team Holland & Knight understands the havoc a data breach can cause. Rather than provide our clients with a narrow range of legal advice in this area, we offer thorough guidance from a highly knowledgeable, multidisciplinary team, one that stands ready – from the first phone call onward – to address the full range of legal, technological, public policy and public relations challenges a data breach presents. Holland & Knight's Data Breach Team is comprised of attorneys and professionals from four practice areas: Privacy and Data Security, Litigation, Public Policy and Regulation, and High-Stakes Communications. Working as a collaborative team enables us to provide our clients with the 360-degree support and counsel they require when a data breach occurs. We assist in the following critical areas:
preparedness | compliance | policy drafting | coaching and tabletop/simulation exercises response | mitigation | notifications technology analysis and suggested remediation regulator inquiries | investigations | lawsuits class action litigation defense board of directors corporate governance and defense strategies counsel regarding insurance issues crisis management | high-stakes communications | public relations public policy and congressional advocacy
PREPAREDNESS When a breach occurs, one of the first things regulators ask to see is the company's information security program and incident response policy. Having written and developed countless programs and policies for companies in a variety of industries, Holland & Knight's Data Breach Team can help ensure that your firm's policies are well-articulated and sound. We conduct tabletop mock breach response exercises, assist with training, select top-shelf vendors (one of our team members worked in-house in the credit monitoring industry), and can even help you select an appropriate insurance policy. TABLETOP / SIMULATION EXERCISES Testing your policies in advance and conducting preparedness practice runs to ensure sound, response processes is critical to avoiding severe financial consequences, increased legal liability and unfavorable press. Regulators will want to know if you were prepared. Since every member of your Incident Response Team has unique responsibilities with unique interests, we have found preparation/testing exercises to be extremely valuable for ensuring that your team is ready. Our tabletop breach simulation exercises can help you evaluate your response plan by:
ensuring your response policies are adequate and complete, including that legal response policies work with IT/InfoSec policies; incidents are appropriately and timely escalated; definitions are consistent; the determination of whether an incident is a "breach" is made by your legal department; the responsibility to retain outside third-party assistance is clearly vetted and managed by a particular person or persons, regardless of whether the third-party assistance is in the form of an independent forensic firm or law enforcement ensuring you have appropriate communication protocols with IT and InfoSec ensuring you have appropriate vendor oversight and management protocols ensuring adequate board or senior management oversight helping to establish important relationships with identity protection and credit monitoring vendors, forensic firms and law enforcement ensuring you are ready for press coverage from a public relations/customer relations standpoint with coaching and media training from the Holland & Knight High-Stakes Communications Team ensuring you are ready for congressional hearings or regulatory inquiry testing your litigation readiness
Copyright © 2018 Holland & Knight LLP All Rights Reserved
1