• Ann Arbor
    201 S. Division Street
    Suite 400
    Ann Arbor, MI 48104
    T 734-761-3780
  • Detroit
    1901 St. Antoine Street
    6th Floor at Ford Field
    Detroit, MI 48226
    T 313-259-7777
  • Grand Rapids
    99 Monroe Avenue NW
    Suite 300
    Grand Rapids, MI 49503
    T 616-205-4330
  • Troy
    201 W. Big Beaver Road
    Suite 500
    Troy, MI 48084
    T 248-743-6000
Go to page >
Go to page >
Search
competitive drive
 

Data Privacy and Security

Defend Your Data
Overview

Constant and rapid changes in technology, a regular flow of new and stricter laws, and increasing press coverage of data breaches and threats to organizations makes data security among the hardest concerns to keep up with and one of the most important issues every business faces in today’s world.

In today’s global economy, every institution holds data ꟷ whether it’s employee and human resources records, customer and sales information, intellectual property, marketing and communications records, or health records. Governments continue to set rigorous privacy and security standards, while individuals and business partners increasingly expect this information will be properly safeguarded.

Legal requirements and consumer expectations around data management and privacy are only escalating. As regulations evolve, it is more important than ever for businesses to stay informed and understand their specific compliance obligations, no matter their size or industry. Our Data Privacy and Security attorneys have extensive experience guiding businesses through a wide range of cybersecurity issues from compliance and data incident response to risk management, contract requirements, and navigating complex regulatory obligations.

 

Services

By staying on top of current changes in the technology, law, and trends, Bodman’s Data Privacy and Security team leverages the diverse backgrounds and experiences of our group to meet each client — wherever they are in the process and whatever their size or industry — and help them come up-to-speed and reach a place where they can confidently perform their core business knowing they have a partnership that assists in the ongoing process of defending their data.

Our services include:

  • General Data Protection Regulation (GDPR), UK GDPR, and EU-U.S. Data Privacy Framework
  • Data Privacy and Security Risk Assessments
  • Data Breach Investigation, Response, and Notification
  • Website and Mobile App Privacy Policies
  • Health Privacy and HIPAA Compliance
  • Gramm-Leach-Bliley Act (GLBA) Compliance
  • Red Flags Rules
  • Advertising and Marketing Privacy
  • Data Sharing
  • Children’s Privacy and the Children’s Online Privacy Protection Act of 1998 (COPPA)
  • Education and Student Loan Privacy
  • Telecommunications Privacy and Telephone Consumer Protection Act (TCPA) Compliance
  • Payment Card Data Security and Payment Card Industry (PCI) Compliance
  • International Privacy Laws
  • Other European Union Privacy Laws
  • Canadian Privacy Laws
  • Social Media Privacy
  • Consumer Privacy
  • Consumer Protection Litigation
  • State Privacy Law Compliance
  • Mobile and Geolocational Privacy
  • Data Retention and Destruction Policies
  • Employee Monitoring and Privacy
  • Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003
  • Disaster Recovery/Business Continuity Plans
  • Data Incident Response Plans
  • Cybersecurity Training
  • Data Processing Agreements (DPA), Terms of Use, and other Data-Related Agreements
  • Cybersecurity Insurance Policy Review

 

Representative Matters

Our team has assisted both small and large organizations in the creation, design, development, and implementation of data privacy policies and data security programs in compliance with state, federal, and international laws and regulations in addition to guiding them through high-pressure, time-is-of-the-essence, incident response situations.

  • Pharmaceutical Company Negotiates Data Processing Agreements on a Global Scale.

    We negotiated on behalf of a pharmaceutical company data privacy and data processing agreements that comply with global privacy laws, including in Europe, the UK, Switzerland, India, Israel, Mexico, and Canada.

  • Apparel Decorating Company Updates its General Privacy and Security Practices to Comply with GDPR.

    We assisted an industry leader in apparel decorating design, equipment, and manufacturing with the updating of its internal information security policies, vendor contracts, and internal and external facing privacy notices to comply with data privacy and protection obligations under GDPR.

  • Global Technology Joint Venture’s Internal Data Breach Affects 20,000 Individuals.

    Bodman represented a multinational technology corporation in a data breach that affected 20,000 current and former employees. Assistance included review of the breached data, preparation of letters to the affected individuals and to state governments, preparation of court filings, and revision of company privacy policies.

  • Medical Certification Process Company Receives HIPAA Compliance Program, from Start to Finish.

    We assisted a DOT medical certification process company with the establishment of its corporate records and retention policies and the creation of a HIPAA compliance program, including drafting its privacy policies, drafting and negotiating Business Associate Agreements, drafting and applying risk assessments, and drafting user and employer consent forms.

  • Savings Bank Re-Drafts GLBA-Compliant Provisions for Its Vendor Agreements.

    We advised a large publicly-traded savings bank in the drafting of new Gramm-Leach-Bliley Act-compliant and other privacy and security provisions for its vendor agreements.

  • Financial Services Company Needs HIPAA Business Associate Agreements Prepared.

    We counseled a publicly-traded financial services company in preparing HIPAA business associate agreements related to lending agreements, treasury management services agreements, consumer banking agreements, and insurance services agreements.

  • Religious Organization Experiences Data Breach Affecting More Than 10,000 Employees.

    We counseled an agency that handles payroll processing and employee benefits for a religious order in the remediation of a data breach that affected more than 10,000 employees, helping the agency seek indemnification from its service provider, draft letters to affected individuals, and negotiate agreements to prevent recurrence of the problem.

  • Sports Team Needs HIPAA Compliance Program and Representation During League HIPAA Audit.

    We implemented a HIPAA compliance program for a professional sports team. The program included updated privacy policies, the drafting and negotiation of Business Associate Agreements, and the drafting and application of risk assessments. We also represented the sports team during the sports league’s HIPAA audit.

  • Lenders Counseled on GLBA and HIPAA Data Security & Privacy Compliance.

    Bodman has assisted many banks and other financial institutions with Gramm-Leach-Bliley Act and HIPAA information security compliance.

  • Manufacturer Changes Its General Privacy and Security Contract Language.

    We assisted a leading manufacturer in the streamlining of its privacy and security confidentiality language in its vendor agreements.

 

Please do not send us confidential information unless and until you have established a formal attorney-client relationship with Bodman PLC and received authorization from one of our attorneys to send us confidential information.

Accept Close