Data Strategy, Security and Privacy – O’Melveny

As our customers collect and generate more data, we help ensure that data is an asset, not a liability, by developing policies and practices that keep customers compliant with evolving cybersecurity obligations and confidentiality. Our lawyers advise our clients throughout the lifecycle of data privacy and security issues, from advising on global data privacy compliance, product development and data transactions, to from developing privacy and data security programs and policies to managing incident responses and conducting internal investigations. litigation and regulatory proceedings.

Our team has helped leading companies solve today’s biggest data privacy and security challenges. Whether you are facing the repercussions of a ransomware attack; confront the growing web of international, federal and state privacy laws that govern everything from biometrics to financial data; or responding to requests from regulators and attorneys general, we’ve got you covered.

We represent companies across all industries, including hospitality, transportation, energy, healthcare, financial services, pharmaceuticals, gaming, consumer products, crypto and blockchain technology, as well as emerging Web3 and AI technologies. Business executives, boards of directors, technology leaders and corporate legal departments turn to our team to anticipate challenges, strategize and resolve business, legal and policy issues related to privacy and security. cybersecurity.

Our capabilities include:

• Global Data Privacy Compliance advises businesses on implementing policies and practices to comply with a wide range of data privacy laws, including state laws such as the California Consumer Privacy Act and California Privacy Rights Act, and international laws such as the EU General Data Protection Regulation. .
• Advertising and marketing practices, advising businesses on data privacy and security compliance for advertising and marketing campaigns.
• Product consultancy working with companies to ensure they design new products with privacy requirements in mind.
• Privacy due diligence in M&A transactions by performing due diligence on target companies to identify and mitigate privacy risks.
• Data protection and data transfer agreements, drafting and negotiating agreements for data transfers between parties.
• Cross-border transfers and transfer impact assessments, advising businesses on requirements for cross-border data transfers, including the preparation of transfer impact analyses.
• Health Information Privacy, advising healthcare providers, pharmaceutical companies and insurers on compliance with HIPAA and state laws governing medical privacy and genetic data.
• Financial Privacy, advising businesses on compliance with state and federal financial privacy laws, including Gramm Leach Bliley.
• Childrens Privacy advises businesses on compliance with the Children’s Online Privacy Protection Act.
• Data minimization and record retention, developing record retention and data governance policies that ensure compliance with legal requirements.