We recognize that the unauthorized disclosure or use of information is a fact of life, and needs to be responded to seriously and quickly.
We employ our rapid response Global Privacy & Security (GPS) Team to investigate such incidents and assess our clients' responsibilities under applicable laws and contracts. Our incident management experience includes conducting internal investigations, monitoring vendor investigations, drafting required notices to regulators, individuals and the media under state and federal laws, responding to regulators and consumer inquiries, submitting takedown requests to social media sites, consultation on mitigation activities, and security breach incident response.
Incident Response Planning
While our main objective is to help our clients avoid a privacy or security breach altogether (visit our Privacy Compliance practice), Seyfarth’s GPS Team works with clients to develop contingency plans for data breach incidents. In the event of an actual breach related to personal information, we advise our clients on how they can best communicate with law enforcement, regulators, employees, consumers, and consumer reporting agencies.
Security Breach Management
Among the areas where we have particular knowledge is security breaches. We have handled literally hundreds of incident response situations, from conducting formal investigations following a breach, to negotiating indemnifications and responsibilities for an incident, to managing reporting for breaches. We also have assisted in negotiating with forensics companies, service providers, regulators, attorneys general and PR firms regarding the handling of a security incident.