Understanding the rapidly changing landscape of privacy and data security laws is critical for every business. We handle legal issues related to data privacy, security, and integrity for clients in a wide range of industries and technology verticals, including software, e-commerce, education, telecommunications, clinical trials and research, life sciences, publishing, new media, and interactive gaming.
Our experience includes:
- Advising clients on compliance with state, federal, and international privacy and data security laws, such as BIPA, CAN-SPAM, COPPA, FCRA, FERPA, FTC ACT, GLBA, HIPAA, TCPA, the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Utah Consumer Privacy Act (UCPA), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA), the Massachusetts data protection regulations (201 CMR 17), the New York SHIELD Act, and the General Data Protection Regulation (GDPR), and international data transfer mechanisms (including the “standard contractual clauses” issued by the European Commission, and the international data transfer agreement and addendum issued by the UK Information Commissioner’s Office, and the EU-U.S. Data Privacy Framework).
- Developing privacy policies, security policies, and information management best practices.
- Counseling clients with respect to incident and breach response.
- Handling privacy risk allocation and due diligence in the context of M&A and investment transactions.
- Drafting and negotiating commercial agreements involving privacy and data security, including data processing and data sharing agreements.
- Representation in the context of Federal Trade Commission investigation of privacy practices and in the negotiation of FTC Consent Orders.
- Providing guidance as to compliance with privacy laws relating to children and education, including the Children’s Online Privacy Protection Act (COPPA), the Family Educational Rights and Privacy Act (FERPA), as well as to state privacy and data security laws relating to minors and the use of K-12 student data (particularly for companies in the digital games, mobile applications, and online education areas).
- Advising clients on privacy and data security issues in the context of licensing and other transactions, including drafting and negotiation of strategic alliances, support and maintenance, professional services, software as a service (SaaS), hosting, and development agreements, and other contracts involving intercompany relationships.
- Counseling employers on workplace privacy issues such as the monitoring of email and computer systems, employee use of electronic devices, employee drug testing, background checks, and workplace searches.
- Advising sponsors, fiduciaries, and record keepers of ERISA-covered plans with retirement or health & welfare benefits on best practices for protecting plan asset data and participants’ personally identifiable information, including drafting, in accordance with Department of Labor guidelines, cybersecurity policies/programs to mitigate the effects of cybersecurity issues.
Kevin S. Olson
Associate
Howard G. Zaharoff
Of Counsel
News & Insights
It’s Not Just HIPAA Anymore — Here’s What You Need to Know About the New Consumer Health Data Laws
Faith Kasparian Named Go To Cybersecurity & Data Privacy Lawyer by MA Lawyers Weekly
Morse Announces 2024 Attorney Elevations
M&A News: Morse Client Garvin Construction Products in Acquisition by Beacon
Kevin Olson Earns IAPP Certified Information Privacy Technologist Credentials
Client Alert: European Commission Approves EU-U.S. Data Privacy Framework
Top Trends in Data Privacy
Morse Serves as Counsel to Wagr in Acquisition by Yahoo Sports
Data Privacy Compliance Basics: ICYMI Webinar Recap
Top 10 Tips for Developing a Privacy Notice
Client Alert: GLBA Compliance
Data Protection Risks in M&A and Investment Transactions
Do You Have an Employee Benefit Plans’ Cybersecurity Policy?
Faith Kasparian Named Go To Privacy & Cybersecurity Lawyer by MA Lawyers Weekly
Client Alert: Upcoming UK and EU Data Transfer Deadlines
Morse Welcomes Associates Kevin Olson and Monica Sax
Client Alert: The New Data Transfer SCCs
Client Alert: CCPA Compliance
Client Alert: Standard Contractual Clauses
Client Alert: Virginia Consumer Data Protection Act
Morse Announces 2021 Attorney Elevations
IP News: 6(b) Orders Issued
Client Alert: Cybersecurity Improvement Act of 2020
EU Regulators Crack Down on Taking Cookies from the Cookie Jar
Client Alert: Privacy Shield Decision
The California Consumer Privacy Act
Attorney Earns IAPP Certified Information Privacy Professional Credentials
The Process of GDPR Compliance
The First Step in Developing a GDPR Compliance Strategy
Data Privacy Bell Ringers
Elevation Launches the New Year at Morse
Client Alert – Happy Halloween!
Client Alert – Happy Halloween!
VIDEO: Privacy and Data Security Clips
WISP – Written Information Security Program
Head in the Clouds – A Cloud User’s Contract Checklist
High-Level Points Regarding the U.S. Privacy and Data Security Landscape
M&A Privacy & Data Security Considerations:
No Escape From Release Forms