Overview
KMK’s Data Privacy & Cybersecurity Team provides immediate 24/7 assistance responding to and remediating a possible cyber incident or data breach. Contact us on our Cybersecurity Hotline at 513.579.6500 or breachresponse@kmklaw.com.
Protecting personal data and sensitive information is more important than ever before. Data protection is simply a cost of doing business for companies of all sizes. Cybersecurity threats are sophisticated and rapidly evolving. The regulatory landscape is increasingly complex, and consumers and business partners are demanding corporate responsibility. Leveraging data into a competitive tool must be balanced against the risks to both the company and the individual. These issues are some of the most important and challenging that companies face.
With deep experience in both proactive risk mitigation and incident response, our Data Privacy & Cybersecurity Team stands with clients on the front lines. Our interdisciplinary team offers the full range of privacy and cybersecurity services, from developing entire national and global privacy compliance programs to leading clients through complex data breach responses. Our attorneys focus on maximizing value and aligning legal strategies to clients’ real-world business operations. Our custom approach is engineered to meet client business and budget needs.
Our attorneys are experienced in performing gap and data assessments; coordinating technical consultant services; insurance policy analysis and negotiation; policy crafting; creating vendor management programs; training; implementation guidance; service provider negotiation; and transaction due diligence. In particular, our attorneys regularly counsel clients on their risks and obligations under laws relevant to their data, including, the European Union’s General Data Protection Regulation (“GDPR”) (and the United Kingdom’s equivalent), Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”), CAN-SPAM Act, the TCPA, the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”), the Utah Consumer Privacy Act (“UCPA”), the Virginia Consumer Data Privacy Act (“VCDPA”), the Colorado Privacy Act (the “CPA”), the Connecticut Data Privacy Act (“CTDPA”), and numerous other state and industry-specific data protection laws. We also work closely with clients to prepare for cybersecurity incidents, including data breach response planning and training, insurer coordination, and pre-incident service provider engagement.
When a data incident strikes, our team guides clients from start to finish. Our experienced attorneys have managed major service provider incidents, ransomware attacks, HIPAA breaches, and complex public-sector and nonprofit incidents. Services include leading the incident response; advising on containment strategy; directing the forensic investigation; coordinating with insurers; advising as to legal obligations to notify affected consumers, business partners, and regulators; overseeing the notification of third parties; communicating with law enforcement; responding to regulatory inquiries; and steering remediation and enhancement efforts.
We are here to help clients meet these challenges while minimizing business disruption.
Team
- Partner
- Partner
- Associate | CIPP/US, CIPM
- Associate | CIPP/US
- Partner | CIPP/US, CIPP/E, CIPM
- Of Counsel | CIPP/US
- Associate | CIPP/US
- Partner
- Partner
- Partner | CIPP/US
- Partner
- Partner
- Associate
- Partner