Cybersecurity and Data Privacy

In This Section

Team Leaders

Team Leader

Overview

Data and cybersecurity issues have never been more important than they are today. Privacy concerns touch upon all aspects of commerce and consumer dealings. Businesses must remain vigilant to keep up with evolving technology, while keeping data secure. Failing to follow privacy and cybersecurity laws and regulations can lead to compliance issues, regulatory and public scrutiny, data loss, and the need to notify clients and regulatory agencies.

Through good planning, companies can create strong organizational and outward facing policies to protect important and sensitive business and personal data, minimize the chance of a breach, and to address any incident that occurs.

Representative Experience
  • Served as breach counsel for higher education, health care, manufacturing, and retail clients
  • Investigated data security incidents for clients, including coordination with insurers, retention of experts, interaction with governmental and regulatory authorities, preparation of post-incident reports, and advising clients regarding post-incident remediation
  • Advised clients, including online retailers, on data security matters including data security program compliance
  • Counseled global manufacturing and engineering firm on domestic U.S. and EU GDPR compliance and program implementation
  • Responded to energy, health care, higher education, retail, and financial services industry clients’ data breaches and potential security incidents involving hacking, ransomware, and phishing and whaling attacks, providing breach notification assistance and advice on cybersecurity information-sharing
  • Oversight activities for bank-wide compliance of the Gramm-Leach-Bliley Act of 1999, including implementation of entity-wide compliant data security and privacy program for a large regional financial institution
  • Drafted data privacy and security policies, procedures, and notices for a myriad of commercial and consumer facing businesses
  • Handled security incident investigations and responses, including data breach notifications to regulatory authorities, state authorities, and individuals
  • Addressed data privacy and security issues in contract negotiation
  • Reviewed cyber insurance policies and provided coverage advice
  • Represented banks relating to financial privacy, Bank Secrecy Act, and customer and fiduciary issues
Highlights

The Steptoe & Johnson Cybersecurity Team helps clients:

  • Understand and comply with data privacy and cybersecurity laws and regulations
  • Plan and develop compliant organization-wide data security programs
  • Plan for and respond to any breach and re-evaluate existing cybersecurity plans following a breach

Team Members

Tammie C. Alexander

Member, Chair, Business Department