Skip to Main Content

Privacy, Data and Cybersecurity

View as PDF
OVERVIEW | PEOPLE | NEWS | PUBLICATIONS | EVENTS
Overview

Katten's Privacy, Data and Cybersecurity group brings together a team of attorneys with diverse industry experience and substantial knowledge of the latest laws and practices regarding privacy and data protection. We understand the benefits and potential risks associated with the collection, use and disclosure of customer and employee information, and we work with clients to effectively resolve or prevent potential problems. Our practice encompasses the development of privacy protection practices, privacy and security law counseling and compliance, and the application of privacy laws to data use and information sharing.

We advise clients on all aspects of compliance with local, state and federal laws governing privacy and security, including the Gramm-Leach-Bliley Act (GBLA), the Health Information Portability and Accountability Act (HIPAA), the Children's Online Privacy Protection Act (COPPA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM), Federal Trade Commission (FTC) enforcement, the California Consumer Privacy Act (CCPA), the EU-US Privacy Shield and the PCI Data Security Standards. We also provide counsel on compliance with international privacy and data protection laws and regulations, including the European Union General Data Protection Regulation (GDPR), the EU ePrivacy Directive, and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). Likewise, our attorneys help clients stay ahead of emerging privacy issues related to the use of mobile technology and location-based information to engage with customers and employees, including compliance with terms of use relating to using data obtained from social networking sites and other third parties.

Katten attorneys have extensive experience working with companies to analyze their privacy needs and practices and in drafting appropriate compliance documents. We assist clients in crafting policies from scratch, as well as modernizing existing policies based on the latest developments in privacy and security law. We help implement appropriate data protection principles and practices, including assisting in the process of vetting vendors and reviewing their practices for administrative, technology and physical security procedures. If and when there is a security breach, we have the knowledge and experience to find a path through the patchwork of laws and regulations and to work with our clients' business leadership, technology professionals and media team to implement prompt and appropriate responses. We have also represented numerous clients in analyzing, mitigating and responding to data security incidents and breaches, including serving as breach "coach," managing the incident response process, working with forensics and notification vendors, addressing consumer complaints, and responding to regulatory inquiries and enforcement actions.

Firm News
July 16, 2019
Doron Goldstein talks impact of California Consumer Privacy Act on hospitality industry
July 11, 2019
Gary DeWaal and Cathy Yoon Comment in Law360 on First SEC-approved Crypto Token Offering
July 11, 2019
Doron Goldstein Discusses GDPR Fines for Hotels with Hospitality Technology
October 17, 2018
Katten Partner Designated Privacy Law Specialist
October 11, 2018
New Katten Health Care Partners Create Media Buzz in Dallas
October 5, 2018
All-Star Trio of Women Boosts Katten's Health Care Practice in Dallas
September 11, 2018
Lance Zinman Quoted on the Importance of Cybersecurity and IP Protection in the Quant Space
June 8, 2018
Doron Goldstein Quoted Regarding GDPR Compliance for US Asset Managers
May 23, 2018
Doron Goldstein Comments on GDPR Compliance Challenges for US-Based Asset Managers
May 14, 2018
Law360 Features Doron Goldstein in Article on GDPR Misconceptions
March 26, 2018
Nathaniel Lalone Comments on the Intersection of MiFID II and GDPR
March 19, 2018
Nathaniel Lalone Interviewed by Bloomberg TV on MiFID II and GDPR
February 2, 2018
Nathaniel Lalone Comments On MiFID II and Information Cyber Risks
January 10, 2018
Doron Goldstein Quoted Regarding Hedge Funds' Top Cybersecurity Woes
December 12, 2017
Katten Represents Global Trading Systems in BNP Paribas Deal
November 22, 2017
Doron Goldstein Comments on Hedge Funds' Use of Alternative Data
November 6, 2017
Polly Sprenger to Lead Katten UK's Contentious Financial Services and White Collar, Investigations and Compliance Team
July 29, 2017
Doron Goldstein Comments on Fitness Tracker Data Security in USA Today
July 18, 2017
Super Lawyers Names Matthew Baker to 2017 Northern California Rising Stars List
June 28, 2017
Doron Goldstein Quoted on Google's Antitrust Penalty
May 23, 2017
Doron Goldstein Interviewed on Facebook Fine and the European Regulatory Landscape
May 18, 2017
Alan Meneghetti Featured in Aviation Law News
November 16, 2016
Doron Goldstein Comments on Legal Ramifications of Pokémon Go and Augmented Reality
November 1, 2016
Doron Goldstein Named Cybersecurity & Data Privacy Trailblazer by The National Law Journal
September 26, 2016
Doron Goldstein Comments on Investor Questions for Start-Ups
June 14, 2016
Lily Chinn Comments on Technology Assisted Review
May 19, 2016
Katten UK Expands Real Estate Capability With Hire of Construction Specialist Matthew Needham-Laing
April 19, 2016
Doron Goldstein Quoted on Data Breach Litigation
April 11, 2016
Claudia Callaway Quoted on Hotel Privacy Policies and Training
March 9, 2016
Claudia Callaway and Christina Grigorian Commented on Ransomware Attack Trends
February 10, 2016
Claudia Callaway Comments on Bitcoin Technology's Effect on the Legal Industry
January 28, 2016
Doron Goldstein Comments on Funding Cybersecurity
January 13, 2016
Claudia Callaway Quoted on Testing Communication Lines During a Data Breach Simulation
December 9, 2015
Lily Chinn Explores Privacy Challenges in Using Social Media for Internal Investigations
December 9, 2015
Claudia Callaway and Christina Grigorian Quoted on Litigation Arising From Data Breaches
April 10, 2014
Partner Michael Rosensaft Discusses Insider Trading Evidence With Law360
April 8, 2013
Partner Michael Verde Profiled in Law360 Q&A
Advisories
August 1, 2019
New York Shields Consumer Data With Broader Breach Notification, Security, and Identity Theft Protection Laws
July 15, 2019
Bite in the Tail for British Airways and No Holiday for Marriott
June 11, 2019
Nevada Ups the Ante on Privacy, Adds New Opt-Out Rights Effective October 1
May 7, 2019
The California Consumer Privacy Act | Does the CCPA Affect Me?
April 25, 2019
Not So Secure: OCIE Identifies Regulation S-P Compliance Issues
April 17, 2019
The California Consumer Privacy Act | What is the CCPA, and Why Should I Care?
January 29, 2019
New Cybersecurity Guidance for the Health Care Industry (and Last Call for HIPAA Rule Comments)
December 20, 2018
The Sky's the Limit: The Cathay Pacific and British Airways Data Hacks, and the GDPR Six Months On
October 11, 2018
SEC Charges Broker-Dealer/Adviser With Inadequate Cybersecurity Procedures
April 25, 2018
GDPR—One Month to Go: Considerations for US Asset Managers
February 27, 2018
SEC Publishes Inspection Priorities for 2018
October 6, 2017
An Irish Court Clouds the Future of EU Data Transfers: The Luck of the Model Clauses May Be Done
May 15, 2017
Global Ransomware Attack Serves as Reminder of Good Practices
February 6, 2017
TAR Transparency Required in New DOJ Model Second Request
September 27, 2016
Is Your Business Prepared for the Ransomware Epidemic?
September 14, 2016
Keeping Your Cybersecurity Affairs in Order: How to Avoid Becoming the Next Ashley Madison
July 18, 2016
U.S., EU Launch "Privacy Shield" Data Transfer Framework, Certification to Begin August 1
May 11, 2016
Landmark Trade Secrets Law Creates New Federal Civil Cause of Action and Compliance Obligations for All Employers
March 22, 2016
OCR Kicks Off HIPAA Audits After Issuing Two Major Settlements
March 17, 2016
Hotels, Hospitality and Guest Privacy: Six Important Questions to Ask After the Andrews Verdict
December 29, 2015
What US Companies Need to Know About New EU Data Protection Rules
October 7, 2015
The Court of Justice of the European Union Sinks the Safe Harbor Program
September 24, 2015
SEC Enforcement Action Alleges an Adviser Failed to Adopt Adequate Cybersecurity Policies and Procedures; SEC Issues an Investor Alert on Data Theft
June 24, 2015
Cyber-Attacks: Threats, Regulatory Reaction and Practical Proactive Measures to Help Avoid Risks
November 12, 2014
Privacy Policies 2.0: Making Disclosures More Meaningful
April 3, 2014
IRS Issues Pronouncement on Virtual Currencies
February 5, 2014
FTC Settles With Businesses Who Allegedly Misrepresented US-EU Safe Harbor Certification
November 26, 2013
Bitcoin: Current US Regulatory Developments
November 26, 2013
California Mandates More Transparency: Time to Update Your Privacy Policy
February 11, 2013
California Does It Again!
January 29, 2013
Final HIPAA Rule Has Sweeping Impact on Covered Entities and Business Associates
January 11, 2013
The FTC's Interim Final Red Flags Rule: What It Means for Non-Bank, Short-Term Consumer Lenders
January 2, 2013
Privacy Policies Now a Must for Mobile Apps
June 7, 2012
Illinois Appellate Court Upholds Application of Patient Safety Act to Deny Access to State's Subpoena for Walgreens' Medication Error Incident Reports
May 20, 2010
HHS Issues Guidance on Risk Analysis Required by HIPAA Security Rules
August 31, 2009
HHS Issues Security Breach Notice Rule
Newsletters
May 3, 2019
Corporate & Financial Weekly Digest, Featuring Articles on a FINRA Warning on Imposter Websites and Proposed Rules Changes on Position Transfers and Investigations Into Disciplinary Matters From the CBOE
April 26, 2019
Corporate & Financial Weekly Digest, Featuring Articles on FINRA's New Office of Financial Innovation and a Proposal From the Federal Reserve on Bank Control
June 15, 2018
Corporate & Financial Weekly Digest, Featuring Topics on Investment Advisers, Derivatives, Cryptocurrencies, UK and EU Developments
May 25, 2018
Corporate & Financial Weekly Digest, Featuring Topics on Broker-Dealer, CFTC, Derivatives, Cryptocurrencies, GDPR, UK and EU Developments
February 13, 2018
Privacy Matters, Featuring Data Flows
February 12, 2018
Corporate and Financial Weekly Digest, Featuring Topics on SEC/Corporate, Broker-Dealer, Derivatives and UK/EU Developments
December 19, 2017
Privacy Matters, Featuring a Processing Personal Data Checklist
November 28, 2017
Privacy Matters, Featuring a Personal Data Checklist
November 14, 2017
Privacy Matters, Featuring 10 Steps to GDPR Compliance
Spring 2017
The Katten Kattwalk | Issue 12
October 26, 2016
Katten Safety Advisory Group Cybersecurity Dashboard
Fall 2016
The Katten Kattwalk | Issue 11
August 31, 2016
Katten Safety Advisory Group Cybersecurity Dashboard
Summer 2016
The Katten Kattwalk | Issue 10
July 27, 2016
Katten Safety Advisory Group Cybersecurity Dashboard
Summer 2014
The Katten Kattwalk | Issue 05
Events
October 7, 2019
Think Like a Lawyer, Talk Like a Geek 2019: Get Fluent in Technology | New York, New York
June 17–20, 2019
HITEC Minneapolis 2019 | Minneapolis, Minnesota
June 13, 2019
HIPAA Privacy in the Age of Social Media: Preventing and Addressing PHI in the Posts
May 2–3, 2019
Global Privacy Summit 2019 | Washington, DC
April 29, 2019
Cloud Computing 2019: Key Issues and Practical Guidance | New York, New York
January 31 – February 2, 2019
ABA Forum on Communications Law | Miami Beach, Florida
January 10, 2019
You've Been Hacked: Preventing and Dealing With Cyber Breaches
September 27, 2018
Panel on FinTech Innovations and the Regulatory Environment | New York, New York
July 11, 2018
Serviced Apartment Summit Europe | London
April 9–10, 2018
Serviced Apartment Summit Americas | New York, New York
March 27–28, 2018
Global Privacy Summit 2018 | Washington, DC
November 13–15, 2017
2017 ANA/BAA Marketing Law Conference | Chicago, Illinois
September 28, 2017
Privacy and the Cyberthreat Landscape: Current Issues in Handling Data and Data Breaches in the Hospitality Industry | New York, New York
July 12–13, 2017
Serviced Apartment Summit Europe | London
April 10–11, 2017
Serviced Apartment Summit Americas | New York, New York
December 7, 2016
A Lawyer's Guide to Cyber-Regulatory Enforcement and Response | San Antonio, Texas
November 30, 2016
Data Security: The Technology Company Perspective | Webinar
November 17, 2016
Cybersecurity Planning and Incident Response in the Age of Ransomware | Los Angeles, California
November 9–11, 2016
International Technology Law Association 2016 European Conference | Madrid, Spain
September 25–28, 2016
2016 American Fuel & Petrochemical Manufacturers Q&A and Technology Forum | Baltimore, Maryland
September 22, 2016
20th Annual Compliance Workshop | Chicago, Illinois
September 20, 2016
2016 Women's Energy Summit | Chicago, Illinois
July 27, 2016
Recent Legal Developments on Securities and Derivatives Issues for Sell-Side and Buy-Side Market Participants | New York, New York
July 8, 2016
Technology and IP Forum: Best Practices for Protecting Your Company's Trade Secrets in Light of the Defend Trade Secrets Act | Webinar
June 28, 2016
Israeli Cyber Security Showcase | Chicago, Illinois
May 5–7, 2016
2016 ABA Section of Taxation May Meeting | Washington, DC
April 26, 2016
Responding to a Data Security Breach - Surviving the First 3 Days | McLean, Virginia
November 19, 2015
Cybersecurity: Anticipate and Manage the Unlikely Scenario | New York, New York
November 9, 2015
37th Marketing Law Conference: Walking the Line: Between Innovation and Regulation | Chicago, Illinois
November 5, 2015
Second Annual Intellectual Property Symposium | Chicago, Illinois
October 29–30, 2015
The Third Annual Women, Influence & Power in Law Conference | Washington, DC
October 21–22, 2015
The First 48 Hours: Responding to a Data Breach in 2015 | Chicago, Illinois
June 24, 2015
Forum 2015 | Chicago, Illinois
June 11, 2015
Hot Topics in HIPAA and Cybersecurity | Chicago, Illinois
June 9, 2015
The Weakest Link: Where Is the Achilles Heel of Your Cybersecurity Program? | New York, New York
December 18, 2014
Practical Considerations for Health Care in the Cloud | Webinar
December 16, 2014
Electronic Discovery in Criminal Investigation and Trials 2014 | Practising Law Institute | New York, New York
September 17, 2014
2014 Cloud Computing Forum: Understanding the Law, Business and Technology Considerations | New York, New York
September 10, 2014
Hedge Fund Technology, Cybersecurity, and Due Diligence | New York, New York
July 30, 2014
The American Law Institute – Continuing Legal Education | Washington, DC
June 25, 2014
Cyber and Data Security | Chicago, Illinois
June 19, 2014
Fifth Annual Women's In-House Counsel and Compliance Officer Program: Issues That Keep In-House Counsel and Compliance Officers Up at Night | Chicago, Illinois
May 14–16, 2014
2014 World Technology Law Conference | New York, New York
May 13, 2014
ITA Security Symposium | Chicago, Illinois
May 8, 2014
Patient Safety Organizations: Optimizing Protection From Discovery Under the Patient Safety Act | Webcast
April 2014
HIPAA Breach Notification – Practical Tips
July 25, 2013
Best Practices for Preventing Banking Fraud in 2013 | Webinar
July 16, 2013
The Future of Healthcare: How Technology Is Enabling New Models of Healthcare Delivery | Chicago, Illinois
July 10, 2013
Recent HIPAA/HITECH Enforcement Highlights
June 20, 2013
HIPAA Update for PR Professionals – What's New and What's Not
April 11, 2013
HIPAA Omnibus Rule Panel Discussion
February 21, 2013
Practical Guidance and Proposed Solutions in Response to HIPAA Omnibus Final Rule | Webinar
September 30, 2012
119th Annual Conference & Exposition | San Diego, California
July 27, 2010
Impact of the Dodd-Frank Bill on Consumer Lenders | Webinar
June 17, 2010
Patient Safety Organizations: A Fundamental Tool in the World of Health Care Reform, Enhanced Reimbursement, Quality Improvement and Confidentiality Protections | Webinar
August 18, 2009
Patient Safety Organizations: What You Need to Know to Implement a PSO Program and Manage Confidentiality and Privilege Protections | Chicago, Illinois
April 22, 2009
Patient Safety Organizations – Basics for Health Lawyers | Chicago, Illinois
Privacy, Data and Cybersecurity

Contact

Related Practices

Related Industries

IAPP corporate member image

Screen Reader Content

IAPP Corporate Member

Katten Websites   Careers  |  Alumni  |  Mobile Site
Contact Us   Offices  |  Media Center  |  People  |  Email
Legal Notices   Disclaimer  |  Privacy Notice  |  Cookie Notice  |  United Kingdom Notices  | Accessibility 
Attorney Advertisting. © 2019 Katten Muchin Rosenman LLP
Contact Us
LinkedIn Facebook Twitter Blog Rss Feed Google Plus
Receive updates via email
We have placed cookies on your device to help us understand how you use our website. Details of the cookies we use and instructions on how to disable them are set forth in our Cookie Notice. By using this website without disabling or blocking cookies, you agree to our use of cookies. I Agree