Privacy and Security Compliance and Policies
The first step in privacy compliance is to have a robust, effective, and documented privacy and information security program. We help document and validate that your privacy and security policies are current, that employees are aware of them and properly trained, and that appropriate internal enforcement mechanisms are in place. Our attorneys conduct security and privacy audits and assessments, including implementing privacy and information security policies, incident response plans, and vendor due diligence programs. We provide counseling for FTC compliance, including disclosure and safeguards for online, mobile, and social media information collection, use, and sharing practices; consumer protection and marketing regulations, such as CAN-SPAM and the Telephone Consumer Protection Act (TCPA); and state data security and breach notification laws.