Privacy & Data Security

As an individual or a business, it’s difficult to anticipate all the ways your electronic data might be vulnerable. Employees with portable storage devices, criminal hackers, third-party vendors, former business partners, and social media stalkers are only the most obvious concerns. At Hinckley Allen, our focused group of attorneys can help you navigate the intricacies of cyberspace to manage sensitive data confidently. The attorneys in our Privacy and Data Security group blend advanced IT understanding with deep insight into particular areas of law and business such as Health Care, Banking/Finance, Labor & Employment, Nonprofits, and Trusts & Estates.

Corporate & Business Law - Privacy & Data Security

Protecting your critical electronic assets.

Our Professionals

Privacy and Data Security issues touch nearly every aspect of our business and personal lives today. Our specialized team provides services in the following areas:


Corporate Policies and Practices

  • Negotiation of agreements regarding Confidential Information
  • Development of Data Security Practices and Policies
  • Written Information Security Policies (WISPs)
  • Due diligence for privacy/data security
  • Insurance
    • Cybersecurity requirements/policies
  • International/Cross-Border Privacy Law
    • Canadian Privacy Law
    • EU/US Safe Harbor and Privacy Shield
  • Mobile Privacy
  • Online Data Tracking
    • browsers, cookies, plug-ins



  • Class Action Lawsuits
    • Merchants’ Duty of Care
  • Litigation of claims under HIPAA, State Privacy and Security Data Breach
  • Laws, and Related Common Law
  • Hacking and Forensic Data Analysis
  • Identity Theft
  • Invasion of Privacy
  • Trade Secret Misappropriation



  • Data Breach Notification Laws (State and Federal)
  • Discovery / eDiscovery in Civil and Criminal Litigation
  • Federal Privacy and Security Legislation
    • CAN-SPAM Act
    • COPPA
    • FERPA
    • NIST (IT Security aspects)


Healthcare Privacy and Security Law

  • HIPAA/HITECH Compliance
  • State-level Privacy/Data Security Pre-emption Analysis
  • HIPAA Breaches
  • State Law Privacy and Security Law Breaches


Banking and Finance

  • Compliance
    • PATRIOT Act
    • Gramm-Leach Bliley Act
    • Fair Credit Reporting Act
    • Financial Privacy Act
    • Bank Secrecy Act
    • Payment Card Industry Data Security Standard (PCI DSS)
    • Legislation – drafting and lobbying


Labor and Employment

  • Employee Policies
  • Workforce Training and Consulting


Trust and Estates

  • Estate-related Digital Assets and Privacy Issues
    • HIPAA waivers to allow health care proxies access to individual health information
    • Planning for electronic password storage and retrieval
    • Post-mortem access to private data


To learn more about our Privacy & Data Security practice, please contact our Practice Group Chair: Nancy R. Wilsker.