Miller Johnson’s Privacy & Cybersecurity group provides clients industry-specific expertise focusing on cyber-risk management, information security and governance, data breach response, and information technology and M&A transactions counseling that leverages our strategic alliances with a global team of cybersecurity service providers, experts, and attorneys.
Cyber-risk Management Consulting
Miller Johnson’s Privacy & Cybersecurity team helps private companies and government entities manage information and mitigate risk associated with the collection, use, and disclosure of sensitive information about their customers and employees. The complex framework of global legal requirements governing data flows demands an inter-disciplinary team approach that like the Internet, spans the globe. Our experience spans a range of industry sectors including manufacturing, healthcare, construction and engineering, consumer goods and retail, automotive, government entities, and non-profits. Specific privacy and cybersecurity services we provide for our clients include:
- development and implementation of comprehensive privacy policies and procedures
- investigations and training programs related to privacy in the workplace
- response and management of data breaches and investigations following a breach including notification and credit monitoring
- ensuring compliance with Data Protection regulations, including adaptation to the EU GDPR
- conducting data protection assessments and audits
- advising on the transfer of personal data across borders
- advising government entities regarding the Critical Infrastructure Protection Act (CIPA) and Department of Homeland Security cybersecurity assessments
- providing consultation and training to Data Protection Officers
- due diligence with mergers and acquisition transactions to protect deal information
- compliance with healthcare privacy regulations including HIPAA and HITECH
- advising on PCI compliance and point of sale cybersecurity
- recommendations and negotiations on insurance policies which historically have a wide variation in forms, terms, and coverage
- recommendations and negotiations with respect to third-party data storage providers
Data Breach Response
In the event of a data breach, we provide immediate and comprehensive incident response and investigation under the protection of the attorney-client privilege. Our team’s extensive experience working with the government on both civil and criminal matters of all sizes and scope makes us effective in coordinating an organization’s engagement with law enforcement and federal and state regulators.
We have advised both public sector and private organizations in response to data breaches. We have assisted these organizations in determining the attack vector and scope of the breach, assessing regulatory compliance requirements, managing data breach notifications, updating policies and procedures, and conducting training on those policies and procedures.
To assist organizations in assessing their data breach preparedness, Miller Johnson has prepared a Data Breach Toolkit. Organizations can use the Toolkit on their own or with Miller Johnson’s assistance to enhance their cybersecurity posture.
Information Technology and M&A Transactions
Business runs on technology and data, and we advise clients across industries how to mitigate risk in this environment. We support our Corporate and M&A teams where technology and/or sensitive data is a strategic component of a deal or a commercial transaction. For clients engaged in acquisitions, divestitures, joint ventures, and other technology transactions, we regularly advise clients regarding:
- Transaction due diligence
- Principal transaction documents
- Transition-services agreements
- Technology-focused agreements
- Internal and external compliance programs
- Licensing and cloud services agreements, SaaS agreements
- Data protection agreements
- IT equipment and services agreements
- Software and website development agreements
Global Team Approach
Miller Johnson’s Privacy & Cybersecurity practice is enhanced by our strategic alliances with identity theft protection services, information technology and security experts, cyber-risk insurance providers, and membership in the Meritas Data Protection Group, an international team of expert privacy lawyers. Meritas is a leading global network of independent law firms spanning over 80 countries around the world. Miller Johnson’s membership in Meritas provides clients with unparalleled access to a global team of expert privacy attorneys who can resolve clients’ domestic and international data protection legal needs and advise on international regulatory developments. Our strategic alliances and team approach provide clients a wide range of cybersecurity-related services, including identity theft protection and credit monitoring, managed IT cybersecurity services, and cyber-risk insurance tailored to your organization’s needs.