Related Practices
|
Covington regularly counsels clients in the United States and Europe regarding compliance with laws, regulations, and best practices involving the privacy and security of personal information. We not only evaluate our clients’ existing practices, but also offer creative, forward-thinking strategies to maximize new business opportunities within applicable privacy and security standards.
The bulk of our practice in the area of privacy and data security involves advising clients in the United States and Europe on compliance with applicable laws, regulations, and best practices. This work ranges from assisting clients in conducting privacy and security audits—to assess the ways in which they handle and protect their customers’ personal information—to advising on potential liability arising out of business practices, human resources procedures, marketing plans, and online activities. In all of this work, we provide specific recommendations to help our clients implement their ideas in ways that are sound from both legal and business perspectives.
Our counseling and compliance work spans the full range of issues encompassed within our Privacy and Data Security practice. For example, we often audit our clients’ websites for compliance with stated policies. We offer operational advice on how clients can structure marketing practices to meet federal and state requirements regarding commercial email and telemarketing. We advise on appropriate mechanisms to transfer data from the European Union (EU) to the US and assist clients in drafting certification documents under the US-EU Safe Harbor agreement. We also frequently advise clients regarding the evolving set of rules governing the collection and processing of employee personal information. Likewise, we aid our clients in complying with the complex landscape regulating financial privacy, both in the United States and the EU.
Our advice is typically borne out through policies and practices that reflect and implement these recommendations. We often work with clients to formulate information security policies that comply with legal standards and best practices. Similarly, we offer training and compliance programs to help companies responsibly collect and manage employee information. We also assist European clients to adopt practices that comply with both US and EU privacy laws governing financial reporting, and the processing and transfer of medical and health data.
Representative Matters
- Drafted website privacy policies and provided related advice on online privacy issues arising in connection with the operation of those sites, including advice regarding changes to privacy policies and the implications of such changes.
- Counseled clients regarding notification and other measures following breaches of security involving consumer personal information.
- Advised pharmaceutical companies in the United States and Europe on data privacy issues, including questions relating to genetic testing programs and the development of genomics databases, pharmacovigilence reporting, further use of data collected in clinical trials, the sourcing and handling of human tissue and biological samples for research purposes, patient outreach, and marketing activities.
- Assisted several multinational companies in notifying their databases to privacy regulators in the EU Member States.
|
|
|
|
|
|
|