Skip to content

Cybersecurity & Privacy Risk Management

At Sandberg Phoenix, our Cybersecurity & Privacy Risk Management team takes a proactive interdisciplinary approach to cybersecurity and data protection for clients in numerous industries.  

We leverage the support of legal services, technology risk expertise, insurance and public relations to aid organizations.

We use government and industry best practices as a guide to set baselines and reduce risk without the fear of increasing their liability from regulatory enforcement, private litigation, or class action litigation that can lead to significant financial and reputational harm by providing the following services:

  • Internal cybersecurity assessments
  • Coordination of multidisciplinary responses and mitigation of data breaches
  • Design effective systems and protocols including cybersecurity programs and Incident Response Plans
  • Cybersecurity assessments in M&A due diligence
  • Creating and implementing customer privacy notices and policies, including those related to marketing, data security policies, website privacy policies and email and Internet monitoring policies and protocols
  • GDPR contractual clauses, binding corporate rules and codes of conduct
  • Advise and audits regarding the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) protect patient personal health information (PHI)
  • Advice regarding the appropriate patent, copyright, trademark, and trade secret strategies to protect data, databases, networks, sales and financial information and other proprietary intellectual property or business enterprises
  • Review and negotiate third-party IP vendor and outsourcing contracts to ensure adequate protections for confidential and proprietary information.
  • Perform corporate investigations and provide relevant advice to corporate officers and boards of directors regarding fulfillment of their risk oversight responsibilities
  • Advice concerning incident response, forensic investigation assistance, reporting/disclosure obligations and crisis management with respect to breach incidents
  • Response to government investigations
  • Draft personnel policies
  • Conduct comprehensive in-house training and compliance programs
  • Review insurance policies to assess terms and adequacy of coverage
  • Day-to-day advice concerning compliance with applicable privacy federal, state and local laws and regulations and relevant industry standards

Cybersecurity & Privacy Risk Management Team

See All Attorneys