Practices | Data Security

The Data Security Team at Bernstein Shur helps clients navigate the technical, legal and insurance issues related to data security breaches.

Security breaches are extremely costly to a business’s reputation and bottom line. In 2011, data security breaches cost corporations an average of $417,748 and took 18 business days to “clean up.”* Despite enormous and increasing resources devoted to prevention and mitigation of these losses, the incidence and cost of data breaches and other cybercrimes continues to grow.

Bernstein Shur’s data security lawyers works with clients before and after cyber-attacks to prevent and mitigate losses. Our team works closely with a network of experienced advisors to address the technical, legal and insurance issues involved in data security breaches.  

Before an Attack

Our data security attorneys meet with clients to examine their existing data systems and address security needs. Our strategy includes:

• Conducting an initial assessment of the regulatory and legal requirements, security risks and existing internal procedures
• Identifying reasonable foreseeable risks and working to secure those risks
• Reviewing, editing and negotiating third-party contacts to assure maximum system and data protection
• Review of insurance policies and assistance in negotiating coverage
• Coordinating with experts to evaluate the adequacy of the technical protections within the company and with third-party vendors

After an Attack

If a data breach takes place, our attorneys work to assess the breach and mitigate losses. Our team offers post-breach services, including:

• Assessing the cause and scope of the breach
• Conducting a prompt assessment of all legal consequences
• Determining responsibility for giving notice to people whose information have been compromised – plus any credit bureaus and governmental agencies with regulatory authority
• Drafting all required notifications
• Preparing employees for inquires regarding the breach, including scripts and information sheets
• Assuring that prompt notice is given to appropriate insurers and advocating for coverage
• Assisting in the resolution of adverse civil claims
• Enforcing indemnity and other contractual rights against service providers that may be at fault for the breach

Data Security Team
Mike Bosse
Dan Mitchell
Jack Montgomery
Tony Perkins
Josh Silver
Asha Echeverria
Eben Albert-Knopp

Related Articles & Resources

• Lessons from the Patco v. People’s United featuring Dan Mitchell

• A Win for Small Business in a Bank Fraud Case

• Cyber Crimes: What You Need to Know About Risk Management & Insurance

Click here to search publications for all data security related articles.

*Ponemon Institute, LLC, August 2011