We focus on guiding clients into taking a global approach to cybersecurity through planning to better ensure they reduce their overall risk as well as minimize damages in the event of a breach or incident.  We understand that compliance may be the short-term goal, but that data privacy is an ever-changing field that requires a collaborative effort between the Business, legal/compliance, IT, insurance providers and breach response experts.   Our group focuses on the following key areas to assist our clients:

​

• Due Diligence for Mergers and Acquisitions and general commercial transactions

• Privacy Law Compliance with state, federal and international laws, including the Health Insurance Portability and Accountability Act (HIPAA), the Family Educational Rights and Privacy Act (FERPA), the European General Data Protection Regulation (GDPR) and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), among many others

• Data Privacy and Security Assessments;

• Drafting and reviewing policies and procedures;

• Drafting business associate agreements (BAAs), Data Privacy Agreements (DPAs), and data privacy and cybersecurity provisions for commercial contracts

• Technology license and SaaS Contracting

• Assessments for technology supported initiatives

• Fractional Data Security & Privacy Counsel

• Third party vendor management and contract review

​

The data privacy and cybersecurity practice is led by Jacqueline Goralczyk.   Jacki has an LL.M. in Cybersecurity and Data Privacy from Albany Law School where she is also an instructor in their Cybersecurity and Data Privacy Masters and LL.M. program.