Developing an Information Security Program

We help clients develop robust information security programs, including:

  • Administering internal compliance and risk assessments, which include the development and implementation of corporate policies and procedures required for compliance with state and federal privacy and security laws, and information security best practices; information security policies; records retention and management policies. 
  • Investigating, mitigating, and responding to data privacy and security breaches.
  • Negotiating contractual protections relating to data security and privacy in connection with cloud-based services, outsourcing, licensing, professional services engagements, and other information technology transactions. We have developed a complete set of tools for better integrating information security into the contracting process. 
  •  Providing due diligence in merger and acquisition transactions relating to privacy and security investigation, risks, and purchase agreement contractual provisions.