Privacy & Data Protection
The Need For Compliance
In today's fast-paced global economy, the free flow of information is essential to operate a successful business. The ability to transfer employee data, customer data, marketing data, and other information around the globe creates both opportunities and risks for multi-national businesses. As the ability to transfer data has grown, so too has the number of privacy and data protection laws. The number of countries that have enacted comprehensive privacy and data protection laws, and industry specific privacy requirements has increased exponentially over the past decade.
The growth of privacy regulation across the globe has been strongly influenced by the implementation of the European Data Protection Directive. The Directive is serving as the privacy standard for many industrial nations, and has influenced the federal and state privacy laws developing in the U.S. The cumulative effect of this legislation is a greater awareness among employees and consumers about their privacy rights. Non-compliance poses numerous risks, as the penalties for failing to abide by the legislation are considerable. Existing privacy and data protection laws in many countries impose criminal sanctions, including unlimited fines and imprisonment, for non-compliance with elements of their legislation. Perhaps even more significant is the damage to a company's reputation and the loss of customer or business partner confidence due to its failure to protect information.
How We Can Help
We at Crowell & Moring specialize in the development and implementation of global privacy and data protection programs, offering a “one-stop” service to meet your compliance needs. Capitalizing on our European practice, strategic affiliations world-wide, and multi-lingual capabilities, we are well-positioned to assist clients who seek to achieve privacy compliance wherever they may have operations. We are experienced in carrying out data protection audits and dealing with government authorities in order to implement and maintain annual registrations of data practices. Our global team of privacy lawyers have developed and utilized a wide range of compliance materials, including, corporate privacy policies and procedures, internet privacy statements, guidance for human resources personnel, retention policies, model clauses for employment and vendor contracts, contracts for cross border transfers of data and versatile employee training packages. We assist corporations with notifications to national data protection authorities and registrations under the Safe Harbor scheme.
We also advise clients on the myriad U.S. state and federal laws falling within the privacy arena, such as HIPAA, COPPA, the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, the CAN-SPAM Act, and consumer data collection in the retail, financial, and other industries. Crowell and Moring has also advised clients dealing with a security breach or other forms of unauthorized disclosure of personal information held by them, including advice on notification to the individuals whose personal information has been disclosed.
Our experience and expertise allows us to provide practical advice on project management issues, including corporate governance structures and ongoing compliance matters. We host and manage project documentation databases on behalf of our clients and provide advice on how to manage data protection compliance issues in an efficient and cost effective fashion.
In addition to extensive privacy compliance and counseling know-how, we have a preeminent litigation practice. Our litigators have handled a range of privacy-related litigation in courts across the country, including privacy class actions.