Cybersecurity, Data Protection, & Privacy
The importance of data privacy and cybersecurity has been highlighted by the almost-daily news reports of data breaches.
Some of those incidents are the result of internal mistakes, like lost or stolen laptops, while others are the result of malicious attacks through vectors like phishing emails or malware-compromised flash drives. In the last year, the number of ransomware attacks—where malware is used to lock computer files and other electronic assets belonging to the victim until a ransom is paid—have increased significantly.
For these reasons, assuring cybersecurity has become a necessity for businesses across all industries. Jackson Walker’s Cybersecurity practice serves as a resource for businesses taking proactive steps to manage their cybersecurity risks, including helping clients acquire and negotiate insurance coverage to protect their businesses from the consequences of a breach. We are there to walk alongside you when your company experiences a data breach, leveraging the experience garnered from years of assisting clients through the myriad of regulatory, practical and technical steps that need to be taken when a breach occurs and assisting with recovery of any insurance proceeds for losses and liabilities. Our extensive experience litigating insurance coverage disputes allows us to handle the challenging issues presented by cyber-insurance matters.
The consequences of information compromise present business issues that require legal planning and action to mitigate the risks to the enterprise and its owners. We encourage a proactive approach to lay the groundwork to protect legal interests, promote strong corporate governance, and reduce the potential of financial losses, legal missteps, significant litigation, and other actions arising from information compromise.
- Representing a market leader in secure file transfer, in venture capital investment in a whitelisting application company
- Defended class action seeking $50 million in damages from an Internet-based publisher of geopolitical analysis that fell victim to an “anonymous” hack resulting in theft of its subscribers’ credit card data.
- Advised clients on proper procedure and conducts forensic investigations in the event of a security breach, both from external hackers and internally by disgruntled employees.
- Advised national non-profit regarding ramifications of data disclosure when third party software unintentionally wrote donor/member data into a publicly viewable internet page.
- Assisted hospital system impacted by employee data disclosure resulting from the Anthem data breach
- Assisted hospital system with ransomware incident
- Guided multiple clients through regulatory and industry standards compliance, including Payment Card Industry Data Security Standard (PCI DSS), Critical Infrastructure Protection (CIP) reliability standards, and Automated Clearing House (ACH) transaction standards
- Assistance in the development of policies in relation to security and enforceability for online transactions for a banking institution
- Drafted standard HIPAA documentation and forms (including Notice of Privacy Practices, Policies & Procedures, Business Associate Agreements, Patient
- Authorizations, and breach notification forms) for the Texas Medical Association to provide to its physician members

December 12, 2022
Podcasts
Shielding EU/US Data Transfers: Inside the New Privacy Framework
JW Fast Takes Podcast | ~7 minutes
In a global economy with personal data flowing between countries on a regular basis, President Biden in October 2022 signed an executive order directing the steps that the United States will take to implement its commitments under the EU-US Data Privacy Framework. In this Fast Takes episode, John Jackson and Manny Schoenhuber discuss the implications of this executive order.

October 7, 2022
Attorney News
Jackson Walker Congratulates 36 Attorneys Named Among the Lawdragon 500 Leading Litigators in America
Jackson Walker announces the selection of 36 attorneys to Lawdragon’s inaugural list of the 500 leading litigators in America.

January 19, 2022
Podcasts
What Businesses Need to Know About LIPA, ICTS Regulations, and Protections for Critical Infrastructure
This episode of Jackson Walker’s Fast Takes podcast features Robert Soza discussing the Lone Star Infrastructure Protection Act (LIPA) and regulations from the U.S. Department of Commerce on the Information and Communications Technologies (ICT) supply chain.

October 21, 2021
Insights
Cancel Culture and the Endless Stream of Subscriptions: A Discussion of Automatic Renewal Laws
By Shannon Zmud Teicher & Serene W. Ateek
Regardless of whether your interest is home goods or hunting, it is undeniable that companies are quickly embracing the rise of digital when offering entertainment and personal services to consumers. Automatic renewal programs seem to dominate a lot of our world today, think: music, games, television, movies, magazines, meal deliveries, gym memberships, eyelash extensions, and much more. With all of these automatic renewal programs in place, it is easy to see how consumers would forget to cancel certain subscriptions they no longer wanted.

July 28, 2021
Mentions
John Jackson Discusses the Costly Business of Ransomware Attacks and the Need for Cybersecurity Insurance
In a Texas Lawyer article discussing the rising number of cybersecurity incidents and the costly results, John Jackson shared how ransomware attacks are growing increasingly common—and what companies can do to protect themselves.

June 10, 2021
Mentions
Is It Legal for Businesses to Require Customers to Be Vaccinated? | Daily Caller
On June 20, 2021, Foo Fighters will perform at Madison Square Garden with only vaccinated people allowed to attend the full-capacity concert. In a Daily Caller article discussing the legality of private businesses refusing services to customers based on their vaccination status, Jeff Drummond noted: “HIPAA isn’t an issue. HIPAA only applies to health plans, health care data translation companies (called “health care clearinghouses”), and most (but not all) health care providers. Airlines, restaurants, landlords, and non-health care business owners are not subject to HIPAA.”

May 20, 2021
Spotlight
Chambers and Partners Recognizes Jackson Walker Attorneys and Practices in 2021 USA and Global Guides
Jackson Walker is pleased to announce that Chambers and Partners has selected 41 attorneys and 14 departments for inclusion in the 2021 edition of the Global and USA guides.

April 29, 2021
Insights
One of These Things Is Not Like the Other: SCOTUS Narrows the TCPA’s Application in Autodialer Cases, But Certain Marketing and Messaging Practices Are Still at Risk
By Emilio B. Nicolas and Eric Wong
Back in 1991, when mobile phones were a luxury item weighing about two pounds and dial-up internet was getting ready to hit the market, Congress passed the Telephone Consumer Protection Act (TCPA), with an eye towards reigning in robocalls and other abusive telemarketing practices of the time. Thirty years later, the TCPA still stands.

March 15, 2021
Mentions
‘Asia IP’ Quotes Chris Rourk on Vivint Smart Home’s Patent Infringement Lawsuit Against ADT
Jackson Walker partner Chris Rourk spoke with Asia IP, a leading international IP news journal, about Vivint Smart Home’s recent patent infringement lawsuit brought against ADT. In the suit, Vivint claims ADT infringed six patents related to security and smart home technology.
March 12, 2021
Insights
Smart Policing: Is It a Human Rights Violation | Lawyer Monthly
By Chris Rourk | Smart policing is an innovative and quicker way to identify suspects or citizens during routine checks. But with cybercrime on the rise and a fine line between innovation and intrusion, we explore below whether there is any remit for people to be concerned with the rise of biometrics and ‘smarter’ tech.
Our team is composed of attorneys from across the firm. We believe that by taking a multi-disciplinary approach, we can efficiently and effectively provide our clients with the advice and counsel they need for a full spectrum of legal concerns.
- Health Insurance Portability and Accountability Act (HIPAA)
- Health Information Technology for Economic and Clinical Health Act (HITECH)
- Genetic Information Non-discrimination Act (GINA)
- Gramm-Leach Bliley Act (GLBA)
- Regulatory compliance
- Website privacy policies
- Information security policies and procedures
- Document retention policies
- Best practices for information handling
- Employee training programs
- Commercial transactions that involve the transfer of personal information
- Vendor agreements
- Incident response plans
- Data breaches and breach notification
- Working with security professionals and forensic experts
- Data breach litigation European Union data protection requirements
- Complying with import and export regulations related to encryption technologies
- Advising boards and executives on risk management