Cybersecurity, Data Protection, & Privacy

The importance of data privacy and cybersecurity has been highlighted by the almost-daily news reports of data breaches.

Some of those incidents are the result of internal mistakes, like lost or stolen laptops, while others are the result of malicious attacks through vectors like phishing emails or malware-compromised flash drives. In the last year, the number of ransomware attacks—where malware is used to lock computer files and other electronic assets belonging to the victim until a ransom is paid—have increased significantly.

For these reasons, assuring cybersecurity has become a necessity for businesses across all industries. Jackson Walker’s Cybersecurity practice serves as a resource for businesses taking proactive steps to manage their cybersecurity risks, including helping clients acquire and negotiate insurance coverage to protect their businesses from the consequences of a breach. We are there to walk alongside you when your company experiences a data breach, leveraging the experience garnered from years of assisting clients through the myriad of regulatory, practical and technical steps that need to be taken when a breach occurs and assisting with recovery of any insurance proceeds for losses and liabilities. Our extensive experience litigating insurance coverage disputes allows us to handle the challenging issues presented by cyber-insurance matters.

The consequences of information compromise present business issues that require legal planning and action to mitigate the risks to the enterprise and its owners. We encourage a proactive approach to lay the groundwork to protect legal interests, promote strong corporate governance, and reduce the potential of financial losses, legal missteps, significant litigation, and other actions arising from information compromise.

  • Representing a market leader in secure file transfer, in venture capital investment in a whitelisting application company
  • Defended class action seeking $50 million in damages from an Internet-based publisher of geopolitical analysis that fell victim to an “anonymous” hack resulting in theft of its subscribers’ credit card data.
  • Advised clients on proper procedure and conducts forensic investigations in the event of a security breach, both from external hackers and internally by disgruntled employees.
  • Advised national non-profit regarding ramifications of data disclosure when third party software unintentionally wrote donor/member data into a publicly viewable internet page.
  • Assisted hospital system impacted by employee data disclosure resulting from the Anthem data breach
  • Assisted hospital system with ransomware incident
  • Guided multiple clients through regulatory and industry standards compliance, including Payment Card Industry Data Security Standard (PCI DSS), Critical Infrastructure Protection (CIP) reliability standards, and Automated Clearing House (ACH) transaction standards
  • Assistance in the development of policies in relation to security and enforceability for online transactions for a banking institution
  • Drafted standard HIPAA documentation and forms (including Notice of Privacy Practices, Policies & Procedures, Business Associate Agreements, Patient
  • Authorizations, and breach notification forms) for the Texas Medical Association to provide to its physician members
John Jackson with Jackson Walker logo

July 13, 2021
Mentions

John Jackson Discusses the Costly Business of Ransomware Attacks

In a Texas Lawyer article discussing the rising number of cybersecurity incidents and the costly results, John Jackson shared how ransomware attacks are growing increasingly common—and what companies can do to protect themselves.

Vaccination medical syringe with Jackson Walker logo

June 10, 2021
Mentions

Is It Legal for Businesses to Require Customers to Be Vaccinated? | Daily Caller

On June 20, 2021, Foo Fighters will perform at Madison Square Garden with only vaccinated people allowed to attend the full-capacity concert. In a Daily Caller article discussing the legality of private businesses refusing services to customers based on their vaccination status, Jeff Drummond noted: “HIPAA isn’t an issue. HIPAA only applies to health plans, health care data translation companies (called “health care clearinghouses”), and most (but not all) health care providers. Airlines, restaurants, landlords, and non-health care business owners are not subject to HIPAA.”

May 20, 2021
Spotlight

Chambers and Partners Recognizes Jackson Walker Attorneys and Practices in 2021 USA and Global Guides

Jackson Walker is pleased to announce that Chambers and Partners has selected 41 attorneys and 14 departments for inclusion in the 2021 edition of the Global and USA guides.

Cell phones in group with Jackson Walker logo

April 29, 2021
Insights

One of These Things Is Not Like the Other: SCOTUS Narrows the TCPA’s Application in Autodialer Cases, But Certain Marketing and Messaging Practices Are Still at Risk

By Emilio B. Nicolas and Eric Wong

Back in 1991, when mobile phones were a luxury item weighing about two pounds and dial-up internet was getting ready to hit the market, Congress passed the Telephone Consumer Protection Act (TCPA), with an eye towards reigning in robocalls and other abusive telemarketing practices of the time. Thirty years later, the TCPA still stands.

Chris Rourk with Jackson Walker logo

March 15, 2021
Mentions

‘Asia IP’ Quotes Chris Rourk on Vivint Smart Home’s Patent Infringement Lawsuit Against ADT

Jackson Walker partner Chris Rourk spoke with Asia IP, a leading international IP news journal, about Vivint Smart Home’s recent patent infringement lawsuit brought against ADT. In the suit, Vivint claims ADT infringed six patents related to security and smart home technology.

March 12, 2021
Insights

Smart Policing: Is It a Human Rights Violation | Lawyer Monthly

By Chris Rourk | Smart policing is an innovative and quicker way to identify suspects or citizens during routine checks. But with cybercrime on the rise and a fine line between innovation and intrusion, we explore below whether there is any remit for people to be concerned with the rise of biometrics and ‘smarter’ tech.

Michael Laussade with Jackson Walker logo

January 28, 2021
Podcasts

Business and Legal Issues Around Blockchain and Cryptocurrencies

~7.5 minutes | As potential investors contemplate getting into the blockchain and cryptocurrency market, Michael Laussade discusses the practical and legal implications surrounding these issues, including the potential for fraud and white collar issues.

Michael Laussade with Jackson Walker logo

January 19, 2021
Mentions

New Year, New Legal Focus: The Impact of Cryptocurrencies and Blockchain Law | The Mid-Market Report

As the chair of Jackson Walker’s Blockchain & Cryptoassets practice, Michael L. Laussade spoke with The Mid-Market Report about how he first got involved in blockchain and how this complex, technical area will impact transactions in the future.

International technology connection data privacy with Jackson Walker logo

August 27, 2020
Insights

Brazil’s LGPD Data Privacy Law to Become Effective Any Day

While it appeared that Brazil’s LGPD, which was inspired by the GDPR, was going to be postponed until 2021, that is no longer the case.

Fast Takes - John Jackson

August 26, 2020
Podcasts

Update on Global Data Privacy Regulations

John Jackson discusses the alphabet soup of data security regulations involving Brazil’s LGPD, the European Union’s GDPR, and California’s CCPA amid the COVID-19 pandemic.

More Cybersecurity, Data Protection, & Privacy News

Our team is composed of attorneys from across the firm. We believe that by taking a multi-disciplinary approach, we can efficiently and effectively provide our clients with the advice and counsel they need for a full spectrum of legal concerns.

  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Genetic Information Non-discrimination Act (GINA)
  • Gramm-Leach Bliley Act (GLBA)
  • Regulatory compliance
  • Website privacy policies
  • Information security policies and procedures
  • Document retention policies
  • Best practices for information handling
  • Employee training programs
  • Commercial transactions that involve the transfer of personal information
  • Vendor agreements
  • Incident response plans
  • Data breaches and breach notification
  • Working with security professionals and forensic experts
  • Data breach litigation European Union data protection requirements
  • Complying with import and export regulations related to encryption technologies
  • Advising boards and executives on risk management