The world of protected, sensitive, and commercially valuable data can be a dangerous place. With the ever increasing frequency of data breaches in a variety of industries, many organizations must now look inward and ask tough questions about their own data, policies, and ability to respond when a breach occurs. Our multidisciplinary Privacy and Data Security team counsels our clients concerning the risks, regulatory implications, and potential litigation arising from misuse or improper storage or transmission of protected, sensitive, or commercially valuable data, whether it be Payment Card Information, Protected Health Information, Personally Identifiable Information, or trade secrets. Specifically, we counsel our clients concerning:

  • federal and state data protection and breach notification requirements;
  • compliance and reporting under federal and state securities laws;
  • best practices for preparing for and avoiding a data breach or loss, including privacy and breach notification policies, contracts with security vendors, cyber and data risk insurance, and organizational readiness for a breach;
  • crisis management and remediation in response to a data breach;
  • internal investigations arising out of a data breach, including interaction with law enforcement and regulators;
  • indemnification and insurance claims; and
  • potential litigation and regulatory action. 

Advisen blockHarter Secrest & Emery LLP is a featured provider in Advisen’s 2019 Cyber Guide. The guide profiles 169 companies, and is the most comprehensive listing of global cyber providers.

Please visit the Advisen website to view the 2019 Cyber Guide. HSE's profile can be found on page #167.


Timing is Crucial When You Are Under Attack

Quick and experienced breach response is essential to getting back on track and minimizing legal risk. An organization that is slow to respond to a cyberattack or inefficient in its response faces disruption, confusion, increased harm to its systems and customers, as well as possible regulatory enforcement and civil liability.

The HSE Privacy and Data Security team is available 24/7 to provide experienced incident and breach coach guidance, including breach response and remediation support, crisis management and communication, post-breach reporting and notice, and advice and representation concerning potential litigation and regulatory enforcement. Call our Cybersecurity Incident and Breach Response Line at 1-800-232-3021 for immediate access to our Privacy and Data Security team and their deep connections with information security professionals, forensic investigators, crisis communication professionals, with maximum protection offered by the attorney-client privilege. 

Our Experience 

Our Privacy and Data Security attorneys have years of in-depth experience in dealing with various federal and state laws and regulations impacting the privacy and security of information, including, but not limited to:

  • Health Insurance Portability and Accountability Act (HIPAA);
  • Health Information Technology for Economic and Clinical Health Act (HITECH);
  • Federal and state data protection and breach notification requirements;
  • Payment Card Information Data Security Standard (PCI-DSS);
  • Family Educational Rights and Privacy Act (FERPA);
  • Gramm-Leach-Bliley (GLB) Act;
  • Fair and Accurate Credit Transactions Act (FACTA);
  • Freedom of Information Act (FOIA);
  • Fair Credit Reporting Act (FCRA);
  • Americans with Disabilities Act (ADA); and
  • Red Flags Rule.

Our Clients

  • Fortune 100 Companies
  • Financial Services Companies
  • Retail Merchants
  • Public & Private Health Care Systems and Hospitals
  • Long Term Care Facilities
  • Physicians and Other Care Providers
  • Public & Private Colleges & Universities
  • Public & Private Companies
  • Information Technology Companies
  • Software Developers & Vendors
  • Not-for-Profit Organizations


This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel

Our website uses cookies. By continuing to use our site, you agree to our use of cookies in accordance with our Privacy Policy.