Interested in training for your team? Click here to learn more

Data Privacy and Information Security Compliance Under Heightened Scrutiny: Responding to a Data Breach or Cyber Attack

Recording of a 90-minute CLE webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Wednesday, May 29, 2019

Recorded event now available

or call 1-800-926-7926

This CLE course will provide corporate counsel with an analysis of recent legal developments impacting data privacy and information security compliance. The panel will outline proactive strategies to reduce the likelihood of a data breach and provide best practices for responding if a breach occurs.


New privacy legislation in the U.S., including the California Consumer Privacy Act (CCPA), represents a dramatic shift from existing regulations. Beyond presenting new requirements for the handling of personal information, these laws place greater scrutiny on companies’ data security practices.

A recent report published by cybersecurity firm Shape Security showed that 80 to 90 percent of the people who log in to a retailer's e-commerce site are hackers using stolen data. This danger, along with the surge in data privacy class actions, emphasizes the need for corporate counsel to fine-tune their companies’ policies and practices for managing private customer and employee electronic information.

Breaches in data security damage the reputations of companies and put trade secrets and confidential information at risk. They also increase the likelihood of federal and state and overseas enforcement actions, class action suits and fines in the U.S. and abroad.

Companies' use of cloud computing to virtually store private information has raised a host of new privacy and security concerns for corporate counsel. Recent well-publicized incidents of irretrievable loss of virtually stored information should push counsel to negotiate agreements with cloud vendors that specifically include data security measures.

Listen as our authoritative panel of privacy and data security attorneys/technologists examines recent legal developments impacting data privacy and security compliance. The panel will outline proactive legal strategies for counsel to reduce the risks associated with privacy violations and data breaches.



  1. Recent legal developments in cybersecurity
    1. Federal law developments
    2. State law developments, including the CCPA
    3. International law developments, including GDPR
    4. Recent litigation and settlements
  2. New privacy legislation
    1. The privacy phenomenon, globally and in the U.S.
    2. Crafting and implementing a comprehensive data privacy policy
    3. Complying with the California Consumer Privacy Act (CCPA)
    4. Assessing the risk of non-compliance with new privacy laws
    5. Translating new privacy legislation into enforceable organizational policies
    6. Designing new processes to implement privacy requirements
      1. Creating a data map
      2. Updating websites
      3. Making changes to IT systems
      4. Training resources
      5. Modifying vendor agreements
  3. Crafting and implementing a comprehensive data breach program
    1. Mitigating risk and impact of security breaches
      1. Restricting access to certain information
      2. Encryption of sensitive personal information that will be electronically transmitted
      3. Written security policies that are consistently enforced
      4. Internal training on appropriate response to data breach
      5. Regular monitoring of networks
      6. Contracting with cloud computing vendors
    2. Responding to security breaches
      1. What triggers notification?
      2. Rapid notification of key company officials
      3. Investigation of the breach
      4. Rapid notification of affected individuals and state officials
      5. Documenting actions taken in response to a security breach
      6. Litigation?
  4. Risk transfer strategies for data privacy and security risks - cybersecurity insurance
    1. Coverage for data breaches -contractual indemnity
    2. Insurance coverage
    3. Other risk transfer strategies


The panel will review these and other essential questions:

  • What proactive strategies should counsel take to protect the private information of customers and employees and sensitive information belonging to the company and in the company’s possession but belonging to other entities?
  • What risk management strategies should corporate counsel establish to minimize liability for disclosure of confidential information if a breach occurs?
  • What terms and conditions should counsel attempt to include in agreements with vendors to minimize the risk of, and allocate liability for privacy violations and data breaches?


Brownstone, Robert
Robert D. Brownstone

Technology & eDiscovery Counsel
Fenwick & West

Mr. Brownstone advises clients on information-security, data-privacy, electronic discovery, electronic information...  |  Read More

Miranda, Isis
Isis Miranda

Freeman Mathis & Gary

Ms. Miranda concentrates her practice in civil litigation and advises on cyber liability, data privacy, and insurance...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video