Spencer Fane LLP Logo

Data Security and Data Breach Response

Databases not only serve as company crown jewels, but are increasingly governed by an array of international, federal, and state regulations. We work with clients to develop comprehensive data security strategies and provide immediate solutions to clients victimized by internal and external database intrusions.

Spencer Fane works with its clients in addressing the top risks to an organization’s data security and, in the event of a breach, provides a comprehensive solution. From insurance to indemnity, we have extensive experience in providing solutions – all while preserving the confidentiality of the engagement.

We regularly serve companies and organizations in:

  • Assisting in remediation
  • Formulating and executing data breach notification strategies
  • Ensuring compliance with international, federal, and state regulatory requirements
  • Instituting and revising privacy policies and statements
  • Interfacing with federal and state authorities
  • Employee training on data security

Spencer Fane has extensive experience in prosecuting civil actions against the perpetrators of data breaches and working with federal and state authorities in their criminal prosecutions of hackers.

Spencer Fane has worked with numerous financial institutions in the implementation of the FDIC’s Final Guidance on Response Programs. We provide comprehensive services from the filing of the SAR to customer notice strategies. Spencer Fane ensures the utmost privacy and confidentiality of the data breach assessment and remediation approaches.

Spencer Fane rejects a “one size fits all” approach to our clients’ data security needs. Spencer Fane uses a 50-state approach and we are capable of creating prompt notices customized to the particular requirements of your industry and each applicable state. Spencer Fane’s state-by-state approach is essential as state requirements not only differ, but also are inconsistent. Spencer Fane also has experience in assisting our clients on data intrusion claims under applicable insurance policies.