Privacy & Data Security

Complying with privacy and data security has become extremely difficult and it’s not going to get easier.  The rate at which businesses collect and store digital information is increasing rapidly.  Privacy and data security laws are complex and often vary from state to state and from country to country, and different laws may apply at the same time.

There are a number of federal privacy laws, which include: The Federal Trade Commission Act, The Health Information Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the Children’s Online Privacy Protection Act (COPPA).  In addition, at least 30 states have laws regulating the use and security of personal information, such as the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA), and many are inconsistent with each other.  U.S. businesses must also be cognizant of international laws, such as the European Union’s General Data Protection Regulation (GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and the multi-country Organization for Economic Cooperation and Development (OECD) guidelines.  Businesses collecting personal information need to know how all of these laws apply to their data collection practices.

SA&M guides clients through these complex and ever-changing laws.  We help businesses minimize risks that can lead to a loss of valuable data and to comply with the growing body of privacy and data security laws and regulations in the United States and abroad.  We evaluate our clients’ data collection, protection, use, and sharing practices to assess liability risks and we provide solutions to minimize these risks.  Our attornies counsel clients concerning online advertising campaigns, contests, sweepstakes, marketing programs, location-based services, and privacy by design practices for developing new products and services.  We develop tailored privacy and data security policies to bring clients into compliance with legal and regulatory requirements and industry best practices.

Our services include:

  • Advice for complying with state and federal privacy laws
  • Audits and data mapping
  • Advice concerning identification and treatment of sensitive information
  • Customized website documents and app agreements, including Terms of Use, Privacy Policies, Cookies Policies, and End User License Agreements
  • Development of an Incident Response Plan (IPR) with specific response protocols in the event of a data breach
  • Data retention and data deletion policies and procedures
  • Development and implementation of employee training data security
  • Development and implementation of processes and procedures for reporting privacy incidents and complaints
  • Assistance with data breach response, from working with law enforcement and third-parties to breach notification

Practice Area Group Co-Chair

Privacy & Data Security
News & Announcements

SA&M Encourages You to Attend NexGen: Website Privacy Laws featuring Heather Antoine
SA&M encourages you to attend a NexGen event on Website Privacy Laws featuring SA&M Partner Heather Antoine. On September 18, 2020 at 12:00 pm, the...
SA&M Encourages You to Attend an IABA Event
SA&M encourages you to attend an Iranian American Bar Association event “How to Build a Privacy Program for Fast Moving Companies” featuring SA&M Partner Heather...
Heather Antoine and Mallory Petroli Published In Daily Journal “The Rise and Fall of the EU-US Privacy Shield
Stubbs Alderton & Markiles attorneys Heather Antoine and Mallory Petroli were featured in the Daily Journal for their article “The Rise and Fall of the EU-US...
SA&M Attorneys Published In Daily Journal
Stubbs Alderton & Markiles attorneys Mallory Petroli and Heather Antoine were featured in the Daily Journal for their article “CCPA Enforcement and Final Regulations.” Since the...
Eight Stubbs Alderton & Markiles’ Attorneys Listed As 2020 Southern California Super Lawyers
Stubbs Alderton & Markiles, LLP is pleased to announce that eight lawyers have been named to the 2020 Southern California Super Lawyers. Super Lawyers is a rating service of...
The Executive Order on Preventing Online Censorship and What it Means for Your Online Business
On May 28, 2020, President Donald Trump signed the Executive Order on Preventing Online Censorship (referred to in this article as the “Executive Order”).  The...
SA&M Partner Heather Antoine Moderating ITechLaw Webinar
Stubbs Alderton & Markiles Partner Heather Antoine will be featured as the moderator for the International Technology Law Association cybersecurity panel “After the Hack: A...
SA&M Client Alert: Nevada’s New Internet Privacy Law, Senate Bill 220 (“SB 220”)
Nevada recently voted to amend its existing privacy law, Nevada Revised Statutes: Chapter 603A (“NRS 603A”). This comes on the heels of California’s landmark new...
Stubbs Alderton & Markiles, LLP Adds Leading Trademark and Brand Protection Attorney Heather Antoine to Lead Trademark Practice
LOS ANGELES, March 18, 2019 ( – Stubbs Alderton & Markiles, LLP, Southern California’s leading business law firm, has announced that nationally recognized attorney Heather Antoine...