Privacy & Data Security

Complying with privacy and data security has become extremely difficult and it’s not going to get easier.  The rate at which businesses collect and store digital information is increasing rapidly.  Privacy and data security laws are complex and often vary from state to state and from country to country, and different laws may apply at the same time.

There are a number of federal privacy laws, which include: The Federal Trade Commission Act, The Health Information Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the Children’s Online Privacy Protection Act (COPPA).  In addition, at least 30 states have laws regulating the use and security of personal information, such as the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA), and many are inconsistent with each other.  U.S. businesses must also be cognizant of international laws, such as the European Union’s General Data Protection Regulation (GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and the multi-country Organization for Economic Cooperation and Development (OECD) guidelines.  Businesses collecting personal information need to know how all of these laws apply to their data collection practices.

SA&M guides clients through these complex and ever-changing laws.  We help businesses minimize risks that can lead to a loss of valuable data and to comply with the growing body of privacy and data security laws and regulations in the United States and abroad.  We evaluate our clients’ data collection, protection, use, and sharing practices to assess liability risks and we provide solutions to minimize these risks.  Our attornies counsel clients concerning online advertising campaigns, contests, sweepstakes, marketing programs, location-based services, and privacy by design practices for developing new products and services.  We develop tailored privacy and data security policies to bring clients into compliance with legal and regulatory requirements and industry best practices.

Our services include:

  • Advice for complying with state and federal privacy laws
  • Audits and data mapping
  • Advice concerning identification and treatment of sensitive information
  • Customized website documents and app agreements, including Terms of Use, Privacy Policies, Cookies Policies, and End User License Agreements
  • Development of an Incident Response Plan (IPR) with specific response protocols in the event of a data breach
  • Data retention and data deletion policies and procedures
  • Development and implementation of employee training data security
  • Development and implementation of processes and procedures for reporting privacy incidents and complaints
  • Assistance with data breach response, from working with law enforcement and third-parties to breach notification

Practice Area Group Co-Chair

Privacy & Data Security
News & Announcements

Heather Antoine and Jeremy Beutler’s “Small Updates from the California Attorney General Create Major CCPA Impacts” Published by The National Law Review
Heather Antoine and Jeremy Beutler’s article “Small Updates from the California Attorney General Create Major CCPA Impacts” was published by the National Law Review. The timely piece discusses recent actions taken...
SA&M Invites You to A Primer on Prevention and Response to Data Breaches
“A Primer on Prevention and Response to Data Breaches” During this event, we will discuss what happens before, during, and after a data breach. Register...
SA&M Partners Heather Antoine and Michael A. Sherman Nominated for LABJ's 2020 Leaders in Law Awards
Stubbs Alderton & Markiles, LLP is proud to announce that two of its Partners, Heather Antoine and Michael A. Sherman, have been nominated for the...
SA&M Practice Spotlight - Privacy & Data Security Practice
Each month, we will feature a Stubbs Alderton & Markiles, LLP practice area to aid our readers in getting to know our firm, and providing...
Heather Antoine and Mallory Petroli Published In Daily Journal “The Rise and Fall of the EU-US Privacy Shield
Stubbs Alderton & Markiles attorneys Heather Antoine and Mallory Petroli were featured in the Daily Journal for their article “The Rise and Fall of the EU-US...
SA&M Attorneys Published In Daily Journal
Stubbs Alderton & Markiles attorneys Mallory Petroli and Heather Antoine were featured in the Daily Journal for their article “CCPA Enforcement and Final Regulations.” Since the...
Eight Stubbs Alderton & Markiles’ Attorneys Listed As 2020 Southern California Super Lawyers
Stubbs Alderton & Markiles, LLP is pleased to announce that eight lawyers have been named to the 2020 Southern California Super Lawyers. Super Lawyers is a rating service of...
The Executive Order on Preventing Online Censorship and What it Means for Your Online Business
On May 28, 2020, President Donald Trump signed the Executive Order on Preventing Online Censorship (referred to in this article as the “Executive Order”).  The...
SA&M Partner Heather Antoine Moderating ITechLaw Webinar
Stubbs Alderton & Markiles Partner Heather Antoine will be featured as the moderator for the International Technology Law Association cybersecurity panel “After the Hack: A...
SA&M Client Alert: Nevada’s New Internet Privacy Law, Senate Bill 220 (“SB 220”)
Nevada recently voted to amend its existing privacy law, Nevada Revised Statutes: Chapter 603A (“NRS 603A”). This comes on the heels of California’s landmark new...
Stubbs Alderton & Markiles, LLP Adds Leading Trademark and Brand Protection Attorney Heather Antoine to Lead Trademark Practice
LOS ANGELES, March 18, 2019 ( – Stubbs Alderton & Markiles, LLP, Southern California’s leading business law firm, has announced that nationally recognized attorney Heather Antoine...