Privacy and Cybersecurity Solutions Group

To address their privacy and cybersecurity risks in today’s complex environment, companies need both sophisticated legal counsel and seamless delivery of services. A signature element of Paul Hastings’ Privacy and Cybersecurity practice is the PH Privacy and Cybersecurity Solutions Group, co-led by Senior Privacy Directors Jeremy Berkowitz and Brianne Powers, which is a subset of the practice comprised of members with extensive backgrounds at the most prestigious U.S. consulting firms.

Paul Hastings is one of a very few law firms to include this element within our practice, enabling us to compete not only with law firms but with major consulting firms in offering clients an integrated, comprehensive suite of services. The team has built and updated global compliance programs, advising on emerging U.S. federal and state privacy laws, GDPR and U.K. GDPR, China’s emerging cybersecurity and data privacy regime, state banking regulations that have privacy and cybersecurity requirements and others. 

Services the Solutions Group provides include:

• Regulatory, Privacy and Security Program Assessment: Providing companies with a clear understanding of where their programs are today in terms of compliance and compared to peer companies.
  • U.S. State Privacy Laws and Regulations
  • Federal Privacy Laws
  • International Privacy Laws
  • Sector/Industry-Specific Privacy Laws (health, life sciences, financial services)
• Remediation Planning and Roadmap Development: Creating and implementing a compliance plan, based on priority and risk, to address identified gaps and to strengthen programs.  
• Global Privacy and Cybersecurity Program Creation, Implementation and Enhancement: Providing on-the-ground support, including policy development, process improvement and implementation of procedures and tools to help mature privacy and cybersecurity programs, meet compliance requirements and sustain operations of the programs.
• Data and Vendor Management: Helping clients to manage their data, as well as their vendors and third parties, by utilizing tools such as custom data mapping techniques that provide companies with a view of their data flows across the enterprise.
• Cybersecurity Incident Response: Providing immediate support in the wake of cybersecurity incidents, as well as creating custom incident response plans and conducting tabletop exercises focused on real-life risk scenarios.