Cybersecurity and Privacy
McAfee & Taft provides comprehensive cybersecurity and privacy legal and business consulting services to clients of all sizes, both private and public, across a broad range of industries. With data and technology driving business and society in unprecedented ways, the firm’s Cybersecurity and Privacy Group relies on a diverse team of attorneys practicing in a broad range of disciplines that regularly encounter issues in this niche but growing area of law. This is made possible by having the most certified group of privacy attorneys in the state, including those with masters degrees in cybersecurity and numerous certifications from the International Association of Privacy Professionals (IAPP). Leveraging our industry-specific expertise and specialized certifications and training, as well as years of experience encountering clients’ cybersecurity and privacy law issues, McAfee & Taft is able to offer customized and fixed-fee solutions to meet the business needs of every client.
Comprehensive Legal and Business Services
Our representation has included assistance with the Health Insurance Portability and Accountability Act (HIPAA) for clients in the healthcare industry, providing legal expertise for financial institutions pertaining to the Gramm-Leach-Bliley Act (GLBA) and the Fair Credit Reporting Act (FCRA), guidance for clients’ compliance efforts with the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), and consultation of clients through complex cyber and ransomware attacks. Our comprehensive legal and business representation includes the following services:
- Cybersecurity and privacy strategy
- Data governance, protection, and strategy
- Cyber risk, compliance, and transactions
- Crisis management, incident response and investigations
- Cybersecurity and privacy litigation
Cybersecurity and Privacy Strategy
In recent years, cybersecurity and privacy strategy has grown more complex due to technological advancements and an ever-changing business and legal landscape. Today, in addition to assisting with legal issues specific to certain business sectors, the firm assists clients with the following strategy-related legal services:
- Assessments of cybersecurity and privacy plans and policies
- Implementation of practices and procedures for comprehensive and customized cybersecurity and privacy solutions that address business needs
- Cybersecurity and privacy tabletop exercises with customized action plans and reports
Our team also advises clients when purchasing cyber liability and risk insurance coverage. Today, many cyber liability policies are not tailored toward cybersecurity issues, or explicitly exclude them. Leveraging our expertise and professional relationships, our attorneys can help clients understand their own coverage and to identify potential gaps in their risk management strategy.
Data Governance, Protection & Strategy
As technology becomes more complex in how data may be collected and analyzed, so too has the legal framework governing that collection, protection and use. McAfee & Taft attorneys have reviewed internal and external policies across numerous business sectors concerning data and cybersecurity issues, including the impact of the General Data Protection Regulation (GDPR) on global data collection issues. Our data and cybersecurity representation has been for Fortune 100 companies as well as start-ups concerning the constantly changing universe of rights, responsibilities, and risks that accompany data collection, governance and protection in the modern world.
Cyber Risk, Compliance & Transactions
With no current federal law that generally concerns all data use and collection, compliance and risk management require an in-depth knowledge of the patchwork of federal, state, and potentially foreign laws that may apply to your business. McAfee & Taft assists clients in identifying and assessing its legal risk and strategic needs in collecting, using, storing, and securing information of its customers and employees that covers many aspects of our clients’ businesses, including:
- Industry-based and regulation-specific assessments, including CCPA and CPRA, GDPR, GLBA, HIPAA, National Institute of Standards and Technology (NIST) Cybersecurity and Privacy Frameworks, and state data breach and privacy laws.
- Implementation of public-facing policies that inform employees and customers of your data practices in a manner that addresses applicable legal requirements.
- Training of employees on cyber hygiene principles, including for phishing and business email compromise awareness.
In addition to assisting with day-to-day operations, McAfee & Taft assists clients with privacy and cybersecurity issues related to business transactions. Our services have included due diligence for privacy, data security and information rights, and negotiating representations, warranties, and risk allocation concerning the same in business transactions, including merger and acquisition transactions.
Crisis Management, Incident Response & Investigations
Our attorneys also work closely with clients in security incident and data breach matters, ensuring swift, effective and confidential response plans. We have assisted numerous clients with incidents and breaches affecting employees and consumers throughout the United States. We assist in all aspects of incident response, from the initial assessment, to working with forensic companies to ascertain the cause of the breach in a manner to maintain privilege, to providing notification to those affected by a data breach. These services include:
- Assessment and drafting of incident response and crisis communication plans
- Consultation on contingency plans for management of any possible data breach, including manners to mitigate business risk in the event of an incident
- Execution of incident response tabletops and strategy playbooks
Cybersecurity and Privacy Litigation
In the unfortunate event of a data breach and subsequent legal action, our experienced litigation team can help you navigate the legal and practical hurdles of cybersecurity forensics, insurance coverage, and litigation. In this ever-evolving industry with a growing regulatory landscape, litigation threats and challenges expand on a daily basis. Working collaboratively with other members of the firm’s extensive and diverse group, McAfee & Taft’s experienced team of litigators represent, counsel and advocate for clients to resolve a broad range of business and operational disputes and threats in cybersecurity and privacy, including regulatory compliance matters, insurer and government audits, civil and criminal investigations, and commercial contract disputes.











Articles
Oklahoma Legislature files privacy law focused on data protection and national security concerns
CybersecurityLINC Alert | September 13, 2021As Oklahoma data privacy legislation hits roadblock, bill’s original co-authors continue to seek hearing
McAfee & Taft Data Privacy and Cybersecurity Alert | April 2, 2021Oklahoma Legislature looks to pass numerous new consumer privacy laws
McAfee & Taft Data Privacy and Cybersecurity Alert | March 8, 2021Oklahoma the latest state to consider consumer data privacy legislation
McAfee & Taft Data Privacy and Cybersecurity Alert | January 22, 2021Will even stricter California privacy law spark push for national consumer privacy reform?
McAfee & Taft tIPsheet Alert | December 15, 2020National Cybersecurity Awareness Month: 3 tips to jump-start your cybersecurity preparedness
McAfee & Taft tIPsheet | October 1, 2020Despite pandemic, CCPA enforcement deadline looms while businesses still wait for final regs
McAfee & Taft LINC | March 26, 2020New year to ring in nation’s most comprehensive privacy law
McAfee & Taft tIPsheet | November 13, 2019Privacy Gone Public: How growing push for privacy laws may affect U.S. businesses
McAfee & Taft tIPsheet | June 6, 2019Would you like some milk with your cookies? 5 months post-GDPR
McAfee & Taft tIPsheet | November 5, 2018Biometric privacy laws pose new challenges, risks for employers
McAfee & Taft EmployerLINC | May 14, 2018Legal risks on the rise for businesses that auto‑dial, text
McAfee & Taft tIPsheet | November 1, 2013Canada’s Anti-Spam Legislation to impact electronic marketing and communications
McAfee & Taft tIPsheet | November 1, 2012At The Podium
Cybersecurity Threats
The Privacy Playbook: An Overview of the Legal & Regulatory Landscape
Healthcare and Cyber Attacks: Protecting PHI and Mitigating Risks
The Cybersecurity and Privacy Playbook: A strategic guide for business
The Cybersecurity and Privacy Playbook: A strategic guide for business
Cyber Hygiene: An Apple (or PC) Defended a Day Keeps the Hacker Away
First-Skill, Reskill, Upskill
A Playbook for Cyber Resilience: Basics & Best Practices
Decrypting Diversity: The Secret Key to Cybersecurity
Providence, RI | February 2021Cyber Resiliency Planning: The Basics & Best Practices for Business
Cybersecurity Playbook: Fundamentals & Strategies for Business
The Cyber Range – A Guide
#CyberDiversity – New Decade, New Rules
Data Insecurity
Data Insecurity
A Practical Overview of Privacy and Security for In-House Counsel
Online Privacy
Westward Bound? How the CCPA Will Affect You
Data Privacy and IT in this Technological World: A guide to ensuring compliance
The Intersection of Cybersecurity & the Fourth Estate
Sleepless in Cyberspace: Navigating the Threat Landscape
Activating Your Cyber Insurance
Cyber Security for Law Firms and Those Who Retain Them
Cyber Security for Law Firms and Those Who Retain Them
Fundamentals of Cybersecurity Law & Policy
Washington, DC | September 2017Security vs. Security – A Conversation with Facebook
The Cybersecurity Information Sharing Act: An Overview and Update
An ‘Apple’ a Day Keeps the Hacker … or the Government … Away?
A Deep Dive on Cyber & Incident Response Plans
The Rule of Law – Security vs. Liberty
Homeland and National Security – The Evolution of Domestic Extremism
Practical Considerations in Advising and Representing Clients in Anti-Terrorism & Homeland Security
Industry Group Leaders
In The News
Todd G. Lamb joins McAfee & Taft
October 12, 2021National cybersecurity professional Joshua Snavely joins McAfee & Taft
September 16, 2021Media
