Privacy and Identity Theft
Requirements regarding privacy and information security now apply to almost all businesses. As a consequence, we have advised banks, savings associations, credit unions, credit card issuers, asset based lenders, national retailers, hospitals, medical clinics, and insurance companies, among others, regarding privacy issues. We regularly deal with issues arising under the Health Insurance Portability and Accountability Act and the Gramm-Leach-Bliley Act and the regulations issued by the various agencies responsible for their enforcement (specifically, the Privacy Rules, the Safeguard Rules, the Red-Flag Guidelines and data breach response rules). We have assisted in establishing policies and procedures for information security, and drafting privacy notices.
We have assisted regulated entities in dealing with unauthorized disclosures of protected information and defending against agency enforcement actions based on breach of these regulations. See Financial Institutions Litigation.