Under new domestic and international laws such as GDPR, companies must implement strict measures to protect customer, employee, and investor data and respond effectively to data breaches. Failure to do so can result in serious actions from regulators, consumers, employees, and shareholders. Companies can mitigate this risk by adopting an effective Data Protection Compliance Program. MDO Partners advises clients on establishing and enhancing such compliance programs. 

​

In today’s economy, entire industries depend on the collection and use of data to run their businesses, which have caused privacy issues to become progressively substantial and frequent. Companies can protect themselves by being proactive and aware of the latest regulations taking shape across the globe. An estimated 120 countries have data privacy and protection laws and almost 40 countries have pending bills or initiatives that protect personal data. Such laws include the California Consumer Privacy Act (CCPA), the European Union (EU) General Data Protection Regulation (GDPR), and the Brazilian General Data Protection Law (LGPD), which will go into effect August 2020.

​

With increasing compliance scrutiny by the Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC) and international regulators, including enforcement of the GDPR, it has become critical for companies to establish or enhance their Privacy and Data Protection Compliance Programs. Failure to comply with regulations such as the GDPR may subject a company to fines equal to 4% of global revenue, or potential legal action by consumers, employees, and shareholders.

​

Companies can mitigate this risk by adopting an effective Data Protection Compliance Program and implementing strict measures to protect customer, employee, and investor data and respond effectively to data breaches. Specifically, MDO Partners encourages companies to conduct cybersecurity risk assessments, adopt robust privacy policies, enhance disclosure controls and adopt cyberattack investigation procedures. Our attorneys and advisors have experience advising clients on the relevant privacy matters and cybersecurity measures that should be taken to establish and maintain an effective Privacy and Data Protection Compliance Program.

​

MDO Partners’ Privacy & Data Protection Team is prepared to advise and assist clients regarding:

​

• Developing an integrated Global Framework for Data Protection, Privacy and Compliance

• Establishing an effective Privacy and Data Protection Compliance Program

• Re‐architecting Data Flow, Vendor Privacy and Security Oversight Programs

• Privacy Audits

• Cross-Border Data Transfers

• Data Breach Response Procedures and Mitigation Strategies

• Employee Privacy Training

• Harmonization of Privacy and Data Protection Policies across Business Units

• Global Data Protection Impact Assessment (DPIA) Process

• Federal Trade Commission Act

• Telephone Consumer Protection Act (TCPA, or “Do-not-call”)

• Health Insurance Portability and Accountability Act (HIPAA)

• European Union (EU) General Data Protection Regulation (GDPR)

• California Consumer Privacy Act (CCPA)

• Fair Credit Reporting Act (FCRA)

• Fair and Accurate Credit Transactions Act (FACTA)

• Sarbanes-Oxley Act

• Electronic Communications Privacy Act (ECPA)

• Children's Online Privacy Protection Act of 1998

• State Data Breach Notification Laws

• Network Security Testing and Evaluation

• Computer Security Incident Response

• Vulnerability Analysis

• Malicious Code Analysis

• Cybersecurity Risk Assessment