Data Privacy and Data Security: Key Considerations and Compliance Issues

Speaking Engagement
April 24, 2019

For access to the video, please email

During the first installment of the General Counsel "Focus on the Essentials" program, Philip R. Stein, Litigation Practice Group Leader, and Adrian K. Felix, Litigation Attorney, shared some key considerations and compliance issues surrounding data privacy and data security.

Data privacy and data security are somewhat different concepts: data privacy is about what you do with the data you lawfully have and data security is about protecting that information.
Both topics are increasingly causing concern for in-house counsel, as there is a heightened awareness of the many ways in which data privacy and data security issues can cause liability. Beyond preventing big "hacks", or other data breaches, companies must ensure safe practices from authorized users to minimize risk.

"There's nothing inherently wrong with having access to personal data," explained Phil. "Improperly collecting that data, using or selling that data in unauthorized ways, without proper consent, is what we want to be mindful of as it can lead to substantial costs in regulatory actions or in private-party litigation."

Multiple federal and state consumer laws govern the security of customer data and attorneys' professional responsibility obligation is to preserve the confidentiality of information, including that of former clients.

The General Data Protection Regulation (GDPR), for example, became effective on May 2018 intended to strengthen and standardize consumer data protection and privacy laws for EU/EEA residents by, in part, giving residents control over their data through the requirement that businesses be more transparent in how they collect, retain, and use such data and obtain he informed consent of residents.

"These terms apply to all businesses, organizations and entities that provide goods or services to EU/EEA residents," Adrian said. "Regardless if the business is located solely in the US, the GDPR will apply if the business has European consumers."

It is crucial for GCs to treat data privacy as they do other corporate compliance issues, keeping up to date with regulatory guidance and seeking advice of IT specialists, data retention experts, and counsel.

To learn more about this and other related topics, stay tuned as our General Counsel "Focus on the Essentials" program continues.

About the GC Series

The General Counsel "Focus On The Essentials" program is a series of 50 minute CLE programs that focus on the essentials of various subjects general counsel should know something about but simply have not had the opportunity to become more knowledgeable about such as data privacy, antitrust opt-out litigation, environmental law, international tax concerns, and protecting intellectual property upon executive departures.

Philip R. Stein
Practice Group Leader, Trial & Litigation
Adrian K. Felix
Speaking Engagement July 19, 2024
Howard E. Nelson participates on the panel Hot Topics/Emerging Issues In Waste Management at the 38th Annual Environmental Permitting Summer School. The panelists discuss the latest policy changes including new emerging elements for site closures involving Water Management Districts, the effects of ...
Speaking Engagement July 18, 2024
Thomas F. Mullin participates on the panel Keeping Your Eye On The Ball: Scoping The Appropriate Environmental Due Diligence For The Project at the 38th Annual Environmental Permitting Summer School. The panelists discuss appropriate scoping of the environmental due diligence process, taking into co...
Speaking Engagement July 17, 2024
Howard E. Nelson participates on the panel Land and Golf Course Redevelopment: Opportunities and Challenges at the 38th Annual Environmental Permitting Summer School. The panelists discuss how to navigate the substantial challenges regarding land use, availability of water (quantity and quality), an...