Data Privacy and Data Security: Key Considerations and Compliance Issues

Speaking Engagement
April 24, 2019

For access to the video, please email

During the first installment of the General Counsel "Focus on the Essentials" program, Philip R. Stein, Litigation Practice Group Leader, and Adrian K. Felix, Litigation Attorney, shared some key considerations and compliance issues surrounding data privacy and data security.

Data privacy and data security are somewhat different concepts: data privacy is about what you do with the data you lawfully have and data security is about protecting that information.
Both topics are increasingly causing concern for in-house counsel, as there is a heightened awareness of the many ways in which data privacy and data security issues can cause liability. Beyond preventing big "hacks", or other data breaches, companies must ensure safe practices from authorized users to minimize risk.

"There's nothing inherently wrong with having access to personal data," explained Phil. "Improperly collecting that data, using or selling that data in unauthorized ways, without proper consent, is what we want to be mindful of as it can lead to substantial costs in regulatory actions or in private-party litigation."

Multiple federal and state consumer laws govern the security of customer data and attorneys' professional responsibility obligation is to preserve the confidentiality of information, including that of former clients.

The General Data Protection Regulation (GDPR), for example, became effective on May 2018 intended to strengthen and standardize consumer data protection and privacy laws for EU/EEA residents by, in part, giving residents control over their data through the requirement that businesses be more transparent in how they collect, retain, and use such data and obtain he informed consent of residents.

"These terms apply to all businesses, organizations and entities that provide goods or services to EU/EEA residents," Adrian said. "Regardless if the business is located solely in the US, the GDPR will apply if the business has European consumers."

It is crucial for GCs to treat data privacy as they do other corporate compliance issues, keeping up to date with regulatory guidance and seeking advice of IT specialists, data retention experts, and counsel.

To learn more about this and other related topics, stay tuned as our General Counsel "Focus on the Essentials" program continues.

About the GC Series

The General Counsel "Focus On The Essentials" program is a series of 50 minute CLE programs that focus on the essentials of various subjects general counsel should know something about but simply have not had the opportunity to become more knowledgeable about such as data privacy, antitrust opt-out litigation, environmental law, international tax concerns, and protecting intellectual property upon executive departures.

Philip R. Stein
Practice Group Leader, Litigation
Adrian K. Felix
Speaking Engagement November 29, 2022
Karyl Argamasilla moderates the panel -Women in the Military- as a part of Women United's Let's Do Lunch event, in which a panel of experts discuss women in the military, where they stand today, the adversities they face and how they have maneuvered and succeeded throughout their military careers.
Speaking Engagement November 17, 2022
Joshua A. Kaplan and David S. Resnick lead a discussion regarding deal considerations and fundamental issues found in every real estate joint venture.
Blog November 16, 2022
Until recently, Florida law did not require condominiums to conduct reserve studies, and it allowed unit owners to waive or reduce budgeted reserve contributions through a membership vote. Recent changes to the Florida Condominium Act, however, have reversed course on these issues in light of buildi...