Data Privacy and Data Security: Key Considerations and Compliance Issues

Speaking Engagement
April 24, 2019

For access to the video, please email

During the first installment of the General Counsel "Focus on the Essentials" program, Philip R. Stein, Litigation Practice Group Leader, and Adrian K. Felix, Litigation Attorney, shared some key considerations and compliance issues surrounding data privacy and data security.

Data privacy and data security are somewhat different concepts: data privacy is about what you do with the data you lawfully have and data security is about protecting that information.
Both topics are increasingly causing concern for in-house counsel, as there is a heightened awareness of the many ways in which data privacy and data security issues can cause liability. Beyond preventing big "hacks", or other data breaches, companies must ensure safe practices from authorized users to minimize risk.

"There's nothing inherently wrong with having access to personal data," explained Phil. "Improperly collecting that data, using or selling that data in unauthorized ways, without proper consent, is what we want to be mindful of as it can lead to substantial costs in regulatory actions or in private-party litigation."

Multiple federal and state consumer laws govern the security of customer data and attorneys' professional responsibility obligation is to preserve the confidentiality of information, including that of former clients.

The General Data Protection Regulation (GDPR), for example, became effective on May 2018 intended to strengthen and standardize consumer data protection and privacy laws for EU/EEA residents by, in part, giving residents control over their data through the requirement that businesses be more transparent in how they collect, retain, and use such data and obtain he informed consent of residents.

"These terms apply to all businesses, organizations and entities that provide goods or services to EU/EEA residents," Adrian said. "Regardless if the business is located solely in the US, the GDPR will apply if the business has European consumers."

It is crucial for GCs to treat data privacy as they do other corporate compliance issues, keeping up to date with regulatory guidance and seeking advice of IT specialists, data retention experts, and counsel.

To learn more about this and other related topics, stay tuned as our General Counsel "Focus on the Essentials" program continues.

About the GC Series

The General Counsel "Focus On The Essentials" program is a series of 50 minute CLE programs that focus on the essentials of various subjects general counsel should know something about but simply have not had the opportunity to become more knowledgeable about such as data privacy, antitrust opt-out litigation, environmental law, international tax concerns, and protecting intellectual property upon executive departures.

Philip R. Stein
Practice Group Leader, Litigation
Adrian K. Felix
Speaking Engagement March 28, 2023
Sara Barli Herald leads a discussionwith accomplished women in the sports industry as they share their experiences and insights on overcoming gender-based challenges and achieving success in a traditionally male-dominated field.
Publication March 30, 2023
Earlier this week, the U.S. Supreme Court announced that it will hear the case of Acheson Hotels, LLC v. Laufer, the outcome of which will resolve the question of whether “tester” plaintiffs have standing to sue a hotel company that fails to adequately describe the accessibility of the h...
Press Release March 23, 2023
Bilzin Sumberg is proud to announce that its industry-leading real estate practice, along with Real Estate Chair Suzanne M. Amaducci and Litigation Partner Raquel M. Fernandez, have each been recognized as honorees in Daily Business Review’s 2023 Florida Legal Awards.