Koley Jessen assists clients through every step of the data life cycle by providing a broad range of data privacy and security services, including compliance counseling, transactional work, incident response, and data privacy and security litigation.
We help clients navigate and comply with data privacy and security laws, including the California Consumer Privacy Act of 2018 (“CCPA”), GDPR, CFAA, PCI/DSS, HIPAA, COPPA, CAN-SPAM, TCPA, FERPA, and state data security and privacy laws, including data breach notification laws. In addition, we assist clients in handling cross-border transfer issues and stay on top of legislative changes that affect our clients.
We partner with clients to develop robust privacy and data security policies, perform employee security trainings to ensure the greatest protection of information, and analyze clients’ existing cybersecurity structure to identify potential gaps in protection. We connect clients with third-party service providers to provide support in building a strong data privacy and security infrastructure.
In addition to providing data privacy and security advice in connection with potential transactions, we provide due diligence support during M&A transactions to evaluate a potential target’s data security and privacy issues.
Privacy in Commercial Contracts
We draft and negotiate data processing agreements, service provider addendums, and security agreements, and counsel clients on the impact of privacy provisions in commercial agreements, including indemnity and liability clauses.
We advise clients facing potential data breaches or other security incidents by providing quick incident response and data breach counseling. We help navigate the legal and reputational implications of a data breach and provide a response roadmap to prevent future security incidents.
Data Privacy and Security Litigation
We assist clients in identifying and evaluating potential claims or violations of privacy obligations and navigating contract disputes related to data privacy and security.
- Updated and revised security policies for national university
- Assisted manufacturing client in remediating and responding to potential data breach
- Assisted government contractor in navigating federal requirements surrounding “CUI” (controlled unclassified information)
- Counseled multinational corporation on international data transfers post-“Schrems II” European Union Court of Justice July 2020 decision
News & Publications
- Nebraska CPA, May/June 2023
- Potential Update to Federal Communications Commission Data Breach Rule Would Expand Notification Requirements03.24.2023
- As States Attempt to Toughen Biometric Data Restrictions, Companies that Collect and Store Biometric Data Face Risk03.15.2023
- Protecting Against Data Breach Liability: How Service Providers Can Manage the Inherent Risk of Cyber IncidentsThe Nebraska Lawyer, September/October 2022
- OneTrust DataGuidance, 09.01.2020
- Top European Union Court Invalidates EU-U.S. Privacy Shield Framework for Cross-Border Data Transfers07.16.2020
- The Nebraska Lawyer, May/June 2020
- NSBA 2022 Business Law Seminar, 12.02.2022
- KJ University, 09.20.2022
- Women in eDiscovery, 02.23.2021
- PRSA Nebraska, 08.11.2020
- Nebraska State Bar Association, 07.24.2020
- Iowa State Bar Association, 11.30.2018