Data Privacy and Security

Clients, including hospitals, educational institutions, banking and financial institutions, start-ups, technology companies, marketing and advertising firms, and retailers have relied on the counsel of Davis Brown attorneys for over 40 years for their privacy and security matters. 

Businesses in all industries and of all sizes are required to comply with numerous international, federal, and state regulations to secure personal information of their customers, clients, and employees. Davis Brown attorneys guide business leaders to understand these obligations to maintain the privacy of data as well as to build the infrastructure to secure the data.

Data Privacy

Around the globe, governmental regulations relating to the privacy of consumer data are increasing. Many have heard of the GDPR in Europe and CCPA in California, but numerous other regulations are in place in other localities, and many state legislatures are currently considering implementing regulations of their own. 

Depending on the size of a business, what information it collects, how it markets and sells, among other factors, compliance with the regulations may be necessary, even if you have never stepped foot in that jurisdiction. 

Davis Brown helps businesses determine whether they need to be compliant and draft the necessary documents and policies, including:

  • Breach response plan
  • Confidentiality agreements
  • Data storage agreements
  • Employee agreements
  • Non-disclosure agreements
  • Third-party agreements (with contractors, vendors, etc.)
  • Website privacy policies
  • Website terms of use 

Data Security

The companion to data privacy is security - the architecture of technological systems that ensure data remains in the hands of only those authorized to access it. 

The Davis Brown team works at the intersection of architecture and compliance, often acting as interpreters of the regulations with business leaders and technology teams to ensure systems are performing compliantly. With deep industry experience and familiarity with common business practices, clients can rely on their Davis Brown attorney to spot issues in security systems and plans. 

In the event a company’s information is used, hacked, exposed, or otherwise accessed without authorization, attorneys provide guidance on breach notifications, including best practices on internal and external messaging, addressing imposed penalties, and correcting systems and processes to prevent breaches in the future.

Cyber Liability Insurance

Many businesses are investing in cyber liability insurance to help minimize risk in the event of a data breach. Because the market is new and frequently changing, there are vast coverage differences. Clients consult Davis Brown to evaluate policy coverage and exclusions before purchasing, as well as in the event of a breach, when they need to know if it was a covered event.


Another growing area of concern for businesses is the accessibility of information on their websites, apps, and other digital platforms. Unlike physical requirements like ramps, elevators, and signage under the Americans with Disabilities Act, there is no comprehensive regulation in the United States detailing digital accessibility requirements. As more individuals with disabilities encounter digital information they cannot access, the number of lawsuits will continue to rise. 

Davis Brown attorneys work with businesses to identify and resolve digital accessibility issues including guidance on compliance with WCAG guidelines in the absence of ADA guidelines.