Companies today are under constant threat of attack—by cybercriminals, nation states, even their own employees. Lost, stolen, or inadvertently disclosed records containing personal information, valuable trade secrets, and intellectual property can trigger a web of state and federal laws and regulations.


Ballard Spahr’s privacy and data security attorneys work closely with our clients, leveraging industry vendors when needed, to effectively map data, identify potential vulnerabilities, and draft protective compliance policies and procedures. When required, we stand ready to address network intrusions and respond to data breaches.

Network Intrusions and Data Breaches

In the event of a network intrusion or breach, we can quickly and effectively launch a comprehensive response under the protection of attorney-client privilege. We work with our clients’ internal teams to address and assess the issue and—if necessary—to notify and respond to state, federal, and international regulators.

While not every incident requires notification or disclosure, each requires attention, a response tailored to the unique nature of the breach, and an evaluation of how processes can be improved to minimize future risk. 

Privacy Litigation and Investigations

If an action is filed, our team brings a wealth of experience to our clients’ aid. Our lawyers assist with pre-litigation planning, E-Discovery, intellectual property matters, contract analysis, insurance coverage issues, and white collar crime allegations, as well as governmental and internal investigations.

Often, regulatory investigations lead to or accompany private-party class action litigation involving privacy policy statements, consumer protection laws prohibiting deceptive or unfair practices, and the collection and disclosure of user information.

We have handled federal criminal investigations into computer violations, cyberspying, and Internet fraud. Our attorneys are often called upon to conduct internal investigations and represent clients facing actual or threatened government enforcement. 

General Privacy Counseling

Clients rely on us to develop and update data protection and security plans that comply with the ever-changing array of laws, regulations, and industry standards—all the while maintaining attorney-client privilege. We help clients develop data security policies and programs that comply with the federal requirements under HIPAA, GLBA, TCPA, FCRA, COPPA, CAN-SPAM, FTC guidelines, and the Computer Fraud and Abuse Act, as well as state requirements and self-regulatory rules. Our comprehensive tracking of policy developments include a frequently updated database of relevant state and federal laws.

To help companies fully understand their collection, use, and sharing of personal and other sensitive data, we conduct or guide comprehensive, on-site data mapping reviews. These reviews often uncover critical vulnerabilities. When they do, our attorneys offer specific and practical recommendations to help clients quickly understand the data they handle and the myriad laws and regulations that apply to the collection, use, storage, and sharing of that data.

Vendors and other third-party business partners are a major source of information security problems. In fact, vendor and employee negligence is the single greatest cause of most data breaches. For that reason, the vendor and commercial contracting process is crucial. To mitigate risk and bring greater certainty to the process, we offer an end-to-end solution for vendor and commercial contracting. Our attorneys are not only knowledgeable in privacy and data security issues, but also highly skilled in planning, negotiating, and managing commercial relationships, and flexible in their ability to work in varying roles to best suit client needs and budgets. 

We provide a complimentary checklist for companies to determine if they are prepared to respond to emerging privacy and data security threats.

The Ballard Spahr Team

Our multidisciplinary team includes attorneys from across the firm with specific experience in litigation, consumer financial services, intellectual property, and white collar defense/internal investigations.

Many of our attorneys have worked at government agencies and have firsthand experience dealing with them. We also have a history of successfully defending clients in the courtroom should the need for litigation arise. Among the seasoned veterans in the group are members of the prestigious American College of Trial Lawyers as well as former federal and state prosecutors.