Privacy and Information Security Law


Business and organizations recognize the value of customer and other key personal information, but at the same time need to comply with a myriad of state and federal laws that govern the treatment of this sensitive information.  Morningstar Law Group provides assistance in a variety of information privacy and security law matters.  Our services include:

  • Assisting in drafting and negotiating contracts that deal with the security and handling of personal information
  • Advising on HIPAA and related healthcare privacy matters, including compliance with HITECH and the Omnibus Rule for business associates
  • In collaboration with a network of foreign attorneys, assisting with compliance with EU Data Protection Directive and other international privacy laws, including EU safe harbor matters and other strategies for managing data transfer from the EU to the United States
  • Assisting clients in their compliance with other data privacy and security statutes and regulations
  • Preparing privacy policies and information security policies that reflect applicable legal requirements and reasonable business practices
  • Preparing, reviewing and negotiating information security agreements
  • Counseling on policies and practices relating to employee privacy and information security
  • Assisting clients in responding to data breaches, including complying with applicable data breach disclosure requirements and preparing appropriate communications related to data breaches.