About Us

In the age of data proliferation, sound technology policies and practices are the foundation to smart business growth. Octillo attorneys advise companies on end-user policies, including Information Technology and Cybersecurity Policies, Privacy Policies, Terms of Service/Use, ADA Website Accessibility Statements, Bring Your Own Device (BYOD), Data Protection Programs, Incident Response Plans, Disaster Recovery Plans, along with Record Retention and Deletion Policies, data sharing, transfer and disclosure policies, and workforce data security matters.

As CIPP/US and CIPP/E attorneys, coupled with our extensive experience, we provide counsel on the California Consumer Privacy Act (CCPA), Illinois Biometric Privacy Act (BIPA), NY’s SHIELD Act, and the European Union’s General Data Protection Regulation (GDPR).

We also advise clients on enforcement actions by regulatory and law enforcement agencies including the European Supervisory Authorities, the Federal Trade Commission (FTC), state attorney’s generals and other regulatory bodies.

Octillo understands the challenges posed by managing risk across multiple, separately hosted information systems and networks, because our services are purposefully aligned to help clients manage these types of risk. What’s more, we understand that the risk must be assessed and mitigated at multiple stages, whether by carefully selecting a third party vendor, performing an annual risk assessment, or responding to a cybersecurity event.

Our deep understanding of technological infrastructures allows us to work with IT departments and business executives to help put our clients in a legally defensible position and minimize risk. We help clients achieve cybersecurity goals by leveraging IT-specific counsel that takes a range of state and federal regulatory regimes into consideration.

Our incident response team shares extensive experience in incident response, meaning our attorneys have worked on incidents of varying natures and scope that allow us to coordinate responses efficiently and effectively. We have guided executive teams through incidents in all industries, including finance, healthcare, and manufacturing, taking time to help clients understand the regulatory framework that may specifically impact their business. Because of our focus on incident response, our attorneys are tied to a wide network of specialists, meaning we not only remain in constant information-sharing on threat updates, but also understand how to assemble the right team to respond to the details of a specific incident.

In fact, as a firm that provides specialty IT services, our incident response experience is augmented by Octillo professionals who are former technologists, tech company owners, former Chief Information Security Officer (CISO), Certified AWS Practitioner, public company executive, and federal regulator.

Octillo’s Privacy Litigation Practice Group represents clients in data breach actions, technology vendor disputes, and the defense of consumer class actions and related regulatory investigations in state and federal courts throughout the United States.