Octillo attorneys provide on-site and around-the-clock counsel to clients on data protection and information security practices required under state or federal law. The firm advises on critical data breach response and notification requirements, helps manage and minimize security risks, reviews insurance policies for coverage, responds to regulatory inquiries, coordinates response teams, and defends against enforcement efforts and lawsuits. In today’s evolving world, Octillo provides the practical and technology-oriented counsel clients need most.
Octillo attorneys include Certified Information Privacy Professionals/United States (CIPP/US) and Certified Information Privacy Professionals/Europe (CIPP/E) by the International Association of Privacy Professionals (IAPP). With many CIPP/US and CIPP/E attorneys on our team, our commitment to being industry leaders in cyber security, privacy and data breach law is apparent.
IT Policies & Practices
In the age of data proliferation, sound technology policies and practices are the foundation to smart business growth. Octillo attorneys advise companies on end-user policies, including Information Technology and Cybersecurity Policies, Privacy Policies, Terms of Service/Use, ADA Website Accessibility Statements, Bring Your Own Device (BYOD), Data Protection Programs, Incident Response Plans, Disaster Recovery Plans, along with Record Retention and Deletion Policies, data sharing, transfer and disclosure policies, and workforce data security matters.
As CIPP/E attorneys, coupled with our experience, we provide counsel on GDPR programs, polices and data processing agreements (DPAs).
Data Breach Response, Mitigation & Notification
Octillo attorneys have extensive experience responding to headline-making national and international data breaches, cyber incidents, inadvertent disclosures, and data theft. Octillo works with clients to manage response and mitigate risk, conduct forensic analyses and notify required stakeholders. We have worked with numerous law enforcement agencies and regulators around the globe.
In times of crisis, effective incident response is crucial. Octillo attorneys have extensive experience responding to headline-making national and international data breaches, cyber incidents, inadvertent disclosures, and data theft. Octillo works with clients to manage response and mitigate risk, conduct forensic analyses and notify required stakeholders.
If a company is experiencing or has had a data security incident, Octillo is available by calling its 24/7/365 hotline at 1-844-502-9363 to be connected with a lawyer.
Privacy Law & GDPR Compliance
Octillo has multiple attorneys designated as Certified Information Privacy Professional, United States (CIPP/US) and Certified Information Privacy Professional, Europe (CIPP/E) by the International Association of Privacy Professionals (IAPP), to provide up-to-date and practical compliance counsel to clients in connection with a range of state, federal and international regulatory regimes including but not limited to:
· General Data Protection Regulation (GDPR).
· HIPAA, HITECH regulations and state laws relating to protected health information.
· New York State Department of Financial Services Cybersecurity Regulation (23 NYCRR 500).
· Gramm-Leach Bliley Act (GLBA) and related state laws.
· Children’s Online Privacy Protection Act (COPPA).
· Family Educational Rights and Privacy Act (FERPA).
· Payment Card Industry Data Security Standard (PCI-DSS).
· California Consumer Protection Act (CCPA) and other emerging state privacy laws.
· Americans with Disabilities Act (ADA).
· CAN-SPAM, and other telemarketing rules.
· Fair Credit Reporting Act (FCRA) and Fair and Accurate Credit Transactions Act (FACTA).
· State consumer protection laws and those relating to minors.
· Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada Anti-Spam Legislation (CASL).
We also advise clients on enforcement actions by regulatory and law enforcement agencies including the European Supervisory Authorities, the Federal Trade Commission (FTC), state attorney’s generals and other regulatory bodies.
Our collective team members have decades of experience interfacing with regulators at the federal and state levels in areas ranging from audits to PHI data loss. We help oversee internal audits of client operations to help clients meet patient privacy compliance with the HIPAA Privacy and Security Rules as well as New York’s Public Health Law and Civil Rights Law. Our services include drafting client contracts with business associates and vendors to assist with third-party compliance, assisting with oversight required within those relationships, and evaluating risk mitigation strategies. We have significant experience with all compliance issues for privacy and IT security in the health care provider and insurance areas.
Technology Supported Initiatives
Octillo leverages Jim Gerland and other technical resources and a global network of strong relationships in the infoTech space to provide legal advice that contemplates all technical aspects of work.
Octillo is guided by the firm’s CISO. The firm’s CISO has served as the CISO at multiple Fortune 1000 companies, including a major, public internet retailer, over a security career that has spanned multiple decades and successful exits. He is also actively involved in many industry associations and has served on multiple national advisory and executive boards as well as co-founded internet security technologies to help continue the advancement of end-user and organizational safety.