In today’s digital world, data is an increasingly valuable and increasingly risky business asset. It is more than just numbers and letters- it’s personal information. The collection, retention, use and protection of personally identifiable or confidential information is a rapidly changing area of the law. As businesses struggle to keep up with critical, fast-changing data protection laws and regulations, APM’s Data Privacy and Security team is uniquely positioned to help guide clients.
Our team helps navigate the complex field of compliance by providing highly sophisticated data management, data security and privacy law advice. Clients benefit from our deep understanding of relevant domestic and international privacy and data security laws and regulations, including those addressing Israeli regulations, EU General Data Protection Regulations (GDPR), US regulations (CCPA, CCPRA, HIPAA), Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and Brazilian General Data Protection Act (LGPD).
The teams integrated understanding of both law and technology enables us to provide the following specific privacy and data protection services for our clients:
- Privacy policies and privacy audits
- Data mapping and data selling structures
- Privacy Compliance programs and policies
- Data protection Impact Assessment (DPIA) and RoPa (Records of Processing under the GDPR and Data mapping under the Israeli law)
- Database registration and full compliance with local privacy and data security laws
- Data security breach notification and response plans (including Business Continuance Plans and Disaster Recovery Policies, see APM Cyber Shield for more information)
- Data subject access request and implementation of global sufficient data request policies
- Data protection issues related to corporate and M&A transactions
- Employee privacy (including privacy notices, as well as CCTV policies, email and mobile monitoring policies, access of employee data, etc.)
- Supplier’s agreements and DPA’s
- Online and mobile tracking and consumer protection regulation
- Global data transfer management (transfer agreements, BCRs, etc.)
- DPO as a Services
- Medical related data privacy and security process, including HIPAA, GDPR and other regulations, including drafting of ICPs, agreements, CTAs, DPAs and other needed privacy documentation in the field of life science
- Due diligence and data licensing review
Our Experience spans the full range of industry sectors including technology driven and software organizations, online media and AdTech companies, Meditech, Real Estate companies and eCommerce, hotels, mobile and media companies, etc. We work with unicorns to start ups as well as mature well established global companies, from small to big. Our programs and guidance is easily adapted to the company’s needs, based on the size, stage and needs.