Home > Practices & Industries > Cybersecurity and Privacy
Modern dark data center, all objects in the scene are 3D
Practice Group

Cybersecurity and Privacy

The attorneys in the Cybersecurity and Privacy Practice Group at Ogletree Deakins understand that data now accumulates quickly and transmits easily. As the law adapts to technical advancements, we effectively advise our clients as they work to comply with new developments and best practices for protecting the privacy of the data that their businesses collect and retain. Our multidisciplinary teams, global offices, and affiliates regularly counsel businesses around the world with respect to:

  • Complying with U.S. and multinational privacy and data security requirements
  • Developing, implementing, maintaining, and staffing effective privacy and data security programs
  • Assessing risks and identifying gaps in clients’ compliance, prevention, detection, and response programs in a privileged manner
  • Conducting data security and privacy investigations
  • Designing and providing privacy and data protection training programs
  • Developing and implementing effective strategic plans for minimizing the risks of collecting and transmitting protected personal information
  • Responding to claims of unauthorized access to protected information
  • Litigating claims involving alleged violations of data security and privacy laws
  • Representing clients facing data security breaches
  • Ensuring HIPAA compliance and managing electronic medical records
  • Contracting with third-party service providers and developing multi-jurisdictional privacy protections, as required in cross-border business dealings
  • Addressing privacy concerns related to employee benefit plans

United States

Multifaceted and rapidly evolving, data privacy and data protection laws present many challenges for employers in the United States. Whether our clients are healthcare companies or educators, or in the retail, technology, manufacturing, travel, transportation, or media industries, we are adept at helping them navigate their obligations under this emerging area of state and federal law.


For clients with employees or operations outside the United States, strict data privacy requirements can present a minefield of hidden dangers and potential liability. Our Data Privacy attorneys have considerable experience helping employers manage the intricacies and hazards of data privacy laws worldwide, including throughout the European Union and North America, as well as in numerous jurisdictions in Asia and South America. Representative projects include:

  • Reviewing and revising human resources policies to comply with multi-jurisdictional privacy requirements
  • Advising clients on data privacy requirements during cross-border mergers, acquisitions, and divestitures
  • Working with third-party software and technology companies to ensure that technical solutions to client data privacy requirements comply with the laws of relevant jurisdictions
  • Advising on the balance between disclosure requirements and privacy obligations


Ogletree Deakins attorneys who have many years’ experience addressing privacy and data security issues serve as resources to firm colleagues and clients alike when challenges arise. The Data Privacy team provides strategic direction as well as knowledgeable oversight. We provide counsel in all phases from prevention, detection, response, remediation and, when necessary, in litigation.


Ogletree Deakins is a leader in offering value-based billing for clients. We work closely with our clients to develop fee arrangements that are tailored to their needs, and we are happy to discuss alternative fee agreements that may interest you.

Cybersecurity and Privacy Practice Group Leaders

Attorneys for this Practice Group

Andre Appel Profile Image

Andre Appel

Partner / Certified Specialist for Employment Law, Berlin
+49 30862 030133

Related Insights

Let us know how we can help you navigate your particular workplace legal issues.