Cybersecurity / Data Protection / Privacy
BMD’s Cybersecurity Preparedness Advisory Services includes comprehensive guidance related to cyber security, data protection and privacy. BMD provides clients with counseling on federal, state and local laws governing cyber security compliance and employee training. With respect to compliance, the Cybersecurity team is prepared to provide general compliance guidance with answers to questions regarding Cybersecurity Assessments, Security Plan Development, Asset Management and Incident Response. Our lawyers are experienced with state, federal and international regulations involving GDPR, Biometric Information Privacy Act (BIPA) and the California Consumer Privacy Act (CCPA).
The BMD team believes that business preparedness is crucial when it comes to mitigating cybersecurity risk. Our suite of services includes tracking, specifically training and enterprise preparedness, policy management and asset management, and we serve as members of the Northeast Ohio Cyber Advisory Council.
CYBERSECURITY PREPAREDNESS ADVISORY SERVICES INCLUDED WITH GATEWAY PRODUCT:
- Comprehensive advisory services related to cyber security, data protection and privacy
- Access to attorney drafted documents and forms
- Suite of Policies and Procedures
- Counseling on federal, state and local laws governing cyber security compliance and employee training
- Email + Telephone Contact
- General compliance questions related to:
- Cybersecurity Assessments
- Security Plan Development
- Asset Management
- Incident Response
- State, Federal, International Regulations
- GDPR / Biometric Information Privacy Act (BIPA) / California Consumer Privacy Act (CCPA)
- Tracking
- Training and Enterprise Preparedness
- Policy Management
- Asset Management
RETAINED COUNSEL - FLAT FEE REPRESENTATIVE SERVICES:
- General Cybersecurity Consulting & Strategy
- Specific Enterprise Needs
- Identify Data Assets
- Risk Analysis
- Guidance Related to Employee Training Programs and Onboarding
- Guidance Related to Vulnerability Assessments
- Guidance Related to Penetration Testing
- Guidance Related to Tabletop Exercises
- Security Incident Simulation
- C-Level Reporting and Meeting Management
- Regulatory Compliance Strategy & Consulting
- Healthcare (HIPAA)
- Financial (FINRA; GLBA)
- Education (FERPA)
- Consumer, (GDPR; CCPA)
RETAINED COUNSEL - HOURLY REPRESENTATIVE SERVICES - TRANSACTIONAL:
- Insurance
- Underwriting
- Documentation (Policies / Audits / Incident Response / Business Continuity)
- Coverage Scope and Limits
- Coverage Options (Named Counsel / Named Vendor / Etc.)
- Additional Insured Language
- Contracting
- Commercial Contracting
- Government Contracting
- FAR / DFARS
- Risk Management
- Defense and Indemnification
- Additional Insured
- Cyber Insurance Coverage
- Contract Negotiations
- Mergers and Acquisitions
- Deal Structure (data as an asset)
- Due Diligence
- Data Integration
RETAINED COUNSEL - HOURLY REPRESENTATIVE SERVICES - LITIGATION:
- Cybersecurity Incident Response
- Incident Coach Services
- Response and Rehabilitation Services
- Breach Claim Enforcement
REPRESENTATIVE EXPERIENCE:
- Ohio Financial Services Firm
- Advised financial services firm regarding NY Department of Financial Services (NYDFS) compliance issues
- Coordinated Risk Assessment
- Drafted updated, compliant Cybersecurity Policy
- Draft and maintain Cybersecurity Policies for a variety of industries including healthcare, manufacturing, managed IT services and financial services companies.
- Pennsylvania Medical Laboratory
- Ransomware (REvil Russian Group)
- Specially paneled by national insurer
- Commonwealth of Pennsylvania Department of Health contracting considerations
- Ransomware and HIPAA Risk Assessment
- Coordination with Office of Foreign Asset Control (OFAC)
- New Jersey Medical Laboratory
- Breach involving >1,500 patients
- Partnered with national public relations Firm managing NY Times media notification
- Partnered with notification management vendor to manage >1,500 patient notification in 6 states
- Pennsylvania Hospital
- Ransomware Attack
- Specially paneled by national insurance carrier
- Partnered with national forensics firm for investigation and response