Data Privacy, Cybersecurity and Information Management

In today’s interconnected global economy, the handling of sensitive personal information for commercial purposes is increasingly prominent. As technological advancements continue to evolve, safeguarding personal data has become a critical priority for businesses. Our practice specializes in navigating the complex landscape of data privacy, cybersecurity, and information management, addressing the pressing need for robust protection of sensitive information in an era of constant innovation.

Despite the absence of a regulatory authority overseeing personal information in Puerto Rico’s private sector, the persistent risks of unauthorized use, transfer, or disclosure of personal data, coupled with increased public and governmental scrutiny, drive many local and multinational businesses to seek our expertise. Our data privacy, cybersecurity, and information management team assists companies in implementing robust privacy and security measures, ensuring compliance with relevant regulations, and safeguarding their competitive edge.

At ADSUAR, our data privacy, cybersecurity, and information management team is committed to offering actionable advice and tailored solutions that help clients manage their information effectively while achieving their business objectives. Understanding the critical value of data, we focus on mitigating risks associated with data collection and processing, ensuring that our privacy solutions are not only robust but also cost-effective and aligned with each client’s financial considerations.

ADSUAR’s Data Privacy & Cybersecurity practice is expertly equipped to guide companies through the complexities of privacy law and regulatory compliance. Our team of skilled attorneys brings a deep, nuanced understanding of contemporary privacy challenges to ensure robust adherence to legal requirements. Leveraging the expertise of our distinguished attorneys across the firm’s other prominent practice areas, especially Labor and Employment and Corporate law, we provide comprehensive, integrated solutions that address the multifaceted nature of data privacy and cybersecurity.

Our Clients

In recent years ADSUAR’s Data Privacy & Cybersecurity team has successfully counselled an impressive roster of clients comprising the likes of Liberty Mutual Insurance Company, TOUS, Grupo Novus, Allegion PLC, Philips Medical Systems, Toyota Credit de Puerto Rico and Infotech Aerospace Services, among others. We have addressed multiple privacy issues related to the scope and extent of sharing personally identifiable information for commercial purposes, data collection and management practices of employee data, security breach regulations, the implementation of e-contracting procedures, negotiation of vendor contracts for information use; and business associate agreements.

Areas of Expertise:

Our Data Privacy & Cybersecurity practice group at ADSUAR offers comprehensive advice and support in the following areas:

1. Compliance with Privacy Laws: Advising on and ensuring compliance with federal and state privacy regulations across various sectors, including financial, health, consumer, educational, and employment privacy. This includes guidance on key laws such as the Gramm-Leach-Bliley Act, HIPAA, Fair Credit Reporting Act, Fair and Accurate Credit Transactions Act, and CAN-SPAM Act.
2. GDPR Guidance: Providing expert advice on compliance with the General Data Protection Regulation (GDPR), including implementation strategies and ongoing compliance.
3. Privacy Policy Development: Crafting, developing, and implementing robust privacy policies and notices tailored to organizational needs.
4. Vendor Contracts: Drafting and negotiating contracts with vendors to ensure data protection and privacy standards are met.
5. Data Breach Management: Managing the process of reporting data security breaches to affected individuals and relevant government agencies.
6. Privacy Assessments and Audits: Conducting thorough privacy assessments and audits to evaluate an organization’s adherence to privacy policies, procedures, and information security due diligence.