Data breach and Security Incidents

Expertise

Bird & Bird has unrivalled expertise in data breach and security incidents. We have acted on many front-page data breaches, assisting with immediate follow-up, breach notification requirements and late regulatory investigations. We have also assisted clients on a pre-emptive basis, developing global data breach policies and procedures.

We have an in-depth knowledge in: (i) general data breach notification requirements; (ii) sectorial obligations (e.g. obligation on providers of public electronic communications services); (iii) duties provided by industry standards (e.g. PCI DSS); and (iv) general local security obligation (e.g. French critical infrastructure providers).

Why Bird & Bird?

As soon as an organisation has reason to believe that an incident might have occurred, Bird & Bird can immediately help with:

• Sorting out the legal implications of the incident: Whether there are breach notification requirements, liability considerations, PCI obligations, criminal investigation, our experts are here to help.

• Offering legal privilege over all incident related communication with the company: Involving Bird & Bird is the best way to offer legal privilege over all the communications relating to the incident regardless of the countries in scope.

• Providing a secure archiving and sharing platform: We provide a centralised depository and/or secure client online platform where all communications and documents relating to the incident can be accessed and shared. This is especially useful if multiple people and different third party providers are involved in resolving the issue.

• Accessing forensic experts with whom we have standard T&Cs in place: We have a pre-established relationship with forensic providers ready to help in case of an incident. This may be particularly useful if the company faces limited internal resources. Our established relationships help us and our clients to reduce start-up time and organizational tasks, so that we can concentrate immediately on the causes or suspicions around the incident.

Our incident response team

Our team includes lawyers that are experts in a wide spectrum of issues facing a company at such a critical time. This goes from data protection law considerations to law enforcement expertise. We have dedicated lawyers in each jurisdiction. Do reach out if you have questions or would like to know how we can help.