Information Security

Information security requirements arise from an increasingly wide variety of sources, which include international, national, and state laws, industry rules, and contractual obligations. We assist clients in understanding the various information security requirements that apply to their businesses, and we work with them to synthesize these requirements into a comprehensive compliance program. We also maintain referral relationships with several cybersecurity consultants who can assist our clients with the technical aspects of their information security efforts.

Some of the sources of information security requirements we help our clients understand are:

• The HIPAA Security Rule
• The HITECH Act
• The Gramm-Leach-Bliley Safeguards Rule
• The Red Flags Rule
• The Payment Card Industry Data Security Standard
• The European Union’s General Data Protection Regulation (GDPR)
• The New York Department of Financial Services Cybersecurity Rule
• Contractually imposed cybersecurity obligations

For more on these topics and others that affect information security, sign up for our alerts.