Login

Privacy & Data Security

Policies & Operational Compliance

Overview

We work closely with telecommunications providers, online platforms, and technology companies to develop robust privacy and security policies and ensure operational compliance with relevant laws and industry standards.

We guide clients in understanding their obligations under various privacy and security regulations, such as GDPR and CCPA, and provide strategic advice on implementing best practices to protect sensitive data and minimize risks. Our team offers expert counsel on data governance, incident response planning, and risk management, helping clients establish strong privacy and security programs tailored to their unique business needs.

We provide customized solutions to help clients build customer trust, maintain regulatory compliance, and reduce the risk of costly data breaches and enforcement actions. Our comprehensive services include privacy policy development, drafting and reviewing policies and procedures, creating privacy and data security programs, and conducting employee training on privacy, data security, and business practices.

Our attorneys also have extensive experience reviewing website, cloud, and SaaS terms of service, ensuring that these legal agreements adequately protect our clients’ interests. By having clear terms and conditions and binding consent mechanisms on websites, such as click-to-agree plugins, we help reduce the risk of legal disputes between providers and customers or website visitors.

Full Spectrum Services

  • Development and implementation of privacy and data security policies and procedures;
  • Assessments of privacy and security requirements to ensure compliance with CPNI, TCPA, GLBA, FCRA, CAN-SPAM, COPPA, FTC Fair Information Practices Principles and others;
  • Assistance with data privacy impact assessments and data mapping exercises;
  • Response to law enforcement inquiries (wiretap and communications records);
  • Development of incident response plans and data breach notification procedures;
  • Support for privacy and security risk assessments and gap analyses;
  • Guidance on vendor management and third-party risk assessments;
  • Assistance with privacy and security contract negotiations, including data processing agreements and business associate agreements;
  • Representation in regulatory investigations and enforcement actions related to privacy and data security;
  • Support for privacy and security certifications, such as ISO 27001 and SOC 2;
  • Counsel on Red Flags Rules and industry standards, such as PCI DSS, and mandatory and voluntary compliance plans for the Fair Debt Collection Practices Act (FDCPA), TCPA, CAN-SPAM, and the FCC’s CPNI rules

Attorneys

View All

Jonathan Marashlian

Managing Partner

Learn More

Michael Donahue

Partner

Learn More

Allison Rule

Partner

Learn More

Sign Up To Receive Our Advisories and Compliance Alerts
Marashlian & Donahue, The CommLaw Group

1430 Spring Hill Road, Suite 310
Tysons, Virginia 22102
(703) 714-1300

Linkedin-in Envelope
Important Links
News

Implications of the Supreme Court’s Grant of Certiorari in the Consumers Research v. FCC Case Challenging the Constitutionality of the USF and the “Mootness Doctrine” Issue

FCC Proposes $734,872 Fine Against RF Equipment Supplier for Violating Rule Requiring Companies to Designate an Agent for Service Located in the United States

Signals from U.S. Supreme Court in Wisconsin Bell v. Heath Suggest E-Rate Program Will Be Protected By False Claims Act Regardless of Structural Challenges to the USF

FTC’s “Click to Cancel” Rule Set to Go into Effect on January 14, 2025, With Compliance Required by May 14, 2025; Legal and Political Challenges Loom Over the Rule’s Future

Resources
Proud Member of:
Cloud Communications Alliance

Copyright 2024 Marashlian & Donahue, PLLC | Disclaimers | Privacy Policy | Terms and Conditions