Kelley Drye’s attorneys have worked extensively with clients to ensure that they are prepared for the new Regulation. We offer a unique regulatory perspective developed from years of advising companies across many industries on data privacy and protection, marketing, and cybersecurity matters. This broader cross-disciplinary approach facilitates our ability to offer strategies and solutions that meaningfully address compliance objectives while remaining practical.
We also work closely with clients to perform data mapping across the enterprise to efficiently identify the data collection practices for customer and employee data, including how that data is managed, stored, and transferred within and outside the organization, and throughout the data lifecycle. We use this information to conduct a gap analysis and to develop a prioritized, risk-based plan for addressing obligations. We also assist clients in performing privacy impact assessments and related compliance audits and due diligence reviews. In short, we work with our clients to help design, right-size, and update their GDPR programs so that they are reflective of the latest guidance and industry benchmarks.
Our experience also includes preparing GDPR-oriented policies and procedures, negotiating GDPR contract materials, and handling all aspects of security incident response.
Our clients also appreciate our support and advice in determining whether a regional or global approach to privacy and data protection is optimal, given the nature of their data practices.
Our relevant clients include retailers, publishers, technology providers and platforms, software developers, financial service companies, cloud providers, entertainment companies, among other industries.