Trust the Experience of The Granade Law Firm.

The Granade Law Firm, LLC provides legal advice regarding privacy and security law compliance to its corporate and institutional clients. Our firm has significant experience assisting clients with questions regarding federal, state and international privacy laws, including but not limited to:

  • The Administrative Simplification Provisions of the Health Insurance Portability and Accountability Act  of 1996 (HIPAA), and HIPAA’s Privacy, Security and Enforcement Regulations
  • The Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH)
  • State and Federal Data Breach Laws
  • State Privacy and Security Statutes and Regulations
  • Fair and Accurate Credit Transactions Act of 2003 (FACTA) “Red Flag” rules
  • Gramm-Leach-Bliley Act (GLBA)

We also advise clients regarding the privacy and security standards used in the health care industry, including the National Institute of Standards and Technology (NIST) guidelines.

Our Clients’ Reputations Are Very Important To Us.

We assist clients that have experienced a data breach due to a theft or intentional intrusion (e.g., stolen laptops, hackers) or an accident (e.g., natural disasters, lost backup tapes). Importantly, data breach laws typically have strict response times during which the impacted organization must mitigate potential harm that may arise from the breach, and must notify impacted individuals promptly. Most data breach laws have other requirements as well. We work quickly and efficiently to help our clients respond to such incidents. For example:

Nationally recognized non-profit organization asked for assistance following the theft of an unencrypted credit card transaction server containing more than 60,000 names and credit card numbers of individuals from around the world – but no addresses.  The project involved the analysis of data breach notification laws throughout the United States, as well as similar laws in other countries.  For those states in which notification was required, our attorneys prepared legal notices to be placed in statewide media outlets and prepared identify theft “Frequently Asked Questions” to post on the client’s website.  We helped the client comply with state self-reporting requirements, laws which require companies that have experienced a data breach to notify state Attorneys General, State Consumer Affairs Offices and/or credit reporting agencies. The client also received risk assessment and management advice on a going forward basis in an effort to reduce the likelihood of future data breaches.

Defending Our Clients

Our firm has significant experience defending clients that are, or expect to be, under investigation by federal and/or state government agencies. We frequently assist clients to respond to investigations instigated by the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR). The Granade Law Firm can assist you and your company with your privacy and security law needs.