Every business manages personal information. Businesses may directly or indirectly collect personal information from prospective or existing customers. Businesses may also disclose personal information to third parties including service providers, affiliates, and business partners. Legal risks arise when businesses collect, use, and disclose personal information. Sims & Sims Law routinely assists organizations address and mitigate these potential risks by providing consulting services and assistance with the creation of privacy notices, agreements, and statements.
Consulting
- “Privacy by design” advice for new products and services
- Data Privacy Impact Assessments
- Transfer Impact Assessments
- Cookie notices
- Data Retention
- Risk mitigation
- Collection and Use of electronic data
- Digital Advertising
- Assisting clients on all aspects of privacy compliance related to relevant laws, including:
State Privacy Laws
- California- CCPA/CPRA
- Colorado-Colorado Privacy Act (CPA)
- Connecticut-Connecticut Data Privacy Act (CDPA)
- Indiana-Indiana Consumer Data Protection Act (ICDPA)
- Iowa-Iowa Consumer Data Protection Act (ICDPA)
- Montana-Montana Consumer Data protection Act (MCDPA)
- Oregon-Oregon Consumer Privacy Act (OCPA)
- Tennessee- Tennessee Information Protection Act (TIPA)
- Texas – Texas Data Privacy and Security Act (TDSA)
- Utah- Utah Consumer Privacy Act (UCPA)
- Virginia- Virginia Consumer Data Protection Act (VCDPA)
Security Data Breach Notification Laws
Medical Privacy Laws
- HIPAA
- Health Information Technology for Economic and Clinical Health Act (HITECH)
- Confidentiality of Substance Use Disorder Patient Records Rule
- Genetic Information Nondiscrimination Act (GINA)
- Cures Act
Financial privacy Laws
- Fair Credit Reporting Act (FCRA)
- Fair and Accurate Credit Transactions Act (FACTA)
- Gramm-Leach-Bliley Act (GLBA)
- Dodd-Frank Wall Street Reform and Consumer Protection Act
Education Records and Technology Law
- Family Educational Rights and Privacy Act (FERPA)
Telecommunications and Marketing Laws
- Regulations Governing Telemarketing
- Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM)
- The Telecommunications Act
- The Cable Communications Privacy Act
- The Video Privacy Protection Act
Workplace Privacy Laws
- Americans with Disabilities Act (ADA)
- Civil Rights Act VII
International Privacy Laws
- GDPR
- EU AI Act
Technology Transactions: Privacy Agreements & Notice
- Privacy Policies and Notices
- Data Processing Agreements
- Business Associate Agreements
- Draft, review, negotiate contracts or specific provisions in contracts to address data security, data collection, and data sharing issues
Digital Privacy Clauses in Prenuptial Agreements