With the global surge in digital technologies, the amount and value of data have exploded. Social media, mobile devices, geo-location tracking and cloud-based technologies are only a few of the ways that data is being collected and shared. At the same time, a growing patchwork of laws and regulations restrict the way data assets can be used and require that organizations implement compliance programs that prioritize data privacy and security. Understanding this ever-changing landscape is critical for companies to maximize the benefits of critical data assets, without running afoul of the applicable regulatory scheme.

Read More

Lawyers in our Data Privacy practice use a multi-disciplinary approach to provide tailored and strategic data counsel for businesses in all industries. Our expertise merges cyber security, regulatory compliance, technology law and licensing, commercial contracting and dispute management, yielding our unique ability to advise clients on all aspects of data management and commercialization. Additionally, our team understands the difficulties that come with operationalizing data compliance and we have significant experience with implementing cost-effective solutions. For firsthand data breach experience of our clients' perspectives, view our DATA BREACH STRATEGIES. 

Our Work

Our data and privacy attorneys provide strategic counsel in areas such as regulatory compliance, developing and implementing policies and procedures, preparing for data incidents and data breach response, cyber security investigations, privacy and data security disputes, risk management and corporate transactions that involve data transfer. We handle cutting-edge collaborations and strategic alliances involving the license and exchange of identifiable and de-identified data assets and analytics applications. As businesses increasingly move into digitized markets, we provide counsel for online business models involving issues such as geo-location and mobile device tracking.

Because our team members having served as the Interim Associate Compliance Officer and Director of Privacy of an academic medical center in North Carolina, when data privacy or security issues arise, we offer a unique business perspective that blends awareness of the intricacies of relevant laws with a pragmatic, businesses-focused approach.

Our Clients

We advise a wide range of local, regional, national and international clients in industries such as:

  • Health Care
  • Software, data and cloud computing services
  • Internet and e-commerce
  • Marketing and advertising
  • Life sciences and pharmaceutical services
  • Social media and communications
  • Financial services
  • Manufacturers and retailers

Our Expertise

Our multi-disciplinary team of lawyers possess a thorough understanding of the substantive areas that typically underlie such issues, including data privacy and security, regulatory compliance, data breach response, intellectual property & licensing; technology; health care; employment, labor & human resources; corporate and securities; and litigation. We leverage our expertise to provide practical, effective, tailored  advice on data privacy requirements, including the HIPAA, GDPR, ; Gramm-Leach-Bliley ; data localization and data transfer laws, marketing laws; the Children’s Online Privacy Protection Act (COPPA); mobile device and tracking laws; the Fair Credit Reporting Act (FCRA); and the Fair and Accurate Credit Transaction Act (FACTA), as well as information security requirements in the HIPAA Security Rule; the Gramm-Leach-Bliley Safeguards Rule; the Payment Card Industry Data Security Standard; state security laws; corporate governance legislation and regulations; and unfair business practices law (FTC Act, Section 5).

View Less



  • Assist with data breach investigation and response
  • Advise on de-identifying data assets
  • Provide best practices and policies for compliance with data-related laws and regulations
  • Prepare terms of use and privacy statements for websites and mobile apps
  • Provide data-driven business model analysis and strategy
  • Address employee privacy issues and employee nondisclosure obligations for confidential and proprietary information
  • Review and manage claims under cyber insurance policies

Commercial Transactions

  • Strategic collaborations involving licensing of data and databases, and the creation of data mining and analytics tools
  • Creation and licensing of digital content
  • Addressing privacy, security and data transfer and protection issues in mergers, acquisitions and other corporate transactions
  • Outsourcing and procurement of technology and complex services, including data hosting and processing
  • Structuring and contracting for health information exchange


  • Trade secret theft
  • Commercial business to business contract disputes
  • Risk management of data and security breach scenarios
  • Prosecuting and defending claims stemming from data and security breaches




Publications & Alerts

Events & Programming

Jump to Page

This website uses cookies to enhance your browsing experience and improve functionality. To learn more, you may view our Privacy Policy. By continuing to browse Smith Anderson's website, you are accepting our use of cookies in accordance with our privacy policy.