Privacy and Information Security

Privacy and Information Security

Data privacy and information security is a key concern for anyone that operate in today’s business environment. Not only are threats to your privacy and information becoming more serious by the day, but there is also a web of laws and regulations that are applicable to privacy and security.  Appropriate safeguards of customer and employee data as well as of a business’ trade secrets and operations are of vital importance, yet navigating the legal terrain is challenging since the data privacy laws vary depending on the industry and the location of the data.

Oldham Law, PLLC regularly assists clients with formulating and implementing privacy policies and practices, including those required by the Gramm-Leach-Bliley Act, USA Patriot Act, Health Insurance Portability and Accountability Act (HIPAA), the Children’s Online Privacy Protection Act and the FTC’s Identity Theft Red Flag Rules.

We use a coordinated approach to risk assessments and the development of compliance solutions for our clients, drawing upon the broad experience of our  industry-specific knowledge.  We believe that being proactive with respect to privacy and data security compliance obligations, and incorporating privacy by design principles where possible, will assist our clients to be responsive to government regulators’ expectations and ahead of their competition in this escalated privacy environment.


We offer a full range of legal services customized to meet the unique business needs of each client. Our areas of practice include:

  • The development and formulation of website security and privacy statements and disclosures
  • Advertising and marketing issues, including those raised by targeted behavioral advertising
  • Issues concerning identity theft, including medical identity theft
  • Issues raised by federal computer security and trade secret statutes
  • Record retention policies and practices
  • Employment information confidentiality
  • Education information privacy
  • Reviewing and drafting third party service provider confidentiality agreements
  • HIPAA compliant business associate agreements and data use agreements
  • HIPAA privacy and security policies and procedures

For clients who have multinational operations, whether as an online retailer, app provider, or due to the operation of physical facilities in other countries, we regularly provide assistance with international data privacy and security issues. We assist clients with their compliance obligations under the EU General Data Protection Regulation (GDPR), the Canadian Anti-Spam Law (CASL), among others.

Contact Our Privacy and Information Security Team

For more information about how we can assist you with a particular matter,  contact Oldham Law, PLLC.

Schedule a Free Consultation


We are pleased to provide free consultations to help you determine if we are the right law firm for your situation. The consultation is confidential and absolutely free of any charge.