Life Sciences Privacy & Cybersecurity




Life sciences organizations are highly vulnerable to privacy and cybersecurity attacks. The disruption caused by data breaches can wreak havoc on an organization and lead to legal issues that can jeopardize everything. One of the most significant threats in recent years is ransomware -- a form of cyber-attack that encrypts (or locks) data until the owner pays a ransom to the attackers. Once encrypted, that data – whether it is emails, accounting information, marketing or research information – is unavailable to the organization, often severely disrupting operations. The prevalence of these attacks in the life sciences sector shows that organizations of all sizes and types must be vigilant.

In this ever-changing data security and cyber landscape, we guide covered entity and business clients in all aspects of compliance by:

  • Creating effective governance programs;
  • Implementing comprehensive compliance policies and procedures;
  • Analyzing and investigating alleged security breaches;
  • Conducting risk assessments and training programs;
  • Negotiating commercial agreements and assisting with vendor management; and
  • Drafting customized documents tailored to our clients’ business needs and technologies.

We have experience with the Office of Civil Rights (OCR) in resolving breach investigations favorably for clients. We handle breach notification risk assessments, including addressing state data breach laws and requirements, many of which have stringent notification requirements that must be taken into consideration. We also conduct breach investigations for clients across the country, engaging computer forensic experts and overseeing the conduct of their analyses, when required.