Education clients benefit from our broad-based knowledge of data privacy and security laws and regulations, as well as data breach preparedness and response options that are organized, efficient, and effective, including drafting policies and procedures, training staff and implementing enterprise-wide privacy and security programs, and addressing investigations by the U.S. Office for Civil Rights and state attorneys general. Our lawyers understand data mapping and the development of enterprise-wide privacy and security plans, compliance with various privacy and security requirements, and industry-specific regulations. To help safeguard data against accidental or deliberate disclosure, we provide counsel on practices and policies that assist educational institutions in: 

• complying with the Family Education Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA); 
• implementing administrative, technical, and physical safeguards to protect paper and electronic data;
• developing website and mobile app privacy policies and terms and conditions of use; and 
• implementing social media policies, practices, and procedures.