Data Privacy and Cybersecurity Litigation


As our world becomes more and more digital and dependent on information technology, businesses throughout the world are encountering data protection and cybersecurity incidents at an astonishing rate and must spend valuable time and resources to anticipate and prevent them—and if they aren’t, they should be. To help clients stay ahead of this increasing business risk, Robinson+Cole’s Data Privacy + Cybersecurity Team works with clients in mapping high risk data, implementing safeguards, compliance with rapidly changing data privacy and security laws, developing and implementing incident response plans, data breach notification, and educating employees on protecting company information. Our lawyers are skilled in helping clients avoid and mitigate cyber intrusions, including malware, ransomware, phishing attacks, insider threats and social media risk. When litigation is necessary, however, we readily advocate for our clients, and we defend them in litigation resulting from alleged privacy violations, data breach class actions and government investigations. If a data breach or privacy issue results in litigation or an enforcement action, we work with clients to resolve the matter through the court system or before federal or state regulatory agencies. We represent companies in privacy litigation matters involving unauthorized access, use or disclosure of personally identifiable, health, or financial information, and in litigation around violations of security measures to protect the data.

Our Services and Our Team

Because data privacy and cybersecurity issues cut across all business enterprises, our Data Privacy + Cybersecurity Team collaborates with lawyers from all of the firm’s practice areas to match the right resources to each client’s unique situation. Our clients include businesses in all industries, including the following:

  • utilities and energy companies
  • manufacturing companies
  • wireless telecommunications service providers
  • tax-exempt organizations
  • health care providers
  • hospitals and multi-specialty groups
  • patient portal vendors
  • health information exchanges
  • catalogue and direct marketing companies
  • companies with a significant offline database of customer information
  • software companies
  • start-up companies
  • companies providing remote monitoring of equipment
  • companies providing cybersecurity and forensic services

Our lawyers are adept in interpreting the minutiae of these federal and state data privacy and security rules and regulations:

  • Blockchain Technology
  • California Online Privacy Protection Act (CalOPPA) and Do-Not-Track laws
  • Children's Online Privacy Protection Act (COPPA)
  • Fair Credit Reporting Act (FCRA)
  • Family Educational Rights and Privacy Act (FERPA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act ( HIPAA)
  • Federal Trade Commission Act (FTC Act)
  • FTC's Telemarketing Sales Rule (TSR)
  • General Data Protection Regulation
  • New York Department of Financial Services Cybersecurity requirements
  • state Written Information Security Plan (WISP) requirements
  • state laws, including workplace privacy statutes, antispam statutes, attorney general enforcement actions, and other privacy protection statutes and trends
  • Telephone Consumer Protection Act (TCPA)
  • Video Privacy Protection Act (VPPA)
  • Virtual Currency regulations

Our  Data Privacy + Cybersecurity Team chair, Linn Freedman, is a former Assistant Attorney General and Deputy Chief of the Department of Attorney General for the State of Rhode Island who regularly works with the attorney generals of multiple states around compliance and enforcement actions involving data breaches and data security, and is recognized by Chambers as a leader nationally in the field of Privacy Law. 

Our team has deep experience with HIPAA enforcement actions with the Department of Health and Human Services Office for Civil Rights. 

Additionally, our team members regularly contribute to the Data Privacy + Security Insider  blog at and have received Readers' Choice awards by JD Supra.

For more information on Robinson+Cole’s Data Privacy + Cybersecurity Team, click here.

    • Experience
      • Representation of a large hospital system in a data breach class action lawsuit, which was dismissed on summary judgment. 

      • Successfully defended numerous health care entities in investigations of alleged HIPAA violations by the Office for Civil Rights, resulting in dismissal or are still pending.

      • Defended a health care entity in the alleged wrongful disclosure of information to an employer, which was dismissed.

      • Defended hotel chain in TCPA litigation.

    • News
      • July 20, 2023

        Robinson+Cole Welcomes Former DOJ Trial Attorney, Sean C. Griffin, as a Partner in its Growing Washington, DC Office

        • » more info
        • View article
      • August 20, 2020

        61 Robinson+Cole Lawyers Listed in The Best Lawyers in America© 2021

        • » more info
        • View article

Our Team