Overview

Overview

O’Hagan Meyer’s Data Privacy & Cybersecurity team helps organizations prevent, manage, and resolve cyber incidents and privacy risks with practical counseling, coordinated response, and experienced defense in investigations and litigation nationwide.

Our lawyers advise companies across industries on building and maintaining effective privacy and security programs tailored to their operations. We conduct early risk assessments, identify vulnerabilities, and develop policies, procedures, and governance frameworks designed to mitigate risk and ensure compliance. This includes data mapping and classification, vendor and third-party risk management, and comprehensive employee training and awareness programs. We also assist clients in preparing incident response plans and conducting cybersecurity simulations and tabletop exercises to test readiness and improve real-time response capabilities.

We guide clients on compliance with federal and state laws and consumer protection statutes, including:

  • Fair Credit Reporting Act (FCRA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Fair and Accurate Credit Transactions Act (FACTA)
  • CAN-SPAM Act, Telephone Consumer Protection Act (TCPA)
  • Children’s Online Privacy Protection Act (COPPA)
  • Electronic Communications Privacy Act (ECPA)
  • Stored Communications Act (SCA)
  • Section 5 of the Federal Trade Commission Act

We also advise on applicable international privacy frameworks, including Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and European Union data protection directives and related requirements.

When an incident occurs, we respond swiftly and decisively. O’Hagan Meyer serves as breach counsel and first responder, operating a 24/7 cyber hotline and leading coordinated response efforts from initial detection through containment and recovery. We perform early incident assessments to determine scope, legal obligations, and potential exposure, and we guide clients through all phases of crisis management.

We assemble and direct multidisciplinary teams that include forensic IT specialists, crisis management and public relations professionals, forensic accountants, and notification and credit monitoring providers. We guide clients through containment, investigation, and remediation—assessing the scope of the incident, determining notification and post-incident obligations, and managing communications with affected individuals, regulators, and other stakeholders. Following an incident, we conduct post-breach assessments, develop corrective action plans, and advise on improvements to reduce future risk and strengthen operational resilience.

Our experience spans ransomware attacks, network intrusions, business email compromise, fraudulent funds transfers, and inadvertent disclosures, with a focus on minimizing disruption and enabling business continuity.

Cyber incidents frequently lead to regulatory scrutiny and litigation. We represent clients in investigations and enforcement actions involving state attorneys general and federal agencies, including the Federal Trade Commission (FTC), Department of Health and Human Services (HHS), Office for Civil Rights (OCR), and Federal Deposit Insurance Corporation (FDIC). Our team defends class actions and commercial litigation arising from data breaches, privacy violations, biometric privacy claims, and data tracking practices in state and federal courts nationwide, as well as in arbitration and mediation.

O’Hagan Meyer also serves as incident response coordination and monitoring counsel for domestic and London-based cyber insurers and their policyholders. We manage claim intake and triage, assemble response teams in real time, advise on coverage-related issues, and resolve coverage disputes through mediation, arbitration, and litigation.

Throughout the incident lifecycle—before, during, and after an event—we deliver clear, practical guidance that helps clients move efficiently from incident to resolution.

News & Insights

Jump to Page

O'Hagan Meyer Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek