​​​​​​​​​​​​​​​​​ THE BOURNE FIRM

​​​​​​​​​​​​​​Experienced on-demand general counsel for small to mid-sized companies not yet ready for full-time general counsel. 

​​
Contact  : jon@thebournefirm.com  (  303.765.2436
© 2022-2024 THE BOURNE FIRM LLC. All rights reserved.






The following are examples of THE BOURNE FIRM's experience with respect to privacy and security and how that experience could benefit you:

  

  • Counseled concerning a plethora of privacy requirements, including under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), Gramm-Leach-Bliley Act, the Federal Information Security Management Act and numerous state privacy laws.
  • Advised regarding a full range of security issues, including penetration testing, physical security such as alarm systems, security provisions in services agreements and HIPAA business associate addenda.
  • Chaired corporate governance committees responsible for evaluating and managing risks, delivering strategic and tactical direction for governance programs and overseeing common-sense implementation of governance initiatives, including with respect to privacy and security.
  • Reviewed and advised regarding security policy and procedures and policy for responsible use of information.
  • Reviewed and revised draft section of employee handbook pertaining to privacy and security.
  • Extensively analyzed people, process and strategy with respect to the company’s privacy and security compliance, critical and material risks and action plan for addressing those risks.
  • Executed all functions of privacy officer with overall responsibility for every aspect of privacy compliance.
  • Drafted, refined and finalized privacy policy with respect to privacy of healthcare and other information in accordance with requirements of federal law and other applicable law.
  • Developed and implemented refined approach to initiating, conducting and managing privacy and security investigations, directing outside counsel when necessary and developing investigation strategy based on business process improvement, solutions-focused fees and clear accountability, including litigation hold notices for non-destruction of potentially relevant information and corporate governance.      
  • Advised extensively regarding privacy and security incidents, including counseling with respect to security breach notification laws and contractual requirements pertinent to incidents.
  • Was instrumental in completion of internal investigations relating to security incidents.
  • Drafted and delivered notices of security breach in accordance with applicable law.
  • Collaborated with U.S. Secret Service and Federal Bureau of Investigations in investigation of criminal theft of personally identifiable information, including assisting with evidence necessary for conviction and sentencing.
  • Reviewed, analyzed and advised regarding letter resulting from investigation that summarized the action a company would take to prevent future accidental releases of protected health information.
  • Reviewed, analyzed and advised with respect to insurance for security breach incidents.
  • Advised concerning key issues relating to proposed transmittal of protected health information by electronic mail.
  • Reviewed and advised concerning requirements for recording of calls.
  • Advised regarding use of electronic recording devices to control loss of products.
  • Reviewed and advised regarding policies relating to payment card industry security standards compliance.
  • Analyzed and advised regarding privacy requirements for use of customer data.
  • Drafted consent and release for use of photographs of employees in national publications.
  • Advised regarding release of tax identification numbers of vendors to service provider in connection with implementation of vendor management system.
PRIVACY AND SECURITY.
Experience.
THE BOURNE FIRM.