DLA Piper's Data Protection, Privacy and Security practice enhances its legal skills with the addition of highly experienced certified risk, privacy, security and cybersecurity professionals, among them Ron Plesco and Erik Harssema, formerly of one of the largest Big 4 privacy and data protection advisory practices, who provide consultancy services to our global clients. Advising on practical implementation of legal advice; structuring privacy programs and related control environments; benchmarking; best practice identification; and cybersecurity risk mitigation, the consultants work with our highly ranked privacy and breach response lawyers as a single, integrated privacy team to provide a joint and comprehensive legal and consulting approach to data risk, privacy, cyber and security projects. This approach is a significant differentiator from other large firms, and it has been recognized by notable rankings entities, including BTI Consulting Group, which recently placed the DLA Piper Cybersecurity practice among the Top 7 cybersecurity law firm practices in the United States.
DLA Piper consultants have years of practical experience and maintain a wide variety of relevant certifications. Their ranks include Certified Information Security Professionals (CISSPs); Certified Information Privacy Professionals (CIPPs); and Certified Information Systems Auditors (CISAs). Our experienced consultants are on the front lines of assessing, developing and implementing innovative data risk, privacy and security solutions for some of the world's largest and most geographically diverse companies. We are thought leaders in the field and frequently appear on panels and contribute to industry publications. Our consultants are actively involved in the International Association of Privacy Professionals (IAPP), International Information System Security Certification Consortium (ISC2), and other professional certifying bodies that carry continuing education requirements.
Comprehensive Legal and Consulting Services
DLA Piper's Data Protection, Privacy and Security team covers the full cybersecurity service delivery lifecycle
- compliance and operational risk assessments and identification
- program, policy and operational design
- compliance solution testing and implementation and
- training program development.
We bring sector-specific, globally focused data privacy and protection experience in such areas as compliance and control assessment, cross-border data transfer enablement, incident response and vendor management.
We have developed an agile and repeatable approach to deliver data privacy and security transformation projects. This methodology has been used for more than a decade and has continued to evolve and respond to changes in the market such as agile development methodologies and the rise of cloud based architecture models, among others.
Our consultants advise clients on, among other things:
- data mapping exercises, gap assessment and remediation
- the practical adoption of our firm's legal advice
- benchmarking and industry best practice identification
- incident preparedness
- incident response planning
- the structuring of privacy and compliance programs
- cybersecurity risk mitigation and
- training program development.
Some of our solutions include:
- Project management tools and techniques
- Regulatory and legislative monitoring tools
- Matter management technology solutions
- Privacy assessment and scoring tools
- Customized training programs
- Client communications and continuing education programs
The Rare Benefit of Program Development Under Privilege
DLA Piper has developed a program delivery approach that focuses on putting in place critical protections from moment one. This approach includes protections companies often overlook in the development and implementation of their programs – not least, building in measures to preserve attorney-client privilege (such as for third-party forensics). We offer a single, integrated delivery team of lawyers and consultants that maximizes attorney-client privilege while providing both legal and operational insights.