Husch Blackwell’s Data Privacy, Security & Breach Response Group is an interdisciplinary team of experienced industry lawyers, technologists, and Certified Information Privacy Professionals with a broad view of information compliance, risk, and value. We provide insight and practical solutions for Privacy, Data Security, and Information Management, enabling you to quickly achieve firmer control over your information, while also making meaningful progress toward your long-term objectives.


Confidential information is a key factor in building competitive advantage in the marketplace. But the possession of private data raises a host of legal issues. Any business that collects, uses or distributes confidential information is subject to an increasing array of laws that regulate notice, choice, consent, access and permissible use.

Our Privacy Team has a broad perspective on the privacy legal landscape. We work with companies across a wide range of industries to review and implement practices and policies for privacy compliance in business activities.


Cybertheft, cyberextortion, mobile device loss, misappropriation of confidential business information, unauthorized disclosures of protected information… it’s a perilous world for your organization’s data. And not only large organizations are at risk. Hackers are increasingly targeting mid-sized organizations, often as service provider gateways to their business partners’ critical business data and customer and employee information.

The data security regulatory environment is layered and complicated, with requirements for security programs and incident response under a host of laws and standards, including GLBA, FCRA/FACTA, HIPAA/HITECH, state information security and breach notification laws, FTC enforcement precedents, the PCI Data Security Standards, the ISO 27000 series, and the NIST Cybersecurity Framework, among others.

Our Data Security Team helps clients across a wide range of industries with security risk assessments, security policies and controls consulting, service provider contracting, breach response, cyber insurance coverage, and breach response readiness.


Organizations are awash in a sea of information. Waves of email and unstructured data pile upon storage systems, uncontrolled paper repositories are dark pools of expense and risk, and employees struggle to find the information they seek for the tasks at hand. Companies need practical, reliable means to identify and retain their valuable information, defensibly dispose of unnecessary information, and preserve information required for investigations and litigation.

Our Information Management Team helps companies across industries gain greater control over their information. We work with clients to create and maintain compliant retention scheduling, and we validate schedules against federal and 50 state legal retention requirements. We also guide clients on implementation, gaining traction on reaching concrete, measurable objectives for controlling email and unstructured data; managing active and off-site paper records; remediating legacy troves of data or paper; and integrating the retention schedule and information asset mapping into legal hold processes in advance of litigation.