Litigation & Appeals

Privacy & Data Security

Our attorneys are trusted privacy and information security advisors and advocates. We maintain strong relationships with local law enforcement officials and data breach response vendors to better serve clients by offering proactive advice and quick response in the critical time following a data breach. Whether you are a company needing help or a professional advisor seeking local assistance, we are ready to assist you with your compliance, incident response, or litigation needs.

We understand and solve complex problems for service professionals, manufacturers, and contractors, as well as state and federally regulated health care providers, health plans, financial institutions, and retailers.

Stites & Harbison will:

  • Educate and provide practical solutions to strengthen data security plans and improve policies.

  • Review and draft vendor contracts, business associate agreements, terms of use and privacy policies, or transactional agreements involving data security.

  • Advise and respond to government investigations, including HIPAA and HITECH audits and regulatory compliance requirements.

  • Provide immediate advice when a data breach occurs to comply with state and federal data breach laws, investigate, and formulate effective strategies to mitigate damages.

  • Defend litigation arising from alleged privacy and security data breaches.

Members and associates actively participate in major professional organizations, including:

Certified Information Privacy Professional
  • American Bar Association

  • American Health Lawyers Association

  • Defense Research Institute

  • Mortgage Bankers Association of America

  • International Association of Privacy Professionals

Stites & Harbison attorneys work on a variety of privacy and security matters. Notable assignments include:

  • Successfully obtained summary judgment for a healthcare provider in Jefferson Circuit Court in a putative class action asserting claims for negligence, negligence per se, and invasion of privacy stemming from an alleged data breach disclosing patient information. Judgment was obtained prior to any class being certified.

  • Obtained summary judgment for defendant in putative class action asserting multiple claims arising from alleged data breach.

  • Investigated and advised an employer-sponsored health plan on breach reporting obligations following a cyber-attack involving malicious software.

  • Advised on a professional legal malpractice claim concerning a data breach.

  • Advised an online retail business in responding to and investigating a data breach, including working with various State’s Attorney General offices.

  • Assisted client in responding to Office for Civil Rights complaint investigations and desk audits arising from alleged HIPAA violations and data breach reports.

  • Worked with domestic financial institutions to recover client funds unlawfully transferred to foreign banks.

  • Advised client and collaborated with FBI and other law enforcement concerning theft of funds arising from multiple data breaches.

  • Advised employer in connection with employees’ confidential postings on social media.

  • Analyzed and identified HIPAA-regulated product offerings for a financial institution and worked with internal legal, compliance, and business teams in developing a comprehensive HIPAA compliance plan.

  • Represented a medical practice in a data breach investigation and notification to individuals following insider theft of social security numbers from patient medical records.

  • Performed an enterprise-wide data classification analysis for an organization regulated by numerous state and federal privacy laws; drafted vendor contract with requirements to safeguard information in compliance with applicable laws.

Privacy & Data Security Specialty Areas
Main Contacts
See more related to Privacy & Data Security
Client Alerts

“No Company is Safe” — White House Urges Private Sector to Act Now in Hardening Defenses Against Growing Ransomware Threats

Following the most recent slew of high-profile ransomware attacks, the White House deputy national security adviser for cyber and emerging technology, Anne Neuberger, issued an open letter to the private sector urging action to increase cyber defenses to match the nation’s increasing ransomware threat.

by Sarah Cronan Spurlock June 10, 2021
Presentations

U.S. Privacy and Data Security Developments - Where Do We Go From Here?

Stites & Harbison attorneys Sarah Cronan Spurlock and Mari-Elise Paul discuss U.S. Privacy Laws, FTC Enforcement and The Covid Effect in this Webinar presented by Mondaq.

by Sarah Cronan Spurlock and Mari-Elise Paul June 08, 2021
Client Alerts

CMS Has Begun to Enforce the Price Transparency Rule Against Hospitals

The Centers for Medicare & Medicaid Services (CMS) has recently begun to send warning letters to hospitals that are not in compliance with the recently effective price transparency rule. This warning comes on the heels of CMS’s audits of a sample of hospitals in January.

by Megan B. Barker May 26, 2021
Press Releases

Chambers USA Honors 22 Stites & Harbison Attorneys for 2021

LOUISVILLE, Ky.—Chambers USA selected 22 Stites & Harbison, PLLC attorneys in Kentucky and Tennessee for inclusion in their 2021 guide.

by Stites & Harbison, PLLC May 21, 2021
Events

U.S. Privacy and Data Security Developments - Where Do We Go From Here?

Date: 6/3/21
Time: 10:00 a.m. - 11:00 a.m.

Webinar

On June 3, 2021 at 10:00 EST, Mondaq will be hosting a webinar featuring Stites & Harbison attorneys, Sarah Cronan Spurlock and Mari-Elise Paul discussing U.S. privacy and data security developments.

Sarah Cronan Spurlock and Mari-Elise Paul May 14, 2021
Articles

Stites & Harbison Opens First Ohio Office In Cincinnati Area

Kentucky-based Stites & Harbison PLLC has expanded its operations to Ohio for the first time in nearly 200 years with a new office in the Cincinnati suburb of Mason, the firm announced Friday. Led by member Robin D. Miller, the Cincinnati-area office is currently operating with the help of attorneys from the nearby town of Covington, Kentucky, but the firm said it hopes to hire more Cincinnati full-timers by the end of 2021.

by Robin D. Miller April 23, 2021
Press Releases

Stites & Harbison Expands Footprint, Opens First Ohio Office

CINCINNATI—Stites & Harbison, PLLC announced today it has opened a Cincinnati, Ohio office to better meet the increased needs of its clients in the region. The office will be led by Member (Partner), Robin D. Miller.

by Stites & Harbison, PLLC April 23, 2021
Press Releases

Stites & Harbison Increases Rank on ABA Health Law Section’s Regional Top 10 List for 2020

LOUISVILLE, Ky.—The American Bar Association (ABA) Health Law Section has ranked Stites & Harbison, PLLC in 6th place in its Eighth Annual Regional Law Firm Recognition List for the South region for 2020.

by Stites & Harbison, PLLC April 14, 2021
Client Alerts

Refreshing Relief or Return of the Robocalls?

In a long-awaited decision, the United State Supreme Court issued a ruling in Facebook, Inc. v. Duguid, No. 19-511, on April 1, 2021, concluding that, to qualify as an autodialer under the Telephone Consumer Protection Act (“TCPA”), a device must have the capacity to use a random or sequential number generator to store or to produce phone numbers.

by Chadwick A. McTighe, Neal F. Bailen, and Jeffrey S. Moad April 02, 2021
Articles

Top Women in Business Spotlight: Marjorie Farris

The Lane Report takes a closer look at the women who are making a difference in Kentucky. Stites Chair and Louisville attorney Marjorie Farris is featured today.

by Marjorie A. Farris March 10, 2021
Press Releases

Chad McTighe Appointed Chair of Stites & Harbison’s Business Litigation Service Group

LOUISVILLE, Ky.—Stites & Harbison, PLLC is pleased to announce that attorney Chad McTighe has been appointed Chair of the firm’s Business Litigation Service Group. McTighe succeeds Phil Collier, who has served as the service group chair for 22 years. Both Collier and McTighe will continue their diverse legal practices in business litigation.

by Chadwick A. McTighe March 02, 2021
Client Alerts

Data Privacy Day: Scanning Data Privacy Issues for 2021

Every January 28, the United States, Canada, and 27 countries of the European Union celebrate Data Privacy Day, which is an international effort to create awareness about the importance of safeguarding data and respecting privacy.

by Mari-Elise Paul, Sarah Cronan Spurlock, and Alexandra MacKay January 29, 2021
Press Releases

Stites & Harbison Promotes Three Attorneys

LOUISVILLE, Ky.—Stites & Harbison, PLLC announced today that three attorneys have been promoted within the law firm effective January 2021.

by Stites & Harbison, PLLC January 04, 2021
Press Releases

Kentucky Super Lawyers Honors 41 Stites & Harbison Attorneys for 2021

LOUISVILLE, Ky.—The 2021 edition of Kentucky Super Lawyers recently honored 42 Stites & Harbison, PLLC attorneys in the Covington, Frankfort, Lexington and Louisville, Ky., offices.

by Stites & Harbison, PLLC December 21, 2020
Press Releases

Sarah Spurlock Named IADC Cyber Committee Chair

LOUISVILLE, Ky.—The International Association of Defense Counsel (IADC) has appointed Stites & Harbison, PLLC attorney Sarah Cronan Spurlock as Chair of its Cyber Security, Data Privacy and Technology Committee.

by Stites & Harbison, PLLC December 07, 2020
Articles

Legal Maneuvering: How the pandemic has forced Louisville law firms to rethink the workplace

The practice of law was already trending toward remote work when the coronavirus outbreak sent attorneys packing to their home offices in March, said Bob Connolly, chairman of Stites & Harbison PLLC in Louisville.

by Robert M. Connolly November 27, 2020
Press Releases

Marjorie Farris to Be First Woman to Lead Stites & Harbison Law Firm

LOUISVILLE, Ky.—Stites & Harbison, PLLC, announced today that Kentucky native Marjorie A. Farris will become the firm’s new Chair effective January 2021. She will be the first woman to lead the firm since its founding in 1832.

by Stites & Harbison, PLLC November 06, 2020
Client Alerts

Joint Agency Cyber Alert Warns of Imminent and Credible Ransomware Threat Against U.S. Health Care and Public Health Sectors

A joint cybersecurity advisory alert issued October 28, 2020, warns of an imminent cybercrime threat to the U.S. health care sector.

by Sarah Cronan Spurlock, Ian T. Ramsey, and Dustyn B. Jones November 02, 2020
Articles

Stites leader Robert Connolly on how his office manages the state of downtown

Robert Connolly, chairman of Stites & Harbison PLLC, had a godson who was living in the Chinese province of Wuhan as an English teacher in late 2019, before it was the epicenter the novel coronavirus pandemic.

by Robert M. Connolly October 13, 2020
Press Releases

Stites & Harbison, PLLC Lawyers Named to 2021 Best Lawyers® Publications

LOUISVILLE, Ky.—Stites & Harbison, PLLC is pleased to announce that 82 lawyers are included in the 2021 Edition of The Best Lawyers in America©.

by Stites & Harbison, PLLC August 20, 2020